A utility that can be used to mirror OpenShift releases between docker registries.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for crashvb from gravatar.com crashvb

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License v3 or later (GPLv3+) (GNU General Public License v3.0)
  • Author: Richard Davis
  • Tags integrity , mirror , oc , oc-mirror , openshift , sign , signatures , verify
Classifiers
Report project as malware

Project description

oc-mirror

pypi version build status coverage status python versions linting code style license

Overview

A utility that can be used to mirror OpenShift releases, Operator releases, and atomic signatures between docker registries.

Installation

From pypi.org

$ pip install oc_mirror

From source code

$ git clone https://github.com/crashvb/oc-mirror
$ cd oc-mirror
$ virtualenv env
$ source env/bin/activate
$ python -m pip install --editable .[dev]

Usage

Creating an atomic signature

Note: Currently, only WebDAV upload is supported.

  atomic \
    --signature-store https://my-webdav-server/ \
    sign \
    --keyid=my-magic-keyid \
    registry.redhat.io/redhat/redhat-operator-index:v4.8@sha256:6ddf56b65877a0d603fcc8f06bca7314f18816d5734c878094b7a1b5598ce251

Verifying an atomic signature

DRCA_CREDENTIALS_STORE=~/.docker/quay.io-pull-secret.json \
  atomic \
    --signature-store=https://mirror.openshift.com/pub/openshift-v4/signatures/openshift/release \
    --signature-type=manifest \
    verify \
    quay.io/openshift-release-dev/ocp-release:4.4.6-x86_64@sha256:7613d8f7db639147b91b16b54b24cfa351c3cbde6aa7b7bf1b9c80c260efad06

Mirroring an OpenShift release

DRCA_CREDENTIALS_STORE=~/.docker/quay.io-pull-secret.json \
oc-mirror \
  --signature-store=https://mirror.openshift.com/pub/openshift-v4/signatures/openshift/release \
  mirror \
  quay.io/openshift-release-dev/ocp-release:4.4.6-x86_64 \
  some-other-registry.com:5000/openshift-release-dev/ocp-release:4.4.6-x86_64

Mirroring an Operator release

DRCA_CREDENTIALS_STORE=~/.docker/quay.io-pull-secret.json \
op-mirror \
  --no-check-signatures \
  mirror \
  registry.redhat.io/redhat/redhat-operator-index:v4.8 \
  some-other-registry.com:5000/redhat/redhat-operator-index:v4.8 \
  compliance-operator:release-0.1 \
  local-storage-operator \
  ocs-operator

Environment Variables

Variable Default Value Description
ATOMIC_KEYID Identifier of the GnuPG key to use for signing.
ATOMIC_KEYPASS The corresponding key passphrase.
ATOMIC_SIGNATURE_STORE https://mirror.openshift.com/pub/openshift-v4/signatures/openshift/release Signature store location at which atomic signatures are (to be) located.
ATOMIC_SIGNATURE_TYPE iamge-config Whether atomic signature digest reference Manifests or Image Configurations.
ATOMIC_SIGNING_KEY Path to the GnuPG armored keys used to verify atomic signatures.
OCM_SIGNATURE_STORE use locations embedded in release metadata Signature store location at which atomic signatures are located.
OCM_SIGNING_KEY use keys embedded in release metadata Path to the GnuPG armored keys used to verify atomic signatures.
OPM_SIGNATURE_STORE https://mirror.openshift.com/pub/openshift-v4/signatures/openshift/release Signature store location at which atomic signatures are located.
OPM_SIGNING_KEY Path to the GnuPG armored keys used to verify atomic signatures.

Development

Source Control

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for crashvb from gravatar.com crashvb

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License v3 or later (GPLv3+) (GNU General Public License v3.0)
  • Author: Richard Davis
  • Tags integrity , mirror , oc , oc-mirror , openshift , sign , signatures , verify
Classifiers

Release history Release notifications | RSS feed

This version

0.1.7

0.1.6

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

oc_mirror-0.1.7.tar.gz (33.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

oc_mirror-0.1.7-py3-none-any.whl (63.2 kB view details)

Uploaded Python 3

File details

Details for the file oc_mirror-0.1.7.tar.gz.

File metadata

  • Download URL: oc_mirror-0.1.7.tar.gz
  • Upload date:
  • Size: 33.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.0 CPython/3.8.3

File hashes

Hashes for oc_mirror-0.1.7.tar.gz
Algorithm Hash digest
SHA256 403eea3fdcad3e93fb7289f0b526a6b4e5fe74a1d8c50f325257ff55d86f5a23
MD5 ea06c052aab63f4100f01daf24ceb8fa
BLAKE2b-256 7e3462011fc855f38886cb61308450994058fa1558131208442fa9c3b45f6e55

See more details on using hashes here.

File details

Details for the file oc_mirror-0.1.7-py3-none-any.whl.

File metadata

  • Download URL: oc_mirror-0.1.7-py3-none-any.whl
  • Upload date:
  • Size: 63.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.0 CPython/3.8.3

File hashes

Hashes for oc_mirror-0.1.7-py3-none-any.whl
Algorithm Hash digest
SHA256 bafbb5fc085e5cc50717e3ea16eb623d2162892289aa5c144f4d34a1fd50048b
MD5 6baf7b87308ab78accc764be0f498a24
BLAKE2b-256 d894ebd41da293196a5b2004a2ce8659a68e4540b61f71516b7aa56cc019a4b7

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page