r2-registry's Introduction

Docker image registry on Cloudflare R2 (No workers)

📖 About

This is a very simple Bash shell script that converts local Docker container images into the registry distribution format and structure. The tool then uploads that structure via rclone to your R2 bucket of choice. The end result is having a Docker registry compatible URL on R2.

Example URL: docker pull pub-6975b173047b49bf97e9146ff7808721.r2.dev/myapp:v1.0.0

Example URL with custom domain: docker pull images.sheldon.is/myapp:v1.0.0

💻 Demo

📕 Requirements

skopeo - Toolkit for container images
rclone - Upload container image structure to R2
jq - CLI utility for handling JSON data

⛔️ Limitations

Most notably, read-only access to images.

Jérome (who inspired this all-in-one script) goes over the other limitations of using a static-file-like-host such as R2 here.

⌨️ Usage

First, build your Docker image as you normally would.

cd myapp
docker build -t myapp .
docker tag myapp:latest myapp:v1.0.0

Next, install r2-registry:

git clone https://github.com/fieu/r2-registry
cd r2-registry
./generate.sh [image] [tag]

Now, setup your environment variables that are used by the script:

CLOUDFLARE_ACCOUNT_ID - Cloudflare account ID (found here)
R2_BUCKET - Name of R2 bucket to store image contents
R2_ACCESS_KEY_ID - R2 Access Key (info)
R2_SECRET_ACCESS_KEY - R2 Secret Access Key (info)
R2_DOMAIN - R2 custom domain (optional) (info)

🧪 Example

export CLOUDFLARE_ACCOUNT_ID=123456789
export R2_BUCKET=docker-images
export R2_ACCESS_KEY_ID=123
export R2_SECRET_ACCESS_KEY=123
export R2_DOMAIN=images.sheldon.is
./generate.sh myapp v1.0.0

🧬 Output

🎉 Try it out

Try and pull my image from my R2 bucket:

docker pull images.sheldon.is/myapp:v1.0.0

❓ Help

$ ./generate.sh
Usage: ./generate.sh <image> <tag>
	image (string)	 The name of the image to build
	tag (string)	 The tag of the image to build

✏️ Contributing

Contributions are welcome and will be fully credited.

I accept contributions within project scope via Pull Requests on GitHub.

👤 Credits

jpetazzo/registrish - Initial concept and code snippets

📝 License

r2-registry is open-sourced software licensed under the MIT License.

r2-registry's People

Contributors

Stargazers

Watchers

r2-registry's Issues

issue with pull

docker: Error response from daemon: unknown: InvalidArgumentInvalid Argument: Authorization.

Successfully uploaded docker image assets but fails to pull due to file accesibility

First of all, thanks for the great project on building private docker registry simplified and cost effective for individual developers; but one major problem I met after uploading image to the r2 buckets is returning an HTML page titled "You are not authorized to view this object" from Cloudflare after the GET operation by running docker pull. While I tried your example yet it seems to be working and I successfully managed to run your application, but when it comes to me the problem exists. I'm assuming there might be an issue with the CORS policy setting for the bucket to some degree while it automatically blocks access from unknown domains if AllowedOrigins field is not configured? Whereas I did set the allowed origins to * wildcard for authorizing access from all entry points, but it still doesn't seem to be working, I have tried to switch machines from my local devices to VMs but the same issue repeatedly occurs, below is my CORS configuration for the certain bucket storing my images edited on the policy tab of Cloudflare.

[
  {
    "AllowedOrigins": [
      "*"
    ],
    "AllowedMethods": [
      "GET",
      "POST"
    ],
    "AllowedHeaders": [
      "*"
    ],
    "ExposeHeaders": [
      "*"
    ]
  }
]

I have read the Cloudflare documentation on granting public access to bucket via custom domains, I initially believed the problem persists was due to the cache period for the CORs policy to take effect on the certain domain, but I've also tried binding other domains and it pulling images from still did not succeed and persisted returning 404 page, could you please share your CORS setting to make the bucket to work as a registry or there might be some issue with my own configs?

Recommend Projects

fieu / r2-registry Goto Github PK