migrate from container registry to artifact registry #4626
Comments
|
Despite saying writes are unavailable, it actually seems to be working intermittently. So this needs to be fixed soon, but the deploy to deal with ossf/scorecard-webapp#774 seems to have worked for now. |
|
One option of this migration is
Currently we generate ~8 docker images on every commit push, which over 4 years is a lot. We don't need that majority of these images anymore. Consumer facing images:
Our own infrastructure (no need to necessarily be public)
However, @justaugustus mentioned we should save any semantically tagged image (which should include |
|
In terms of avoiding this bloat going forward:
Moving the Scorecard cron infra to GHCR would require more thought, since we need to be able to modify which images are tagged as |
|
Here are all the currently tagged Scorecard images gcloud container images list-tags gcr.io/openssf/scorecard --format=json > tags.json
jq ".[].tags | select(length > 0)" tags.json | grep -vE "[a-f0-9]{40}" | grep "\""
|
|
Manually pulled all of these tags with a simple bash script (shown for scorecard, but done for all 3): versions=(
latest
stable
v5.1.1
v5.1.0
v5.0.0
v5.0.0-rc2
v5.0.0-rc1
v4.13.1
v4.13.0
v4.12.0
v4.11.0
v4.10.5
v4.10.4
v4.10.3
v4.10.2
v4.10.1
v4.9.1
v4.10.0
v4.9.0
v4.8.0
v4.7.0
v4.6.0
v4.5.0
v4.4.0
v4.3.1
v4.3.0
v4.2.0
v4.1.0
v4.0.1
v4.0.0
v3.2.1
v3.1.1
v3.1.0
v3.0.1
v3.0.0
v2.2.8
v2.2.7
v2.2.6
v2.2.5
v2.2.4
v2.2.3
v2.1.3
v2.1.2
v2.1.1
tag1
tag2
v2.1.0
v2.0.0
v1.0.0
v1
)
for i in "${versions[@]}"; do
docker pull gcr.io/openssf/scorecard-action:$i
done |
|
A quick estimation is roughly 18,000 images, at roughly 20MB per image. or 350 GB, which under Artifact Registry pricing would be $35/month. Bringing over all images for now may be simplest. |
https://cloud.google.com/container-registry/docs/deprecations/container-registry-deprecation
The text was updated successfully, but these errors were encountered: