in tooling/image-sync/internal/sync.go [145:248]
func DoSync(cfg *SyncConfig) error {
Log().Infow("Syncing images", "images", cfg.Repositories, "numberoftags", cfg.NumberOfTags)
ctx := context.Background()
srcRegistries := make(map[string]Registry)
var err error
for _, secret := range cfg.Secrets {
if secret.Registry == "quay.io" {
quaySecret, err := readBearerSecret(secret.SecretFile)
if err != nil {
return fmt.Errorf("error reading secret file: %w %s", err, secret.SecretFile)
}
qr := NewQuayRegistry(cfg, quaySecret.BearerToken)
srcRegistries[secret.Registry] = qr
} else {
if strings.HasSuffix(secret.Registry, "azurecr.io") ||
strings.HasSuffix(secret.Registry, "azurecr.cn") ||
strings.HasSuffix(secret.Registry, "azurecr.us") {
azureSecret, err := readAzureSecret(secret.SecretFile)
if err != nil {
return fmt.Errorf("error reading azure secret file: %w %s", err, secret.SecretFile)
}
bearerSecret, err := getACRBearerToken(ctx, *azureSecret, secret.Registry)
if err != nil {
return fmt.Errorf("error getting ACR bearer token: %w", err)
}
srcRegistries[secret.Registry] = NewACRWithTokenAuth(cfg, secret.Registry, bearerSecret)
} else {
s, err := readBearerSecret(secret.SecretFile)
bearerSecret := s.BearerToken
if err != nil {
return fmt.Errorf("error reading secret file: %w %s", err, secret.SecretFile)
}
srcRegistries[secret.Registry] = NewOCIRegistry(cfg, secret.Registry, bearerSecret)
}
}
}
targetACR := NewAzureContainerRegistry(cfg)
acrPullSecret, err := targetACR.GetPullSecret(ctx)
if err != nil {
return fmt.Errorf("error getting pull secret: %w", err)
}
targetACRAuth := types.DockerAuthConfig{Username: "00000000-0000-0000-0000-000000000000", Password: acrPullSecret.RefreshToken}
for _, repoName := range cfg.Repositories {
var srcTags, acrTags []string
baseURL := strings.Split(repoName, "/")[0]
repoName = strings.Join(strings.Split(repoName, "/")[1:], "/")
Log().Infow("Syncing repository", "repository", repoName, "baseurl", baseURL)
if client, ok := srcRegistries[baseURL]; ok {
srcTags, err = client.GetTags(ctx, repoName)
if err != nil {
return fmt.Errorf("error getting tags from %s: %w", baseURL, err)
}
Log().Debugw("Got tags from quay", "tags", srcTags)
} else {
// No secret defined, create a default client without auth
oci := NewOCIRegistry(cfg, baseURL, "")
srcTags, err = oci.GetTags(ctx, repoName)
if err != nil {
return fmt.Errorf("error getting oci tags: %w", err)
}
Log().Debugw(fmt.Sprintf("Got tags from %s", baseURL), "repo", repoName, "tags", srcTags)
}
exists, err := targetACR.RepositoryExists(ctx, repoName)
if err != nil {
return fmt.Errorf("error getting ACR repository information: %w", err)
}
if exists {
acrTags, err = targetACR.GetTags(ctx, repoName)
if err != nil {
return fmt.Errorf("error getting ACR tags: %w", err)
}
Log().Infow("Got tags from acr", "tags", acrTags)
} else {
Log().Infow("Repository does not exist", "repository", repoName)
}
tagsToSync := filterTagsToSync(srcTags, acrTags)
Log().Infow("Images to sync", "images", tagsToSync)
for _, tagToSync := range tagsToSync {
source := fmt.Sprintf("%s/%s:%s", baseURL, repoName, tagToSync)
target := fmt.Sprintf("%s/%s:%s", cfg.AcrTargetRegistry, repoName, tagToSync)
Log().Infow("Copying images", "images", tagToSync, "from", source, "to", target)
err = Copy(ctx, target, source, &targetACRAuth, nil)
if err != nil {
return fmt.Errorf("error copying image: %w", err)
}
}
}
return nil
}