From c17f6d9565ae6d8418f46dfaaadebba7c2bb2d5b Mon Sep 17 00:00:00 2001 From: Dominik Menke Date: Wed, 15 Mar 2023 19:31:32 +0100 Subject: [PATCH] Docker: migrate from hub.docker.com to ghcr.io Docker, Inc. has become hostile to OSS development. --- .github/Dockerfile.base | 2 +- .github/Dockerfile.release | 6 ++--- .github/workflows/base.yml | 7 +++--- .github/workflows/release.yml | 12 ++++++--- Dockerfile | 2 +- Makefile | 12 ++++----- README.md | 33 ++++++++++++++++--------- exec/docker_client_test.go | 6 ++--- testdata/integration/docker-compose.yml | 2 +- 9 files changed, 49 insertions(+), 33 deletions(-) diff --git a/.github/Dockerfile.base b/.github/Dockerfile.base index 4218265..932c1cf 100644 --- a/.github/Dockerfile.base +++ b/.github/Dockerfile.base @@ -2,7 +2,7 @@ FROM debian:bullseye-slim # This Dockerfile is used by GitHub Actions to build the -# digineode/texd:base image on a regular basis. +# ghcr.io/digineo/texd:base image on a regular basis. # # It leverages buildkit to generate an AMD64 and ARM64 image. # diff --git a/.github/Dockerfile.release b/.github/Dockerfile.release index a12a487..17ed9e8 100644 --- a/.github/Dockerfile.release +++ b/.github/Dockerfile.release @@ -4,9 +4,9 @@ ARG IS_RELEASE=0 FROM golang:${GO_VERSION}-bullseye as builder # This Dockerfile is used by GitHub Actions to build the -# digineode/texd:latest image whenever there is a commit pushed +# ghcr.io/digineo/texd:latest image whenever there is a commit pushed # to the master branch. For tagged commits, this also creates -# digineode/texd:vX and digineode/texd:vX.Y.Z. +# ghcr.io/digineo/texd:vX and ghcr.io/digineo/texd:vX.Y.Z. # # It leverages buildkit to generate an AMD64 and ARM64 image. # @@ -28,7 +28,7 @@ RUN <<-eot ./texd --version eot -FROM digineode/texd:base +FROM ghcr.io/digineo/texd:base COPY --from=builder /work/texd /bin/ diff --git a/.github/workflows/base.yml b/.github/workflows/base.yml index 33763a7..db3f8c0 100644 --- a/.github/workflows/base.yml +++ b/.github/workflows/base.yml @@ -24,8 +24,9 @@ jobs: - name: Login to Docker Hub uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - name: Checkout code uses: actions/checkout@v3 @@ -38,5 +39,5 @@ jobs: file: ./.github/Dockerfile.base platforms: linux/amd64,linux/arm64/v8 push: true - tags: digineode/texd:base + tags: ghcr.io/digineo/texd:base context: . diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 21c607b..4fc2521 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -43,16 +43,20 @@ jobs: docker: name: Build Docker images runs-on: ubuntu-latest + permissions: + contents: read + packages: write steps: - name: Checkout code uses: actions/checkout@v3 - - name: Login to Docker Hub + - name: Login to container registry uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - name: Setup QEMU uses: docker/setup-qemu-action@v2 @@ -66,7 +70,7 @@ jobs: uses: docker/metadata-action@v4 id: meta with: - images: digineode/texd + images: ghcr.io/digineo/texd tags: | type=semver,pattern=v{{version}} type=semver,pattern=v{{major}} diff --git a/Dockerfile b/Dockerfile index a18e9d7..dfac346 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM digineode/texd:base +FROM ghcr.io/digineo/texd:base COPY texd /bin/ diff --git a/Makefile b/Makefile index 13ecf33..fd40e93 100644 --- a/Makefile +++ b/Makefile @@ -50,7 +50,7 @@ run-local: tmp build ## builds and runs texd in local mode .PHONY: run-container run-container: tmp build ## builds and runs texd in container mode - ./$(TARGET) $(RUN_ARGS) $(EXTRA_RUN_ARGS) digineode/texd:base + ./$(TARGET) $(RUN_ARGS) $(EXTRA_RUN_ARGS) ghcr.io/digineo/texd:base .PHONY: run-dind-bind run-dind-bind: tmp docker-latest ## build and runs texd in container mode, using Docker-in-Docker @@ -59,9 +59,9 @@ run-dind-bind: tmp docker-latest ## build and runs texd in container mode, using -v /var/run/docker.sock:/var/run/docker.sock \ -v $$(pwd)/tmp:/texd \ -p 127.0.0.1:2201:2201 \ - digineode/texd:latest \ + ghcr.io/digineo/texd:latest \ --log-level debug $(EXTRA_RUN_ARGS) \ - digineode/texd:base + ghcr.io/digineo/texd:base .PHONY: run-dind-volume run-dind-volume: tmp docker-latest ## build and runs texd in container mode, using Docker-in-Docker @@ -70,9 +70,9 @@ run-dind-volume: tmp docker-latest ## build and runs texd in container mode, usi -v /var/run/docker.sock:/var/run/docker.sock \ -v texd-work:/texd \ -p 127.0.0.1:2201:2201 \ - digineode/texd:latest \ + ghcr.io/digineo/texd:latest \ --log-level debug $(EXTRA_RUN_ARGS) \ - digineode/texd:base + ghcr.io/digineo/texd:base ## testing @@ -129,7 +129,7 @@ docker-latest: build ## builds a Docker container with the latest binary --label=org.opencontainers.image.title=$(TARGET) \ --label=org.opencontainers.image.revision=$(shell git show -s --format=%H HEAD) \ --label=org.opencontainers.image.version=$(VERSION) \ - -t digineode/texd:latest \ + -t ghcr.io/digineo/texd:latest \ . .PHONY: bump bump-major bump-minor bump-patch diff --git a/README.md b/README.md index cf6d6ac..ddefc71 100644 --- a/README.md +++ b/README.md @@ -46,13 +46,13 @@ $ texd ### Ephemeral Containers Here, you still download and run texd locally, but document rendering will happen in an short-lived -Docker container, using a specific Docker image (`texlive/texlive:latest` will do just fine, but you -could easily build a smaller one using e.g. a Debian base image). +Docker container, using a specific Docker image (`registry.gitlab.com/islandoftex/images/texlive:latest` +will do just fine, but you could easily build a smaller one using e.g. a Debian base image). To run in container mode, run: ```console -$ texd texlive/texlive:latest +$ texd registry.gitlab.com/islandoftex/images/texlive:latest ``` This will pull the specified image, if it doesn't exist yet. Note that you need to give texd @@ -63,7 +63,7 @@ this case, the first image is used as default image: ```console $ texd \ - texlive/texlive:latest \ + registry.gitlab.com/islandoftex/images/texlive:latest \ registry.gitlab.com/islandoftex/images/texlive:TL2014-historic \ ghcr.io/yourcompany/texlive-prod ``` @@ -77,14 +77,25 @@ viable alternative to the local mode. In fact, this mode is functionally equival To run texd as Docker service, use this command: ```console -$ docker run --rm -t -p localhost:2201:2201 digineode/texd:latest +$ docker run --rm -t -p localhost:2201:2201 ghcr.io/digineo/texd:latest ``` -When using Gitlab CI, you can add this line to your `.gitlab-ci.yml`: +The image `ghcr.io/digineo/texd:latest` is based on Debian Bullseye with +some texlive packages installed from the Debian repositories (see this +[`Dockerfile`](./.github/Dockerfile.base) for the current list). Note +that Debian Bullseye comes with [TeXlive 2020][], while (at the time of +writing) the current release is TeXlive 2022. + +> **Note:** +> +> An earlier version of this README made use of `digineode/texd` instead +> of `ghcr.io/digineo/texd:latest`. + +When using Gitlab CI, you can add this snippet to your `.gitlab-ci.yml`: ```yml services: - - name: digineode/texd:latest + - name: ghcr.io/digineo/texd:latest alias: texd variables: @@ -93,7 +104,7 @@ variables: TEXD_ENDPOINT: http://texd:2201/render ``` -This image is based on `texlive/texlive:latest`. +[TeXlive 2020]: https://packages.debian.org/bullseye/texlive ## CLI Options @@ -101,8 +112,8 @@ Calling texd with options works in any mode; these commands are equivalent: ```console $ texd -h -$ texd texlive/texlive:latest -h -$ docker run --rm -t digineode/texd:latest -h +$ texd tregistry.gitlab.com/islandoftex/images/texlive:latestest -h +$ docker run --rm -t ghcr.io/digineo/texd:latest -h ``` - `--help`, `-h` @@ -371,7 +382,7 @@ Content-Length: 287 { "version": "0.0.0", "mode": "container", - "images": ["texlive/texlive:latest"], + "images": ["registry.gitlab.com/islandoftex/images/texlive:latest"], "timeout": 60, "engines": ["xelatex","pdflatex","lualatex"], "default_engine": "xelatex", diff --git a/exec/docker_client_test.go b/exec/docker_client_test.go index a22ecb6..9e2d9c8 100644 --- a/exec/docker_client_test.go +++ b/exec/docker_client_test.go @@ -138,16 +138,16 @@ func (s *dockerClientSuite) TestNewDockerClient() { func (s *dockerClientSuite) TestFindAllowedImageID() { s.subject.images = []types.ImageSummary{ {ID: "a", RepoTags: []string{"localhost/texd/minimal:v1", "localhost/texd/minimal:latest"}}, - {ID: "b", RepoTags: []string{"texlive/texlive:latest"}}, + {ID: "b", RepoTags: []string{"registry.gitlab.com/islandoftex/images/texlive:latest"}}, } s.Assert().Equal("a", s.subject.findAllowedImageID("localhost/texd/minimal:latest")) - s.Assert().Equal("b", s.subject.findAllowedImageID("texlive/texlive:latest")) + s.Assert().Equal("b", s.subject.findAllowedImageID("registry.gitlab.com/islandoftex/images/texlive:latest")) s.Assert().Equal("", s.subject.findAllowedImageID("unknown")) } func (s *dockerClientSuite) TestFindAllowedImageID_empty() { - s.Assert().Equal("", s.subject.findAllowedImageID("texlive/texlive:latest")) + s.Assert().Equal("", s.subject.findAllowedImageID("registry.gitlab.com/islandoftex/images/texlive:latest")) } func (s *dockerClientSuite) TestFindAllowedImageID_default() { diff --git a/testdata/integration/docker-compose.yml b/testdata/integration/docker-compose.yml index 09f08e2..6af6a79 100644 --- a/testdata/integration/docker-compose.yml +++ b/testdata/integration/docker-compose.yml @@ -2,7 +2,7 @@ version: '3' services: texd: - image: digineode/texd:latest + image: ghcr.io/digineo/texd:latest command: --reference-store=memcached://memcached:11211?expiration=5s depends_on: - memcached