docker-compose: add paused skopeo container

This is to work around Quay's inability to handle split-view DNS and port-forwards. Using the API over localhost means clair can't talk to quay, and using the container name means the host can't talk to quay over the port forward. The solution I hit on is to just have a waiting container with skopeo. The documentation is updated to not recommend spinning up quay by default, and to mention how to use this odd container arrangement. Signed-off-by: Hank Donnay <[email protected]>
quay · Nov 3, 2021 · 44205d2 · 44205d2
1 parent 52a018a
commit 44205d2
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 10 deletions.
diff --git a/Documentation/howto/testing.md b/Documentation/howto/testing.md
@@ -32,7 +32,9 @@ See [Install Golang](https://golang.org/doc/install)
 ```
 git clone [email protected]:quay/clair.git
 cd clair
-make local-dev-quay
+docker-compose up -d # or: make local-dev
+# or to start with debugging tools: make local-dev-debug
+# or to start with a quay: make local-dev-quay
 ```
 
 After the local development environment successfully starts, the following infrastructure is available to you:
@@ -59,17 +61,11 @@ Creating an account named `admin` will ensure you are a super user.
 An email is required, but is not validated.
 You'll also need to create a namespace.
 
-The easiest way to push to Quay is using podman:
+To push to Quay, you'll need to exec into the skopeo container:
 
+```sh
+podman exec -it quay-skopeo /usr/bin/skopeo copy --dst-creds '<user>:<pass>' --dst-tls-verify=false <src> clair-quay:8080/<namespace>/<repo>:<tag>
 ```
-podman pull ubuntu:latest
-podman login --tls-verify=false localhost:8443 # use account created in above steps
-podman tag ubuntu:latest localhost:8443/<namespace>/<repo>:latest
-podman push --tls-verify=false localhost:8443/<namespace>/<repo>:latest
-```
-
-Using docker to push is possible, however you will need to add "localhost:8443" as an insecure repository.
-See [Insecure Repository](https://docs.docker.com/registry/insecure/)
 
 ## Viewing Results
 

diff --git a/docker-compose.yaml b/docker-compose.yaml
@@ -12,6 +12,7 @@ x-anchors:
   quay: &quay-image quay.io/projectquay/quay:latest
   redis: &redis-image docker.io/library/redis:6.2
   go: &go-image quay.io/projectquay/golang:1.17
+  skopeo: &skopeo-image quay.io/skopeo/stable:latest
   clair-service: &clair-service
     image: *go-image
     depends_on:
@@ -195,3 +196,11 @@ services:
       - quay
     environment:
       CLAIR_MODE: "notifier"
+  skopeo:
+    container_name: quay-skopeo
+    profiles:
+      - quay
+    image: *skopeo-image
+    entrypoint:
+      - sleep
+      - inf