Last active
April 23, 2026 15:37
-
-
Save achilleas-k/2a3545edd98cd09acf4c0f402a46752c to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/bash | |
| set -euo pipefail | |
| set -x | |
| # create certs and stuff under ./certs | |
| openssl req -x509 -newkey rsa:4096 -keyout ./certs/server.key \ | |
| -out certs/server.crt -sha256 -days 365 -nodes \ | |
| -subj '/CN=localhost' | |
| # http credentials in ./auth | |
| htpasswd -Bbn beep boop > ./auth | |
| # start registry with certs and credentials | |
| podman run --rm -d \ | |
| -p 5000:5000 \ | |
| --name registry \ | |
| --volume ./regconf.yaml:/etc/distribution/config.yml \ | |
| --volume ./certs:/certs \ | |
| --volume ./auth:/auth \ | |
| registry:3 | |
| tmpdir=$(mktemp -d) | |
| cleanup() { | |
| podman kill registry || true | |
| podman manifest rm hello || true | |
| rm -rf "${tmpdir}" || true | |
| } | |
| trap cleanup EXIT | |
| podman login --authfile="${tmpdir}/auth.json" --tls-verify=false localhost:5000 --username=beep --password=boop | |
| # pull some base containers to add to the registry | |
| podman pull --authfile="${tmpdir}/auth.json" quay.io/centos/centos:stream9 quay.io/centos/centos:stream10 quay.io/fedora/fedora:43 | |
| # push the centos and fedora containers to the registry | |
| podman push --authfile="${tmpdir}/auth.json" --tls-verify=false quay.io/centos/centos:stream9 docker://localhost:5000/centos/centos:stream9 | |
| podman push --authfile="${tmpdir}/auth.json" --tls-verify=false quay.io/centos/centos:stream10 docker://localhost:5000/centos/centos:stream10 | |
| podman push --authfile="${tmpdir}/auth.json" --tls-verify=false quay.io/fedora/fedora:43 docker://localhost:5000/fedora/fedora:43 | |
| # create a simple Containerfile which is slightly different for two platforms | |
| # and build a manifest-list out of it, so we can push a multi-arch tag to the | |
| # registry | |
| pushd "${tmpdir}" | |
| echo "Hello" > hi.txt | |
| cat > Containerfile << EOF | |
| FROM alpine:latest | |
| ARG TARGETARCH | |
| COPY hi.txt / | |
| RUN echo \${TARGETARCH} >> /hi.txt | |
| EOF | |
| podman manifest create hello | |
| podman build --platform linux/amd64,linux/arm64 --manifest hello . | |
| podman manifest push --authfile="${tmpdir}/auth.json" --all --tls-verify=false hello docker://localhost:5000/hello | |
| popd | |
| # follow the logs until we're done | |
| podman logs --follow registry |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment