Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

📝 Add quickstart docs #204

Merged
merged 1 commit into from
Oct 9, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
129 changes: 129 additions & 0 deletions docs/docs/configuration.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,129 @@
---
title: Configuration
---

``` yaml
log:
level: debug
# proxy for another registry(eg: docker.io) log level
proxyLevel: info

database:
# The database type to use. Supported types are: sqlite3, mysql, postgresql
type: sqlite3
sqlite3:
path: sigma.db
mysql:
host: localhost
port: 3306
user: sigma
password: sigma
dbname: sigma
postgresql:
host: localhost
port: 5432
user: sigma
password: sigma
dbname: sigma
sslmode: disable

redis:
# redis type available: none, external
# none: means never use redis
# external: means use the specific redis instance
type: none
url: redis://:sigma@localhost:6379/0

cache:
# the cache type available is: redis, inmemory, database
type: redis
inmemory:
size: 10240
redis:
ttl: 72h
database:
size: 10240
threshold: 0.2

workqueue:
# the workqueue type available: redis, kafka, database
type: redis
redis:
concurrency: 10
kafka: {}
database: {}

locker:
# the locker type available: redis, database
type: database
database: {}
redis: {}

namespace:
# push image to registry, if namespace not exist, it will be created automatically
autoCreate: false
# the automatic created namespace visibility, available: public, private
visibility: public

http:
# endpoint can be a domain or domain with port, eg: http://sigma.test.io, https://sigma.test.io:30080, http://127.0.0.1:3000
# this endpoint will be used to generate the token service url in auth middleware,
# you can leave it blank and it will use http://127.0.0.1:3000 as internal domain by default,
# because the front page need show this endpoint.
endpoint:
# in some cases, daemon may pull image and scan it, but we don't want to pull image from public registry domain,
# so use this internal domain to pull image from registry.
# you can leave it blank and it will use http://127.0.0.1:3000 as internal domain by default.
# in k8s cluster, it will be set to the distribution service which is used to pull image from registry, eg: http://registry.default.svc.cluster.local:3000
# in docker-compose, it will be set to the registry service which is used to pull image from registry, eg: http://registry:3000
# eg: http://sigma.test.io, http://sigma.test.io:3000, https://sigma.test.io:30080
internalEndpoint:
tls:
enabled: false
certificate: ./conf/sigma.test.io.crt
key: ./conf/sigma.test.io.key
storage:
rootdirectory: ./storage
type: filesystem
filesystem:
path: /var/lib/sigma/oci/
s3:
ak: sigma
sk: sigma-sigma
endpoint: http://127.0.0.1:9000
region: cn-north-1
bucket: sigma
forcePathStyle: true
# Notice: the tag never update after the first pulled from remote registry, unless you delete the image and pull again.
proxy:
enabled: false
endpoint: https://registry-1.docker.io
tlsVerify: true
username: ""
password: ""
daemon:
gc:
# if blob not associate with artifact
retention: 72h
# At 02:00 on Saturday
cron: 0 2 * * 6
auth:
internalUser:
username: internal-sigma
password: internal-sigma
admin:
username: sigma
password: sigma
token:
realm: ""
service: ""
jwt:
ttl: 1h
refreshTtl: 24h
privateKey: "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSB"
oauth2:
github:
clientId: "e5f9fa9e372dfac66aed"
clientSecret: "49ab83f4d0665f8579516f7a3f2f753a6a57189b"

```
41 changes: 41 additions & 0 deletions docs/docs/push/docker.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
---
title: Docker
description: Push image to sigma
---

# Push image to sigma

### Push single image to sigma

``` sh
docker pull redis:7
docker tag redis:7 127.0.0.1:3000/library/redis:7
docker push 127.0.0.1:3000/library/redis:7
```

### Push multiarch image to sigma

Create 'buildkit.toml' with content:

``` toml
[registry."10.3.201.221:3000"] # replace it with your host ip
http = true
```

Create buildx instance:

``` sh
docker buildx create --use --config ./buildkit.toml
```

Create Dockerfile with content:

``` dockerfile
FROM alpine:3.18
```

Push multiarch image to sigma:

``` sh
docker buildx build --platform linux/amd64,linux/arm64 --tag 10.3.201.221:3000/library/alpine:3.18.0 --file alpine.Dockerfile --push .
```
39 changes: 39 additions & 0 deletions docs/docs/push/helm.mdx
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
---
title: Helm
description: Push helm chart to sigma
---

# Push helm chart to sigma

### Generate a sample helm chart

``` sh
helm create demo
```

This command will create 'demo' directory, and a sample helm chart in it.

``` sh
helm package demo
```

Run this command outside the 'demo' directory, and you will get a file which named 'demo-0.1.0.tgz'.

### Push the helm chart to sigma

Note: before helm version v3.13.0, it doesn't support push helm chart to OCI registry over HTTP, you must use HTTPS.
You can see the v3.13.0 [release note](https://github.com/helm/helm/releases/tag/v3.13.0).

Before helm version v3.13.0:

``` sh
helm registry login --insecure -u sigma -p sigma 127.0.0.1:3000
helm push demo-0.1.0.tgz oci://127.0.0.1:3000/library/demo --insecure-skip-tls-verify
```

After helm version v3.13.0:

``` sh
helm registry login -u sigma -p sigma 127.0.0.1:3000
helm push demo-0.1.0.tgz oci://127.0.0.1:3000/library/demo --plain-http
```
16 changes: 15 additions & 1 deletion docs/docs/quickstart.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,18 @@ Let's discover **sigma in less than 5 minutes**.

## Getting Started

...
Run sigma in Docker. If you want to use the builder, Docker version should be used latest.

``` sh
docker run --name sigma -v /home/admin/config:/etc/sigma \
-v /var/run/docker.sock:/var/run/docker.sock -p 443:3000 \
-d ghcr.io/go-sigma/sigma:nightly-alpine
```

Push image to sigma.

``` sh
docker pull redis:7
docker tag redis:7 127.0.0.1:3000/library/redis:7
docker push 127.0.0.1:3000/library/redis:7
```
2 changes: 1 addition & 1 deletion docs/docusaurus.config.js
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@ const config = {
],
},
prism: {
theme: lightCodeTheme,
theme: require('prism-react-renderer/themes/dracula'),
darkTheme: darkCodeTheme,
},
}),
Expand Down
10 changes: 5 additions & 5 deletions docs/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -15,18 +15,18 @@
"typecheck": "tsc"
},
"dependencies": {
"@docusaurus/core": "2.4.1",
"@docusaurus/preset-classic": "2.4.1",
"@docusaurus/core": "2.4.3",
"@docusaurus/preset-classic": "2.4.3",
"@mdx-js/react": "^1.6.22",
"clsx": "^1.2.1",
"prism-react-renderer": "^1.3.5",
"react": "^17.0.2",
"react-dom": "^17.0.2"
},
"devDependencies": {
"@docusaurus/module-type-aliases": "2.4.1",
"@tsconfig/docusaurus": "^1.0.5",
"typescript": "^4.7.4"
"@docusaurus/module-type-aliases": "2.4.3",
"@tsconfig/docusaurus": "^2.0.1",
"typescript": "^5.2.2"
},
"browserslist": {
"production": [
Expand Down
23 changes: 13 additions & 10 deletions docs/sidebars.js
Original file line number Diff line number Diff line change
Expand Up @@ -13,21 +13,24 @@

/** @type {import('@docusaurus/plugin-content-docs').SidebarsConfig} */
const sidebars = {
// By default, Docusaurus generates a sidebar from the docs folder structure
tutorialSidebar: [{type: 'autogenerated', dirName: '.'}],

// But you can create a sidebar manually
/*
tutorialSidebar: [
'intro',
'hello',
{
type: 'category',
label: 'Tutorial',
items: ['tutorial-basics/create-a-document'],
label: 'Getting Started',
items: [
'quickstart',
],
},
'configuration',
{
type: 'category',
label: 'Push to sigma',
items: [
'push/docker',
'push/helm',
],
},
],
*/
};

module.exports = sidebars;
Loading
Loading