Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set up private registry on Amazon ECR #4031

Closed
hannes-ucsc opened this issue Apr 2, 2022 · 4 comments
Closed

Set up private registry on Amazon ECR #4031

hannes-ucsc opened this issue Apr 2, 2022 · 4 comments
Assignees
@hannes-ucsc
Labels
+ [priority] High compliance [subject] Information and software security demo [process] To be demonstrated at the end of the sprint demoed [process] Successfully demonstrated to team enh [type] New feature or request infra [subject] Project infrastructure like CI/CD, build and deployment scripts orange [process] Done by the Azul team ssp [process] Resolution is reflected in SSP

Comments

@hannes-ucsc
Copy link
Member

hannes-ucsc commented Apr 2, 2022
edited
Loading

Data Browser System Overview - Logging Monitoring

Also, make sure that docker running on the host in GitLab can only pull from that registry, and only images that a developer has manually uploaded to the registry. This might require some experimentation but I think it involves configuring the private registry as a mirror.

For demo, SSH into the dev instance of GitLab, pull an image that was previously uploaded to the private registry. The pull should succeed. You may need to delete the locally cached image to ensure that the image is actually pulled. Repeat with an image that was not uploaded to the private registry.
@github-actions github-actions bot added the orange [process] Done by the Azul team label Apr 2, 2022
@theathorn theathorn added enh [type] New feature or request infra [subject] Project infrastructure like CI/CD, build and deployment scripts compliance [subject] Information and software security labels Apr 4, 2022
@hannes-ucsc hannes-ucsc changed the title Set-up Amazon Elastic Container Registry Set up private registry on Amazon ECR May 13, 2022
@hannes-ucsc hannes-ucsc mentioned this issue May 17, 2022
Closed
@hannes-ucsc hannes-ucsc removed the urgent label Dec 8, 2022
@hannes-ucsc hannes-ucsc added the + [priority] High label Feb 24, 2023
@hannes-ucsc
Copy link
Member Author

Diagram needs to be updated.

@dsotirho-ucsc dsotirho-ucsc self-assigned this Feb 24, 2023
@dsotirho-ucsc
Copy link
Contributor

Diagram needs to be updated.

done.

@hannes-ucsc hannes-ucsc mentioned this issue Feb 28, 2023
Closed
@bvizzier-ucsc bvizzier-ucsc added this to the AnVIL Public Release milestone May 2, 2023
hannes-ucsc added a commit that referenced this issue May 8, 2023
@hannes-ucsc
Setup and scan ECR registry for upstream images (#4031, #4032, #4177)
24a051d
hannes-ucsc added a commit that referenced this issue May 12, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
1650776 
)
hannes-ucsc added a commit that referenced this issue May 12, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
4cd2c06 
)
hannes-ucsc added a commit that referenced this issue May 13, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
e6b8a63 
)
hannes-ucsc added a commit that referenced this issue May 16, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
8b43778 
)
hannes-ucsc added a commit that referenced this issue May 16, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
1c16fc8 
)
hannes-ucsc added a commit that referenced this issue May 16, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
1f93113 
)
hannes-ucsc added a commit that referenced this issue May 19, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
1b3591e 
)
hannes-ucsc added a commit that referenced this issue May 23, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
a3dafab 
)
hannes-ucsc added a commit that referenced this issue May 23, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
e8009a7 
)
hannes-ucsc added a commit that referenced this issue May 26, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
ef9c21f 
)
hannes-ucsc added a commit that referenced this issue May 30, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
61793f6 
)
hannes-ucsc added a commit that referenced this issue May 30, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
7fb1819 
)
hannes-ucsc added a commit that referenced this issue Jun 2, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
94ad0c0 
)
@hannes-ucsc hannes-ucsc mentioned this issue Jun 2, 2023
Merged
99 tasks
hannes-ucsc added a commit that referenced this issue Jun 2, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
6c1e94a 
)
hannes-ucsc added a commit that referenced this issue Jun 3, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
46b7586 
)
hannes-ucsc added a commit that referenced this issue Jun 3, 2023
@hannes-ucsc
[R] Setup and scan ECR registry for upstream images (#4031, #4032, #4177
919670e 
)
hannes-ucsc added a commit that referenced this issue Jun 4, 2023
@hannes-ucsc
[u R] Setup and scan ECR registry for upstream images (#4031, #4032, #…
b2b8baf 
…4177)
hannes-ucsc added a commit that referenced this issue Jun 5, 2023
@hannes-ucsc
[u R] Setup and scan ECR registry for upstream images (#4031, #4032, #…
57125d5 
…4177)
hannes-ucsc added a commit that referenced this issue Jun 5, 2023
@hannes-ucsc
[u R] Prepare platform-anvil-prod (#5015, #4031, #4032, #4177, #5077,…
92c207b 
… PR #5184)
@hannes-ucsc
Copy link
Member Author

hannes-ucsc commented Jun 6, 2023
edited
Loading

For demo, show ECR in anvilprod. Show how public images are being mirrored into the private ECR as part of shared deployment.

@hannes-ucsc hannes-ucsc added demo [process] To be demonstrated at the end of the sprint demoed [process] Successfully demonstrated to team labels Jun 6, 2023
@nolunwa-ucsc
Copy link

updated in the ssp

@hannes-ucsc hannes-ucsc added the ssp [process] Resolution is reflected in SSP label Jul 21, 2023
@dsotirho-ucsc dsotirho-ucsc removed this from the AnVIL Public Release milestone Oct 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hannes-ucsc hannes-ucsc

Labels
+ [priority] High compliance [subject] Information and software security demo [process] To be demonstrated at the end of the sprint demoed [process] Successfully demonstrated to team enh [type] New feature or request infra [subject] Project infrastructure like CI/CD, build and deployment scripts orange [process] Done by the Azul team ssp [process] Resolution is reflected in SSP
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@hannes-ucsc @bvizzier-ucsc @theathorn @dsotirho-ucsc @nolunwa-ucsc