diff --git a/Dockerfile b/Dockerfile index b6e8df9..a955d55 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,6 +16,10 @@ RUN CGO_ENABLED=0 go build -o /usr/local/bin/dind-cleaner ./cmd \ FROM golang:1.26-alpine3.23 AS bbolt RUN go install go.etcd.io/bbolt/cmd/bbolt@latest +FROM quay.io/containers/skopeo:v1.22.2 AS preloaded-images +COPY images-list.txt /images-list.txt +COPY load-images.sh /load-images.sh +RUN chmod +x /load-images.sh && /load-images.sh /images-list.txt /images # Main FROM docker:${DOCKER_VERSION}-dind AS prod @@ -30,11 +34,14 @@ RUN echo 'http://dl-cdn.alpinelinux.org/alpine/v3.23/main' >> /etc/apk/repositor # Backward compatibility with kernels that do not support `iptables-nft`. Check #CR-23033 for details. RUN update-alternatives --install $(which iptables) iptables $(which iptables-legacy) 10 \ && update-alternatives --install $(which ip6tables) ip6tables $(which ip6tables-legacy) 10 -# DHI source: https://hub.docker.com/repository/docker/octopusdeploy/dhi-node-exporter + # DHI source: https://hub.docker.com/repository/docker/octopusdeploy/dhi-node-exporter COPY --from=docker.io/octopusdeploy/dhi-node-exporter:1.11.1-alpine3.23@sha256:8cd8b3f56f6c319a03c7a2224e99d07e34241ae9ced308df5a6fee41d61ea905 /usr/bin/node_exporter /bin/ COPY --from=bbolt /go/bin/bbolt /bin/ COPY --from=cleaner /usr/local/bin/dind-cleaner /bin/ +# Bake in preloaded image tarballs +COPY --from=preloaded-images /images /preloaded-images + WORKDIR /dind ADD . /dind diff --git a/images-list.txt b/images-list.txt new file mode 100644 index 0000000..0a9edf6 --- /dev/null +++ b/images-list.txt @@ -0,0 +1,10 @@ +docker.io/tonistiigi/binfmt:qemu-v10.2.1 +quay.io/codefresh/cf-container-logger:2.0.12 +quay.io/codefresh/cf-debugger:1.3.14 +quay.io/codefresh/cf-docker-builder:1.6.1 +quay.io/codefresh/cf-docker-puller:8.0.27 +quay.io/codefresh/cf-docker-pusher:6.0.26 +quay.io/codefresh/cf-git-cloner:10.3.11 +quay.io/codefresh/compose:v5.1.3-1.6.4 +quay.io/codefresh/fs-ops:1.2.13 +quay.io/codefresh/pikolo:0.15.1 diff --git a/load-images.sh b/load-images.sh new file mode 100755 index 0000000..32f9390 --- /dev/null +++ b/load-images.sh @@ -0,0 +1,43 @@ +#!/bin/sh +# Preload OCI images into docker-archive tarballs using skopeo. +# +# Usage: +# preload-images.sh +# +# image-list-file: one image reference per line; blank lines and # comments ignored. +# output-dir: directory where .tar files are written (created if missing). + +set -x + +LIST_FILE="${1:?usage: $0 }" +OUT_DIR="${2:?usage: $0 }" + +if [ ! -f "$LIST_FILE" ]; then + echo "ERROR: image list not found: $LIST_FILE" >&2 + exit 1 +fi + +mkdir -p "$OUT_DIR" + +while IFS= read -r ref || [ -n "$ref" ]; do + # strip leading/trailing whitespace + ref=$(echo "$ref" | sed 's/^[[:space:]]*//; s/[[:space:]]*$//') + # skip blanks and comments + case "$ref" in + ''|\#*) continue ;; + esac + + # filename-safe version of the ref + fname=$(echo "$ref" | tr '/:@' '___').tar + + # the load-time tag inside the archive: strip any @digest suffix + load_tag=$(echo "$ref" | sed 's/@.*//') + + echo "==> $ref" + echo " -> $OUT_DIR/$fname (tag: $load_tag)" + + skopeo copy \ + "docker://$ref" \ + "docker-archive:$OUT_DIR/$fname:$load_tag" + +done < "$LIST_FILE" diff --git a/run.sh b/run.sh index 151134c..4b4a026 100755 --- a/run.sh +++ b/run.sh @@ -251,6 +251,23 @@ do break done +# Load preloaded images +if [ -d /preloaded-images ] && [ -n "$(ls -A /preloaded-images 2>/dev/null)" ]; then + echo "$(date) - Loading preloaded images (parallel)" + pids="" + for tar in /preloaded-images/*.tar; do + [ -f "$tar" ] || continue + ( + echo "Loading $tar ..." + docker load -i "$tar" >/dev/null 2>&1 \ + || echo "WARNING: failed to load $tar" + ) & + pids="$pids $!" + done + for pid in $pids; do wait "$pid"; done + echo "$(date) - Finished loading preloaded images" +fi + # Starting monitor ${DIR}/monitor/start.sh <&- & MONITOR_PID=$! diff --git a/service.yaml b/service.yaml index 14b4d4f..41149ea 100644 --- a/service.yaml +++ b/service.yaml @@ -1 +1 @@ -version: 3.0.15 +version: 4.0.0