File python-cgyle.changes of Package cgyle
------------------------------------------------------------------- Tue Feb 24 18:34:09 CET 2026 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.2.8 → 1.2.9 ------------------------------------------------------------------- Tue Feb 24 11:11:57 CET 2026 - Marcus Schäfer <marcus.schaefer@suse.com> - Make sure there is only one CNCF registry instance When operating with a local CNCF registry proxy started as a container we have to make sure there is no other container instance running because that would create write conflicts on the same data paths. The code so far made sure that we do not leave a running instance behind ensured by deleting it via the context manager. However inconsistent OS state crashes or other unknown events can case a container instance to be still in the system when cgyle runs again. To prevent this condition this commit introduces a static name registry_proxy for the CNCF registry instance and runs a cleanup prior creating a new workload and after finishing the workload. ------------------------------------------------------------------- Mon Feb 16 15:32:53 CET 2026 - Marcus Schäfer <marcus.schaefer@suse.com> - Add support for tag filtering Allow to add a tag filter expression (python regular expression) for each container pattern as part of a dedicated tagfilter section in the policy file. This Fixes #48 ------------------------------------------------------------------- Mon Dec 08 11:21:46 CET 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.2.7 → 1.2.8 ------------------------------------------------------------------- Sat Nov 08 15:46:45 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com> - Add put-repository-catalog-data in suse2ecr So far suse2ecr created the repository and synced the containers. If the repository needs to be created, the repository catalog information like description, usage and more was not set. This commit adds the required API calls to set this information after the repository was created. In addition SUSE specific data got droped from this repo and suse2ecr was renamed to cgyle2ecr for general use ------------------------------------------------------------------- Fri Oct 31 18:40:06 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com> - update bci policy ------------------------------------------------------------------- Thu Oct 23 12:37:08 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.2.6 → 1.2.7 ------------------------------------------------------------------- Thu Oct 23 12:36:29 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Add --push-ecr-alias option Allow to specify a custom target alias for pushing to an ECR ------------------------------------------------------------------- Thu Oct 23 11:30:05 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Update suse2ecr_policy.yml Add bci/bci-minimal as a start ------------------------------------------------------------------- Tue Sep 30 09:45:50 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.2.5 → 1.2.6 ------------------------------------------------------------------- Tue Sep 30 09:44:41 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Fix repo name passed to aws ecr command we searched for containers in the given filter-policy. The result is a path. The first element of that path is the custom alias name of the ECR registry in AWS. The aws ecr|ecr-public command constructs the repositoryUri automatically from the used account which already includes that custom alias name. It is therefore required that we skip the first path element from the search result ------------------------------------------------------------------- Mon Sep 29 23:11:14 CEST 2025 - Marcus Schäfer <marcus.schaefer@gmail.com> - Bump version: 1.2.4 → 1.2.5 ------------------------------------------------------------------- Mon Sep 29 22:12:37 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Do not remove signatures in suse2ecr Also add different policy files for the suse and bci namespaces. We expect those to exist as custom alias in AWS gallery that we own ------------------------------------------------------------------- Mon Sep 29 16:27:09 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Run suse2ecr with signature and attribute tags ------------------------------------------------------------------- Mon Sep 29 10:19:35 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Allow sync of attestation tags Attestation tags (.att) are used to provide SBOM information for containers. By default we do not sync them. The new option --with-attestation allows to turn it on ------------------------------------------------------------------- Thu Aug 21 09:57:58 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.2.3 → 1.2.4 ------------------------------------------------------------------- Wed Aug 20 17:20:34 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Mutability does not exist on public repos Do not pass --image-tag-mutability, MUTABLE is the default for private which is ok ------------------------------------------------------------------- Wed Aug 20 17:00:51 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Support public ECR AWS differentiates between ecr and ecr-public commands ------------------------------------------------------------------- Wed Aug 20 15:57:36 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.2.2 → 1.2.3 ------------------------------------------------------------------- Wed Aug 20 10:22:31 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Make suse2ecr --profile option optional ------------------------------------------------------------------- Wed Aug 20 10:08:19 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Install suse2ecr policy as part of the package ------------------------------------------------------------------- Thu Aug 14 17:31:48 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Fixed tag list in case of an error cgyle fetches the current tag list and compares it with an eventually existing prior taglist. The difference in tags is then synced with the exception of 'latest' which is always synced. If in this process a tag cannot be fetched due to some error, the tag list still listed this tag as being processed. In the next run of cgyle this tag is not tried to be fetched again. This commit adds code to update the tag list in case the fetching of the tag has failed for some reason such that in a subsequent call of cgyle this tag is tried to be fetched again. ------------------------------------------------------------------- Thu Aug 14 11:39:37 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Run cgyle natively and not through poetry The poetry run method was used during development. For the final release cgyle should be called from scripts as it's installed on the host ------------------------------------------------------------------- Wed Aug 13 18:14:44 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Update suse2ecr policy For a start we only take bci-base and bci-minimal ------------------------------------------------------------------- Wed Aug 13 12:21:21 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.2.1 → 1.2.2 ------------------------------------------------------------------- Wed Aug 13 12:16:55 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Add suse2ecr to the package spec template ------------------------------------------------------------------- Wed Aug 13 11:45:21 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Add suse2ecr tool suse2ecr is a simple wrapper around several cgyle calls to create and push images from one registry into an ECR by keeping the structure of the source registry. Example: suse2ecr --aws-profile suse-pct \ --aws-ecr some.dkr.ecr.eu-central-1.amazonaws.com \ --filter-policy tools/suse2ecr_policy.yml \ --dry-run ------------------------------------------------------------------- Wed Aug 13 11:43:42 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - fix error handling when opening the policy file ------------------------------------------------------------------- Tue Aug 12 12:49:26 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Add support for pushing to an ECR So far cgyle can create local repository proxies as well as store each container individually as oci archives. This commit also adds the opportunity to push containers from one registry to an ECR - Elastic Container Registry in AWS. For example: ``` poetry run cgyle \ --updatecache https://registry.opensuse.org --from https://registry.opensuse.org \ --filter '^opensuse/leap.*images.*/6.1/toolbox' \ --push-oci some.dkr.ecr.eu-central-1.amazonaws.com \ --push-oci-creds=AWS:$(aws ecr --profile some get-login-password) \ --remove-signatures \ --apply ``` ------------------------------------------------------------------- Wed Apr 02 10:12:06 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.2.0 → 1.2.1 ------------------------------------------------------------------- Tue Apr 01 16:34:46 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Store tag reference file with proper suffix The tag reference file is now stored as .tags such that it does not conflict with the log collector which collects everything that is named as .log. In addition make sure the tag reference file does not contain eventual error information from fetching the tags and don't take signature references to sha digests of the image into account. ------------------------------------------------------------------- Mon Mar 31 09:51:21 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.1.6 → 1.2.0 ------------------------------------------------------------------- Mon Mar 31 09:49:52 CEST 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Add development section to pyproject Make sure bumpversion exists in the poetry shell ------------------------------------------------------------------- Tue Mar 25 16:21:29 CET 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Compare tag list with prior sync This commit changes cgyle in a way that it keeps the tag list information and uses it to compare the current tag list with the former one. Only tags that are not in the list will be fetched with the exception on the special tag named: latest, which will be fetched in any case. ------------------------------------------------------------------- Thu Feb 13 17:13:27 CET 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Fix build target ------------------------------------------------------------------- Thu Feb 13 17:12:32 CET 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.1.5 → 1.1.6 ------------------------------------------------------------------- Thu Feb 13 17:10:23 CET 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Prevent compression for skopeo copy target The skopeo copy call is used as a trigger to the CNCF distribution server that runs as a proxy in a container instance. The actual result of the copy process lands in /dev/null and if we can prevent that data from being compressed it will safe us some computer power of the system. This is related to Issue #34 ------------------------------------------------------------------- Wed Feb 12 09:56:08 CET 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Limit the number of parallel copies Limit the number of simultaneous layer copies to 5. If we find out this is fixing the high load issue we can make this number a commandline option. This is related to Issue #34 ------------------------------------------------------------------- Wed Feb 12 09:48:45 CET 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Reduce max-requests to 1 For testing high load situations make sure there is only one active skopeo process. Related to Issue #34 ------------------------------------------------------------------- Wed Feb 12 09:37:23 CET 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Drop tox requirement ------------------------------------------------------------------- Tue Jan 14 16:37:59 CET 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.1.4 → 1.1.5 ------------------------------------------------------------------- Tue Jan 07 16:44:44 CET 2025 - Marcus Schäfer <marcus.schaefer@suse.com> - Added a runtime cleanup prior service startup Older versions of podman uses the /tmp directory for the runroot of the rootless podman storage. This causes an issue if there are runtime artifacts from older container instances left on the system. To avoid a service startup error this commit adds a pre step to the systemd service which removes any stale /tmp/containers-user-ID directory. ------------------------------------------------------------------- Mon Sep 16 19:40:46 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Add catalog retry for get_catalog_podman_search If the catalog search fails on a podman search error, retry the connection and don't give up too early ------------------------------------------------------------------- Mon Sep 16 18:45:57 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Add delay time for service restart When cgyle starts the intermediate container to do the job and something fails, then cgyle exits with an exit code != 0. At the same time but disconnected from the cgyle process controlled by systemd the podman command running in the background ends and cleans up its resources. I can imagine that systemd tries to immediately start a new cgyle process while the podman cleanup of the former is not yet complete. A second run of the container on the same network port leads to conflict. This commit adds a restart delay to prevent this condition ------------------------------------------------------------------- Thu Sep 12 15:40:06 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.1.3 → 1.1.4 ------------------------------------------------------------------- Thu Sep 12 15:14:10 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Prevent thundering herd condition The infrastructure runs several network bandwidth consuming processes potentially at the same time. To avoid this add a random delay on the timer. In addition we found that the hard stop in the service file hits us in the production environment. Let's add a restart condition on failure for this case too ------------------------------------------------------------------- Fri Sep 06 11:59:02 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.1.2 → 1.1.3 ------------------------------------------------------------------- Thu Sep 05 20:24:21 CEST 2024 - Robert Schweikert <rjschwei@suse.com> - Limit the number of copy tries skopeo may end up in an endless loop attempting to copy a specific container. This creates a problem in an automated environment such as cgyle potentially causing endless runtime. We limit the number of attempts we let skopeo take to copy a given container to 5. This allows us to move on and copy other containers. The next time cgyle runs we will try the previously failed container again. ------------------------------------------------------------------- Thu Sep 05 15:11:42 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Make sure cgyle runtime is limited The sync process is run by a timer of 6h at the moment. If the service is still running when the timer kicks in, no restart will happen. In cgyle each container is fetched by its own skopeo copy process. We found situations in which that copy process receives an error and reconnects in a loop forever. As of today there is no way to tell skopeo to stop this iteration after some time and I also believe there is a bug in skopeo causing this because a simple restart of the cgyle service fixes the issue. For us it's important that the cgyle process is not blocked forever. Thus this commit suggest a max runtime controlled by systemd of 5h. ------------------------------------------------------------------- Fri Aug 16 09:25:04 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.1.1 → 1.1.2 ------------------------------------------------------------------- Thu Aug 15 16:10:28 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Added sanity check/cleanup for the scheduler state The CNCF distribution registry stores scheduler metadata in the file scheduler-state.json. Per issue report at https://github.com/distribution/distribution/issues/2374 it can happen that the state file gets corrupted. In the case were we hit this error the JSON file was missing the closing brackets. To recover from this situtation we load the state file and delete it in case of a JSONDecodeError. ------------------------------------------------------------------- Wed Aug 14 18:00:26 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.1.0 → 1.1.1 ------------------------------------------------------------------- Wed Aug 14 17:09:37 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Added cgyle-pubcloud-infra-cleanup Provider cleanup tool to easy upgrade cgyle within the SUSE public cloud infrastructure ------------------------------------------------------------------- Wed Aug 14 10:03:38 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.16 → 1.1.0 ------------------------------------------------------------------- Wed Aug 07 12:19:01 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Update documentation ------------------------------------------------------------------- Wed Aug 07 12:07:09 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Expose registry instance log data Write log file of the registry server running inside of the container when using the local://distribution feature on the host as /var/log/cgyle_proxy.log ------------------------------------------------------------------- Tue Aug 06 20:23:21 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Auto remove container instance Make sure to cleanup properly after container exits ------------------------------------------------------------------- Fri Aug 02 10:37:05 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Update CI worker to ubuntu-latest ------------------------------------------------------------------- Fri Aug 02 10:17:09 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Decouple use of registry container from network When using cgyle in local://distribution mode, we run a container formerly named docker.io/library/registry:latest. If this container does not exist it will be fetched from the network. However, there are regions which doesn't allow this type of network access. To decouple the loading from the network we packaged the container and required it in the spec for cgyle and let cgle load and reference it locally ------------------------------------------------------------------- Tue Jul 02 09:51:11 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.15 → 1.0.16 ------------------------------------------------------------------- Mon Jul 01 10:53:35 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Added min version requirements podman and skopeo has changed caller semantics in the past. Make sure a workable version is required by the package ------------------------------------------------------------------- Wed Jun 12 17:12:17 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.14 → 1.0.15 ------------------------------------------------------------------- Tue Jun 11 16:34:39 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Collect error logs into one file cgyle only keeps the log files of failed caching attempts and wipes the successful ones because there is no meaningful information in a successful caching process other than, the container was cached, which is an information that is still present by reading the log directory tree. The error information from all failed log files will now also be combined into one log file and appended to an eventually existing file. ------------------------------------------------------------------- Mon Jun 03 16:40:19 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.13 → 1.0.14 ------------------------------------------------------------------- Mon May 27 18:38:53 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.12 → 1.0.13 ------------------------------------------------------------------- Mon May 27 18:37:50 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Fix arch selection in list-tags fallback Make sure to return the tag list when using podman search only for container architecture names. ------------------------------------------------------------------- Mon May 27 18:14:38 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.11 → 1.0.12 ------------------------------------------------------------------- Mon May 27 18:12:49 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Use list-tags from podman search as fallback In case skopeo inspect cannot read the manifest because a container comes without a latest tag, fallback to podman search with --list-tags to get the tag list ------------------------------------------------------------------- Mon May 27 16:17:07 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Use registry at /var/lib/rmt/public/repo/registry ------------------------------------------------------------------- Mon May 27 12:07:12 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.10 → 1.0.11 ------------------------------------------------------------------- Mon May 27 12:06:56 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Fix tag list output ------------------------------------------------------------------- Mon May 27 11:47:01 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.9 → 1.0.10 ------------------------------------------------------------------- Mon May 27 11:44:34 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Proper logging of errors on tag list If the tag list cannot be retrieved the error was not reported in a log file and only appears in the systemd journal where it eventually gets clobbered together with many other caching thread data. This commit adds a proper log file for the tag list of the respective container cache request ------------------------------------------------------------------- Mon May 27 10:47:43 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.8 → 1.0.9 ------------------------------------------------------------------- Fri May 17 17:06:44 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Read credentials from file for SUSE service Instead of passing user:pass credentials information on the commandline, use the /etc/rmt.conf file as input source for the credentials ------------------------------------------------------------------- Fri May 17 17:03:34 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Support reading credentials from file Allow options --registry-creds/--proxy-creds to read from file. If the given value is a file in the system it will be used and read as a yaml file in the format of the rmt.conf file ------------------------------------------------------------------- Fri May 17 15:22:41 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Run SUSE service as user _rmt and group nginx The SUSE cgyle service is expected to run as user _rmt ------------------------------------------------------------------- Fri May 17 15:12:22 CEST 2024 - Jesus Bermudez Velazquez <jesusbv@suse.com> - Set the path for the filter-policy option (access policies) file Set the value of --filter-policy on the systemd service ------------------------------------------------------------------- Wed May 15 20:57:56 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Bump version: 1.0.7 → 1.0.8 ------------------------------------------------------------------- Wed May 15 20:53:35 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Added --list-archs option Print all arch names cgyle currently can match ------------------------------------------------------------------- Wed May 15 16:55:53 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Mark systemd service files as config file Make sure local changes don't get overwritten by a package update ------------------------------------------------------------------- Mon May 13 14:58:11 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Update systemd service for SUSE ------------------------------------------------------------------- Fri May 10 16:06:02 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Add support for --arch option Specify a fixed set of architectures to match from an eventually given policy file and from multi-arch containers. The --arch option can be specified multiple times. In case a policy file exists and the path information does not contain any known architecture name it will not be taken into account for the arch matching and stays effective in the policy ------------------------------------------------------------------- Mon Apr 29 17:43:41 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.6 → 1.0.7 ------------------------------------------------------------------- Mon Apr 29 11:38:06 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.5 → 1.0.6 ------------------------------------------------------------------- Mon Apr 29 11:36:50 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Pass credentials directly to skopeo No podman login required ------------------------------------------------------------------- Mon Apr 29 10:50:12 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.4 → 1.0.5 ------------------------------------------------------------------- Fri Apr 26 21:44:05 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Catch error from json decoding ------------------------------------------------------------------- Fri Apr 26 14:25:13 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Allow to pass credentials for local proxy When providing --registry-creds in combination with a local proxy instance setup as --updatecache local://distribution:/some/path, make sure the provided credentials are used in the local distribution proxy configuration. Related to Issue #12 ------------------------------------------------------------------- Fri Apr 26 11:13:08 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - psutil is required but was not added to the spec The psutil module requirement is listed in the pyproject.toml but was forgotten in the package spec. This commit fixes it ------------------------------------------------------------------- Thu Apr 25 15:25:08 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Capture IOErrors as known error for local: target When creating a local output cache make sure to capture IOError's e.g permission denied as possible error caused by that action and report them with a useful error message instead of a stack trace ------------------------------------------------------------------- Thu Apr 25 15:05:12 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Added timer unit and service for registry.suse.com Add systemd unit to run cgyle in local sync mode for a suse policy based sync from registry.suse.com into the default storage space of the distribution server below /var/lib/registry The timer will run every 6h. Sensitive data are stored as placeholders and needs to be set via a provisioning step e.g salt, ansible, etc... There are the following placeholder that needs to be configured properly: * SCC_USER: Username that allows full access to registry.suse.com * SCC_PASS: Password for the SCC_USER * SCC_POLICY: Path to a filename with calalog policy information ------------------------------------------------------------------- Thu Apr 25 14:48:25 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Add option --max-requests Allow to specify the maximum number of parallel container caching requests. Please note all tags of a container are sequentially handled in one request. ------------------------------------------------------------------- Thu Apr 25 14:42:00 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Set log path to /var/log/cgyle ------------------------------------------------------------------- Thu Apr 25 12:30:50 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.3 → 1.0.4 ------------------------------------------------------------------- Wed Apr 24 17:40:18 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Add --proxy-creds commandline option This allows to pass login credentials for the proxy registry. In case an authentication to the proxy registry server is required these credentials are used prior any pull from the proxy. ------------------------------------------------------------------- Tue Apr 16 11:54:41 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Fix policy glob match The current glob to regexp translation assumes a one-or-more match which is not necessarily correct. This commit fixes it and adds a test case with data from the SCC team. ------------------------------------------------------------------- Thu Apr 11 12:55:34 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.2 → 1.0.3 ------------------------------------------------------------------- Thu Apr 11 12:32:48 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Add support for skipping policy sections Add new option --skip-policy-section which can be specified multiple times and only in combination with --policy-file. The provided section names are excluded from the policy file handling if present ------------------------------------------------------------------- Sat Apr 06 20:10:48 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Add thread exit flag ------------------------------------------------------------------- Sat Apr 06 19:55:12 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Add tag count to info message ------------------------------------------------------------------- Fri Apr 05 23:45:44 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Use tag list to trigger requests Retrieve the tag list ourselves and trigger the requests from the list. ------------------------------------------------------------------- Fri Apr 05 21:02:28 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Fix stack pop Don't pop all items from stack, this is wrong and not needed ------------------------------------------------------------------- Fri Apr 05 20:42:10 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Create log file per container sync The information produced by skopeo sync can be very long especially if there are many tags and blobs. Thus instead of floating stdout create files and keep them in case of an error ------------------------------------------------------------------- Fri Apr 05 17:42:49 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Use cgyle specific tmp dir Allow to relink the tmpdir in case of space separation ------------------------------------------------------------------- Fri Apr 05 17:15:08 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Fix directory race condition ------------------------------------------------------------------- Fri Apr 05 16:54:54 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Switch to skopeo sync Only the sync command allows to sync all tags ------------------------------------------------------------------- Thu Apr 04 14:36:33 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Add support for --filter-policy Allows to filter the catalog results according to the given policy file. The policy file is a yaml formatted file in the format provided by the RMT team. ------------------------------------------------------------------- Thu Apr 04 13:32:28 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.1 → 1.0.2 ------------------------------------------------------------------- Thu Apr 04 13:31:54 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Fix spec file Use a generic approach like it is done and accepted in kiwi ------------------------------------------------------------------- Thu Apr 04 11:19:40 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Bump version: 1.0.0 → 1.0.1 ------------------------------------------------------------------- Thu Apr 04 11:17:57 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Add bumpversion config ------------------------------------------------------------------- Thu Apr 04 11:13:39 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Consolidate packaging Update package spec according to public cloud guidelines ------------------------------------------------------------------- Wed Apr 03 10:15:15 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Allow to store OCI archives ------------------------------------------------------------------- Tue Apr 02 18:18:44 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Update documentation ------------------------------------------------------------------- Tue Apr 02 18:17:53 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Update documentation ------------------------------------------------------------------- Tue Apr 02 18:16:48 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Update documentation Fix indentation ------------------------------------------------------------------- Tue Apr 02 18:16:08 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Update documentation ------------------------------------------------------------------- Tue Apr 02 14:00:54 CEST 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Pass along proxy credentials for local cache Also make sure to share the host certificates with the intermediate container ------------------------------------------------------------------- Thu Mar 28 11:31:57 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Add support for local registry cache Using the option setting --updatecache local://distribution:DIR allows to create a local cache in the format of the 'distribution' registry to allow preserving the data tree of this server ------------------------------------------------------------------- Fri Mar 22 17:20:59 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Update README ------------------------------------------------------------------- Thu Mar 21 10:00:56 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Improve usability Make dry-run the default and add an --apply option such that no unwanted cache update happens just because of a forgotten option. Also improve output readability and error handling ------------------------------------------------------------------- Wed Mar 20 10:43:02 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Update cli docs for options ------------------------------------------------------------------- Wed Mar 20 10:35:49 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Fix use of empty search data ------------------------------------------------------------------- Wed Mar 20 10:22:43 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Strip URI protocol name when needed ------------------------------------------------------------------- Wed Mar 20 10:06:18 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Allow to specify creds for the registry catalog ------------------------------------------------------------------- Wed Mar 20 09:53:41 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Differentiate TLS verify Allow option for proxy and for registry separately ------------------------------------------------------------------- Tue Mar 19 12:44:37 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Fixup requires ------------------------------------------------------------------- Tue Mar 19 11:58:09 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Allow use of podman search So far the catalog could be retrieved by a direct API request. However if credentials are needed to read the catalog it is handy to get this information through podman search as it could already hold the authentication information ------------------------------------------------------------------- Tue Mar 19 11:24:35 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Refactor catalog handling ------------------------------------------------------------------- Tue Mar 19 10:41:28 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Check catalog format ------------------------------------------------------------------- Tue Mar 19 10:27:28 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Better error handling ------------------------------------------------------------------- Mon Mar 18 14:49:50 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Allow to build package for SLE15 Not so nice spec change to allow building for SLE with python 3.6 ------------------------------------------------------------------- Fri Mar 15 15:51:17 CET 2024 - Marcus Schäfer <marcus.schaefer@suse.com> - Add github actions ------------------------------------------------------------------- Fri Mar 15 14:48:50 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Update README Be more generic ------------------------------------------------------------------- Fri Mar 15 14:48:07 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Update README Add information how to run from source ------------------------------------------------------------------- Fri Mar 15 14:45:13 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Fix README ------------------------------------------------------------------- Fri Mar 15 14:42:40 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Update README ------------------------------------------------------------------- Fri Mar 15 11:09:04 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Use a thread based model ------------------------------------------------------------------- Fri Mar 15 09:42:55 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Update tests ------------------------------------------------------------------- Fri Mar 15 08:28:00 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com> - Better option names
