# gcrioimage **Repository Path**: pigful/gcrioimage ## Basic Information - **Project Name**: gcrioimage - **Description**: 下载国外镜像 - **Primary Language**: Unknown - **License**: Not specified - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2022-05-10 - **Last Updated**: 2024-06-06 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README ### 使用 gitlab 和 阿里云容器服务下载国外镜像 阿里云容器仓库个人版 不支持 gitee 可以使用 gitlab github 和阿里云的code服务 然腾讯云的容器仓库个人版 任何地域都访问不了 谷歌镜像地址 所以这里的搭配是 **自建公网gitlab + 阿里云容器服务** #### 搭建或准备好gitlab gitlab需要公网能访问: ```bash $ docker run --detach --hostname gitlab.xin-shijie.cn -p 33443:443 -p 33380:80 -p 33322:22 --name gitlab --restart always -v /data/gitlab/config:/etc/gitlab -v /data/gitlab/logs:/var/log/gitlab -v /data/gitlab/data:/var/opt/gitlab --shm-size 256m registry.gitlab.cn/omnibus/gitlab-jh:latest ``` 在gitlab上创建一个用户(如:gcrioimage),并创建一个访问令牌,需要有API权限 ```bash 您的新个人访问令牌:ank**********yrAsN8 ``` #### 开通阿里云容器个人版 创建一个阿里云账号,开通个人版本容器服务 #### 准备镜像信息文件 如在使用 tekton 时就下载不了国外的镜像 ```bash $ ls pipeline-release.yaml tekton-dashboard-release.yaml triggers-release.yaml $ grep -o 'gcr.io.*@sha256:[a-zA-Z0-9]*' *.yaml|sed 's#", "-[a-z]*-[a-z]*-*[a-z]*", "#\n#g'|sed 's#.*.yaml:##' > image.txt ``` 下面是tekton 部署时所用到的镜像: ```bash $ cat image.txt gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/controller:v0.34.1@sha256:558239fcf8370cb7514cfca57e9f46399e5b60bca876828e0d833112d65fc45b gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/kubeconfigwriter:v0.34.1@sha256:523016e4db827cd34babd844624d1cda86841e056fe6c890b3ad1c956a5638b0 gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/git-init:v0.34.1@sha256:8bf237e7b8c983e4159686f0cc021c9189bab4ea99f91cb20ec19cfb4b4a916d gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/entrypoint:v0.34.1@sha256:df16538ccfe1b36004d98ad5f511f222f9676028f137f14853805e5b08f57f86 gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/nop:v0.34.1@sha256:ba2276abe579a82d41d38daeca020a7679575b61fb551908f67b4972ff63a2a3 gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/imagedigestexporter:v0.34.1@sha256:b1d4a689bb67f36b8458aebe1db63724e88bba549e711fb994b6adb4792d9dd7 gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/pullrequest-init:v0.34.1@sha256:a3a402632d5e9ed58a2857ca107fef185b9b702799a683b2c698014ec3d1c5df gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/workingdirinit:v0.34.1@sha256:1d481e9b728651dd9e3f7bdf5c1ad135b52b516b4c2d631c220431d2d6c98eb4 gcr.io/google.com/cloudsdktool/cloud-sdk@sha256:27b2c22bf259d9bc1a291e99c63791ba0c27a04d2db0a43241ba0f1f20f4067f gcr.io/distroless/base@sha256:3cebc059e7e52a4f5a389aa6788ac2b582227d7953933194764ea434f4d70d64 gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/webhook:v0.34.1@sha256:70cab42dec664eda056076abaddcd66183678409ab6911821960f5e9889d6b21 gcr.io/tekton-releases/github.com/tektoncd/dashboard/cmd/dashboard:v0.25.0@sha256:81cd1c93a2e2027d01c764a78b8fc2f7aa511370643e764836334d0ea09328cf gcr.io/tekton-releases/github.com/tektoncd/triggers/cmd/controller:v0.19.1@sha256:da6269e3784fda08220f87b45caf42d12ac5caf49d17df2524cec297201a3a93 gcr.io/tekton-releases/github.com/tektoncd/triggers/cmd/eventlistenersink:v0.19.1@sha256:ba97a3ce4d193c7c3e37f02bd08b40755cee6abcc412b56480d88eac040787c5 gcr.io/tekton-releases/github.com/tektoncd/triggers/cmd/webhook:v0.19.1@sha256:ad1aace2254f70ca223f0b8db47468b2910abb672d1982c57b54662d0e8a95a8 ``` 生成需要在阿里云创建的仓库名称: ```bash cat image.txt |sed 's#tekton-releases/github.com/tektoncd/\([a-z]*\)/cmd/#tekton.\1.#'| sed 's#:v0.*@sha256:[a-zA-Z0-9]*##g'|sed 's#@sha256:[a-zA-Z0-9]*##g'|sed 's#gcr.io/##'|sed 's#/#.#g' > gitlabimage.txt ``` ```bash $ cat gitlabimage.txt tekton.pipeline.controller tekton.pipeline.kubeconfigwriter tekton.pipeline.git-init tekton.pipeline.entrypoint tekton.pipeline.nop tekton.pipeline.imagedigestexporter tekton.pipeline.pullrequest-init tekton.pipeline.workingdirinit google.com.cloudsdktool.cloud-sdk distroless.base tekton.pipeline.webhook tekton.dashboard.dashboard tekton.triggers.controller tekton.triggers.eventlistenersink tekton.triggers.webhook ``` #### 使用脚本调用go去创建gitlab库 **如果你是直接 git clone 当前的 gcrioimage 仓库到本地,** **请 clone 完后删除 gcrioimage 里面 的 .git 目录** ,以免后面脚本执行有异常数据 需要替换 gitlab 相关配置和阿里云相关配置 因为 **阿里云个人版镜像仓库创建的时候没法绑定 git 仓库**,不知道是不是个人版不可用 后面有时间在看看 企业版能不能创建仓库的时候绑定 git 仓库 所以这里先注销创建 阿里云容器仓库的代码,使用手动创建并绑定 git 仓库 `createproject.sh` ```bash #!/bin/bash # ## gitlab 搭配 阿里云容器 使用,阿里云不支持 gitee 公共服务 project_file="gitlabimage.txt" # git仓库名,镜像仓库名 image_file="image.txt" # 对应的 git仓库描述,镜像仓库描述 gitproject=$(cat ${project_file}|wc -l) # gitlab 配置 gitlabToken="ankH******AsN8" gitHttp="http" gitUrl="gitlab.**.**:33380" # gitlab的地址 gitUser="gcr****" # git push 的时候需要输入用户 和 密码 gitPasswd="gcr***" # 阿里云容器服务配置 regionId="cn-shenzhen" # 阿里云容器仓库的地域 accessKeyId="LTA*********7vUAW" accessKeySecret="LT******qW" repoNamespace="gcrioimage" #仓库的名称空间 RepoType="PUBLIC" # # gitee 配置 # giteeToken="a066**********1ce4f" # gitHttp="https" # gitUrl="gitee.com" # gitUser="p****" # git push 的时候需要输入用户 和 密码 # gitPasswd="muy*****" # # 腾讯云容器服务配置 # secretId="AKID*******Jei" # secretKey="nJYV******9N" # region="na-siliconvalley" # 所在地域 na-siliconvalley (硅谷) ap-hongkong (香港) # repoNamespace="gcrioimage" # repoPublic="1" # 仓库是否私有: 1 公开 0 私有 for ((i=1;i<=$gitproject;i++)) ; do # 获取 仓库名称,获取 镜像名称 project_name=$(head -n $i $project_file | tail -n1) image_name=$(head -n $i $image_file | tail -n1|awk -F: '{print $1}') # 创建gitlab仓库 rm -rf ${project_name} mkdir ${project_name} cp -r go-gcrioimage/{gitlabmain.go,go.mod,go.sum} ${project_name} sed -i "s#_gitlabToken_#${gitlabToken}#" ${project_name}/gitlabmain.go sed -i "s#_http_#${gitHttp}#" ${project_name}/gitlabmain.go sed -i "s#_gitlabUrl_#${gitUrl}#" ${project_name}/gitlabmain.go sed -i "s#_gitlabProject_#${project_name}#" ${project_name}/gitlabmain.go sed -i "s#_gitlabDesc_#${image_name}#" ${project_name}/gitlabmain.go cd ${project_name} go mod tidy go run gitlabmain.go cd .. # # 创建 阿里云容器仓库(ACR) # cp -r go-gcrioimage/{acrCreateRepo.go ,go.mod,go.sum} ${project_name} # sed -i "s#_regionId_#${regionId}#" ${project_name}/acrCreateRepo.go # sed -i "s#_accessKeyId_#${accessKeyId}#" ${project_name}/acrCreateRepo.go # sed -i "s#_accessKeySecret_#${accessKeySecret}#" ${project_name}/acrCreateRepo.go # sed -i "s#_RepoNamespace_#${repoNamespace}#" ${project_name}/acrCreateRepo.go # sed -i "s#_RepoName_#${project_name}#" ${project_name}/acrCreateRepo.go # sed -i "s#_Summary_#${image_name}#" ${project_name}/acrCreateRepo.go # sed -i "s#_Detail_#${image_name}#" ${project_name}/acrCreateRepo.go # sed -i "s#_repoPublic_#${repoPublic}#" ${project_name}/acrCreateRepo.go # sed -i "s#_RepoType_#${RepoType}#" ${project_name}/acrCreateRepo.go # cd ${project_name} # go mod tidy # go run acrCreateRepo.go # cd .. # # 创建 阿里云容器仓库构建规则(ACR) # tags=$(head -n $i $image_file|tail -n 1 |awk -F@ '{print $1}'|grep ':v') # if [ -z "$tags" ]; then # Tag="latest" # else # Tag=$(head -n $i $image_file|tail -n 1 |awk -F@ '{print $1}'|awk -F: '{print $2}') # fi # cp -r go-gcrioimage/{acrCreateRepoBuildRule.go,go.mod,go.sum} ${project_name} # sed -i "s#_regionId_#${regionId}#" ${project_name}/acrCreateRepoBuildRule.go # sed -i "s#_accessKeyId_#${accessKeyId}#" ${project_name}/acrCreateRepoBuildRule.go # sed -i "s#_accessKeySecret_#${accessKeySecret}#" ${project_name}/acrCreateRepoBuildRule.go # sed -i "s#_RepoNamespace_#${repoNamespace}#" ${project_name}/acrCreateRepoBuildRule.go # sed -i "s#_RepoName_#${project_name}#" ${project_name}/acrCreateRepoBuildRule.go # sed -i "s#_Tag_#${Tag}#" ${project_name}/acrCreateRepoBuildRule.go # cd ${project_name} # go mod tidy # go run acrCreateRepoBuildRule.go # cd .. # # 创建gitee仓库 # rm -rf ${project_name} # mkdir ${project_name} # cp -r go-gcrioimage/{giteeDeleteMain.go,giteemain.go,go.mod,go.sum} ${project_name} # sed -i "s#_giteeToken_#${giteeToken}#" ${project_name}/giteemain.go # sed -i "s#_ProjectName_#${project_name}#" ${project_name}/giteemain.go # sed -i "s#_ProjectDesc_#${image_name}#" ${project_name}/giteemain.go # sed -i "s#_giteeToken_#${giteeToken}#" ${project_name}/giteeDeleteMain.go # sed -i "s#_UserName_#${gitUser}#" ${project_name}/giteeDeleteMain.go # sed -i "s#_ProjectName_#${project_name}#" ${project_name}/giteeDeleteMain.go # cd ${project_name} # go mod tidy # go run giteeDeleteMain.go # 删除仓库 # go run giteemain.go # 创建仓库 # cd .. ## 创建 腾讯云容器仓库(TCR) # cp -r go-gcrioimage/{tcrmain.go,go.mod,go.sum} ${project_name} # sed -i "s#_secretId_#${secretId}#" ${project_name}/tcrmain.go # sed -i "s#_secretKey_#${secretKey}#" ${project_name}/tcrmain.go # sed -i "s#_Region_#${region}#" ${project_name}/tcrmain.go # sed -i "s#_RepoNamespace_#${repoNamespace}#" ${project_name}/tcrmain.go # sed -i "s#_repoName_#${project_name}#" ${project_name}/tcrmain.go # sed -i "s#_repoDesc_#${image_name}#" ${project_name}/tcrmain.go # sed -i "s#_repoPublic_#${repoPublic}#" ${project_name}/tcrmain.go # cd ${project_name} # go mod tidy # go run tcrmain.go # cd .. # 生成 Dockerfile rm -rf ${project_name} git clone ${gitHttp}://${gitUser}:${gitPasswd}@${gitUrl}/${gitUser}/${project_name} cp Dockerfile ${project_name} # image 是 Dockerfile 里 From 的镜像名称 image=$(head -n $i $image_file | tail -n1) sed -i "s#_Image_#${image}#" ${project_name}/Dockerfile # 上传 Dockerfile 到 git项目 cp push.sh ${project_name} sed -i "s#_gitHttp_#${gitHttp}#" ${project_name}/push.sh sed -i "s#_gitUser_#${gitUser}#" ${project_name}/push.sh sed -i "s#_gitPasswd_#${gitPasswd}#" ${project_name}/push.sh # # gitlab 私有服务可以直接从根目录 git pull sed -i "s#_gitUrl_#${gitUrl}#" ${project_name}/push.sh # # gitee 公共服务 git pull 需要跟用户名空间 # sed -i "s#_gitUrl_#${gitUrl}/${gitUser}#" ${project_name}/push.sh # sed -i "s#_projectName_#${project_name}#" ${project_name}/push.sh done ``` #### 推送代码到gitlab仓库 创建 gitlab 仓库的同时会git clone 下来仓库到当前目录 并把 `Dcokerfile` 和 `push.sh` 文件复制到 每一个仓库下,生成对应的信息 运行 `autoPush.sh` 脚本会进入每个仓库下把Dockerfile 文件上传到 gitlab #### 手动创建阿里云镜像仓库 因个人版阿里云容器的 api 没有绑定 git 信息的接口,所以只能手动创建,手动创建的时候可以绑定git 信息和仓库,手动创建的时候记得选中 **海外机器构建** #### 创建容器镜像规则 修改 `createproject.sh` 文件开启 创建容器构建配置段,关闭 创建 gitlab 仓库配置段 ```bash #!/bin/bash # ## gitlab 搭配 阿里云容器 使用,阿里云不支持 gitee 公共服务 project_file="gitlabimage.txt" # git仓库名,镜像仓库名 image_file="image.txt" # 对应的 git仓库描述,镜像仓库描述 gitproject=$(cat ${project_file}|wc -l) # gitlab 配置 gitlabToken="ankH******AsN8" gitHttp="http" gitUrl="gitlab.**.**:33380" # gitlab的地址 gitUser="gcr****" # git push 的时候需要输入用户 和 密码 gitPasswd="gcr***" # 阿里云容器服务配置 regionId="cn-shenzhen" # 阿里云容器仓库的地域 accessKeyId="LTA*********7vUAW" accessKeySecret="LT******qW" repoNamespace="gcrioimage" #仓库的名称空间 RepoType="PUBLIC" # # gitee 配置 # giteeToken="a066**********1ce4f" # gitHttp="https" # gitUrl="gitee.com" # gitUser="p****" # git push 的时候需要输入用户 和 密码 # gitPasswd="muy*****" # # 腾讯云容器服务配置 # secretId="AKID*******Jei" # secretKey="nJYV******9N" # region="na-siliconvalley" # 所在地域 na-siliconvalley (硅谷) ap-hongkong (香港) # repoNamespace="gcrioimage" # repoPublic="1" # 仓库是否私有: 1 公开 0 私有 for ((i=1;i<=$gitproject;i++)) ; do # 获取 仓库名称,获取 镜像名称 project_name=$(head -n $i $project_file | tail -n1) image_name=$(head -n $i $image_file | tail -n1|awk -F: '{print $1}') # # 创建gitlab仓库 # rm -rf ${project_name} # mkdir ${project_name} # cp -r go-gcrioimage/{gitlabmain.go,go.mod,go.sum} ${project_name} # sed -i "s#_gitlabToken_#${gitlabToken}#" ${project_name}/gitlabmain.go # sed -i "s#_http_#${gitHttp}#" ${project_name}/gitlabmain.go # sed -i "s#_gitlabUrl_#${gitUrl}#" ${project_name}/gitlabmain.go # sed -i "s#_gitlabProject_#${project_name}#" ${project_name}/gitlabmain.go # sed -i "s#_gitlabDesc_#${image_name}#" ${project_name}/gitlabmain.go # cd ${project_name} # go mod tidy # go run gitlabmain.go # cd .. # # 创建 阿里云容器仓库(ACR) # cp -r go-gcrioimage/{acrCreateRepo.go ,go.mod,go.sum} ${project_name} # sed -i "s#_regionId_#${regionId}#" ${project_name}/acrCreateRepo.go # sed -i "s#_accessKeyId_#${accessKeyId}#" ${project_name}/acrCreateRepo.go # sed -i "s#_accessKeySecret_#${accessKeySecret}#" ${project_name}/acrCreateRepo.go # sed -i "s#_RepoNamespace_#${repoNamespace}#" ${project_name}/acrCreateRepo.go # sed -i "s#_RepoName_#${project_name}#" ${project_name}/acrCreateRepo.go # sed -i "s#_Summary_#${image_name}#" ${project_name}/acrCreateRepo.go # sed -i "s#_Detail_#${image_name}#" ${project_name}/acrCreateRepo.go # sed -i "s#_repoPublic_#${repoPublic}#" ${project_name}/acrCreateRepo.go # sed -i "s#_RepoType_#${RepoType}#" ${project_name}/acrCreateRepo.go # cd ${project_name} # go mod tidy # go run acrCreateRepo.go # cd .. # 创建 阿里云容器仓库构建规则(ACR) tags=$(head -n $i $image_file|tail -n 1 |awk -F@ '{print $1}'|grep ':v') if [ -z "$tags" ]; then Tag="latest" else Tag=$(head -n $i $image_file|tail -n 1 |awk -F@ '{print $1}'|awk -F: '{print $2}') fi cp -r go-gcrioimage/{acrCreateRepoBuildRule.go,go.mod,go.sum} ${project_name} sed -i "s#_regionId_#${regionId}#" ${project_name}/acrCreateRepoBuildRule.go sed -i "s#_accessKeyId_#${accessKeyId}#" ${project_name}/acrCreateRepoBuildRule.go sed -i "s#_accessKeySecret_#${accessKeySecret}#" ${project_name}/acrCreateRepoBuildRule.go sed -i "s#_RepoNamespace_#${repoNamespace}#" ${project_name}/acrCreateRepoBuildRule.go sed -i "s#_RepoName_#${project_name}#" ${project_name}/acrCreateRepoBuildRule.go sed -i "s#_Tag_#${Tag}#" ${project_name}/acrCreateRepoBuildRule.go cd ${project_name} go mod tidy go run acrCreateRepoBuildRule.go cd .. # # 创建gitee仓库 # rm -rf ${project_name} # mkdir ${project_name} # cp -r go-gcrioimage/{giteeDeleteMain.go,giteemain.go,go.mod,go.sum} ${project_name} # sed -i "s#_giteeToken_#${giteeToken}#" ${project_name}/giteemain.go # sed -i "s#_ProjectName_#${project_name}#" ${project_name}/giteemain.go # sed -i "s#_ProjectDesc_#${image_name}#" ${project_name}/giteemain.go # sed -i "s#_giteeToken_#${giteeToken}#" ${project_name}/giteeDeleteMain.go # sed -i "s#_UserName_#${gitUser}#" ${project_name}/giteeDeleteMain.go # sed -i "s#_ProjectName_#${project_name}#" ${project_name}/giteeDeleteMain.go # cd ${project_name} # go mod tidy # go run giteeDeleteMain.go # 删除仓库 # go run giteemain.go # 创建仓库 # cd .. ## 创建 腾讯云容器仓库(TCR) # cp -r go-gcrioimage/{tcrmain.go,go.mod,go.sum} ${project_name} # sed -i "s#_secretId_#${secretId}#" ${project_name}/tcrmain.go # sed -i "s#_secretKey_#${secretKey}#" ${project_name}/tcrmain.go # sed -i "s#_Region_#${region}#" ${project_name}/tcrmain.go # sed -i "s#_RepoNamespace_#${repoNamespace}#" ${project_name}/tcrmain.go # sed -i "s#_repoName_#${project_name}#" ${project_name}/tcrmain.go # sed -i "s#_repoDesc_#${image_name}#" ${project_name}/tcrmain.go # sed -i "s#_repoPublic_#${repoPublic}#" ${project_name}/tcrmain.go # cd ${project_name} # go mod tidy # go run tcrmain.go # cd .. # # 生成 Dockerfile # rm -rf ${project_name} # git clone ${gitHttp}://${gitUser}:${gitPasswd}@${gitUrl}/${gitUser}/${project_name} # cp Dockerfile ${project_name} # # image 是 Dockerfile 里 From 的镜像名称 # image=$(head -n $i $image_file | tail -n1) # sed -i "s#_Image_#${image}#" ${project_name}/Dockerfile # # 上传 Dockerfile 到 git项目 # cp push.sh ${project_name} # sed -i "s#_gitHttp_#${gitHttp}#" ${project_name}/push.sh # sed -i "s#_gitUser_#${gitUser}#" ${project_name}/push.sh # sed -i "s#_gitPasswd_#${gitPasswd}#" ${project_name}/push.sh # # gitlab 私有服务可以直接从根目录 git pull # sed -i "s#_gitUrl_#${gitUrl}#" ${project_name}/push.sh # # gitee 公共服务 git pull 需要跟用户名空间 # sed -i "s#_gitUrl_#${gitUrl}/${gitUser}#" ${project_name}/push.sh # sed -i "s#_projectName_#${project_name}#" ${project_name}/push.sh done ``` 执行脚本后 会生成构建规则信息,并且执行构建,这样一个国外的镜像就被导入到阿里云,并生成对应的版本号 #### 替换yaml文件的镜像版本 使用 脚本替换 yaml 文件的镜像地址 `sed-image.sh` ```bash #!/bin/bash # project_file="gitlabimage.txt" # git仓库名,镜像仓库名 image_file="image.txt" # 对应的 git仓库描述,镜像仓库描述 gitproject=$(cat gitlabimage.txt|wc -l) for ((i=1;i<=$gitproject;i++)) ; do tags=$(head -n $i $image_file|tail -n 1 |awk -F@ '{print $1}'|grep ':v') if [ -z "$tags" ]; then Tag="latest" else Tag=$(head -n $i $image_file|tail -n 1 |awk -F@ '{print $1}'|awk -F: '{print $2}') fi # 获取 仓库名称,获取 镜像名称 image_name=$(head -n $i $image_file | tail -n1) project_name=$(head -n $i $project_file | tail -n1) #echo $project_name:$Tag $image_name #sed -i "s#${image_name}#${project_name}:${Tag}#g" *.yaml sed -i "s#\(${project_name}:${Tag}\)#registry.cn-shenzhen.aliyuncs.com/gcrioimage/\1#g" *.yaml done ```