my problem is the following, I need to update a code base where I get the image configuration from a Docker ACR Registry. In the original code the followings are done:
Get the manifest of the image using image and tag using this API
Read the digest of the image from the retrieved manifest
Get the image configuration using the GET /v2/{image}/blobs/{digest} API.
Unfortunately the step 1 is not working anymore, because the endpoint I am using is providing me back the manifest WITHOUT the "config" section.
E.G. this is a kind of what I am getting:
{ "schemaVersion": 1, "name": "image", "tag": "tag", "architecture": "amd64", "fsLayers": ... }
Therefore I am unable to get the data I need, so my question is:
How do I have to do to retrieve the Image Configuration in this scenario? And eventually do you know any way to get the digest of an image using image and tag parameters?
Thank You in Advance
I tried to read the AZURE documentation, reading about the /v2/ endpoints with lack of luck
Related
I've attempted to enable Read-only user attributes in Keycloak as per the docs: https://www.keycloak.org/docs/latest/server_admin/
However the documented configuration does not actually prevent a user from changing their attributes.
Using Keycloak 15.0.0 with the regular Docker image from docker hub
Made a .cli file and added it to my Docker image, built from
FROM jboss/keycloak:15.0.0
ADD RESTRICT_USER_ATTRIBUTES.cli /opt/jboss/startup-scripts/
With contents of RESTRICT_USER_ATTRIBUTES.cli:
embed-server --server-config=standalone-ha.xml --std-out=echo
batch
/subsystem=keycloak-server/spi=userProfile/:add
/subsystem=keycloak-server/spi=userProfile/provider=legacy-user-profile/:add(properties={},enabled=true)
/subsystem=keycloak-server/spi=userProfile/provider=legacy-user-profile/:map-put(name=properties,key=read-only-attributes,value=[myUserAttribute])
run-batch
stop-embedded-server
The .cli file is processed according to the log. I can exec into the docker instance and check the configuration using jboss-cli.sh.
But the end user can freely edit myUserAttribute using Postman or another tool.
What am i doing wrong here?
I just had this issue, and it seems the documentation is out-of-date.
They changed the provider name, probably in 15.0.0.
Try changing your cli script to:
# ...
/subsystem=keycloak-server/spi=userProfile/:add
/subsystem=keycloak-server/spi=userProfile/provider=declarative-user-profile/:add(properties={},enabled=true)
/subsystem=keycloak-server/spi=userProfile/provider=declarative-user-profile/:map-put(name=properties,key=read-only-attributes,value=[myUserAttribute])
# ...
I'm using CDK for a while and I'm not sure yet which is the best way to launch a stack that create an ECR repository, building and sending a docker image to ECR.
My last try was something like that:
taskDefinition.addContainer("container", {
image: new AssetImage('./', {
repositoryName: "name"
})
});
But there is an issue on this approach, the repositoryName is deprecated at AssetImage class and it looks deprecated everywhere.
Can someone tells how can we launch this kind of stuff?
The code you are showing is not building an ECR and instead, deploying an ECS task definition.
If you are trying to build the docker image at deployment time, CDK has a handy funcionality to do both at the same time with assets:
image: ecs.ContainerImage.fromAsset('./image') // build and upload an image directly from a Dockerfile in your source directory.
Otherwise, please check the Image options available in the docs: https://docs.aws.amazon.com/cdk/api/latest/docs/aws-ecs-readme.html#images
The answer from Pedreiro shows the right way to build and upload an image. CDK will automatically create an ECR repository for you in that case.
I highly recommend to use the aws-ecs-patterns module to get stared with ECS on CDK. It provides already some common use cases where you can deploy an ECS service with very little code. The overview page is a good starting point: https://docs.aws.amazon.com/cdk/api/latest/docs/aws-ecs-patterns-readme.html
But in the unlikely case you wanted to just create an ECR repository using CDK you can do it like this:
const repository = new ecr.Repository(this, 'Repository');
Check out the corresponding docs: https://docs.aws.amazon.com/cdk/api/latest/docs/aws-ecr-readme.html
Notice there's an issue with
image: ecs.ContainerImage.fromAsset('./image')
https://github.com/aws/aws-cdk/issues/2663
where you can not specify a tag, as a result in the ECS task it by default go for the latest, and the pull img will fail
Based on question Can't read from file issue in Swagger UI
So what i need is disable validatorUrl but for docker image (swaggerapi/swagger-ui:v3.34.0) using environment variable. Is that possible?
I've tried to put swagger-config.yaml with content: validatorUrl: none into /usr/share/nginx/html inside docker image - it didn't help
I need to execute integration testing using Python code and Selenium HUB driver.
I'm planning to use remote driver (I'm using Selenium HUB docker image on https://github.com/SeleniumHQ/docker-selenium).
I am unable to figure out how to create a persistent profile in the Selenium HUB image and recall from remote webdriver.
I guess I need to first create the profile on Selenium HUB, than recall in the python code:
chrome_options = webdriver.ChromeOptions()
chrome_options.add_argument('user-data-dir=##remotepath')
browser = webdriver.Remote(command_executor='http://127.0.0.1:4444/wd/hub',desired_capabilities = chrome_options.to_capabilities())
browser.get('http://www.google.it')
session_id = browser.session_id
How can I create the "user data dir" profile on docker selenium hub image?
Thx
UPDATE
I run "chrome:\version" and I was able to identify the profile
I was able to specify it in the 'user-data-dir' param but, after committing on docker, when re-launching the image, the path change.
Is it there any way to make it persistent?
UPDATE 2
I've created a folder "/etc/opt/chrome/profile/maya"
I've created a test_policy.json file:
{
"UserDataDir": "/etc/opt/chrome/profile/maya"
}
placed in this directory:
/etc/opt/chrome/policies/managed
When I try to execute the "chrome://policy/" I see this:
Indicating something is wrong:
You can add custom path to chrome using chrome://policy and later add that policy files to docker images.
Try the policy setup manually to assert if this approach works for you. While trying make sure you created valid policy file. Detailed steps are here.
Available policy list
Adding Steps in docker file.
3.1. Creating folder as mentioned in step-1
3.2. Copying the policy file tested in step-1
Build the docker image and use it.
PS: This approach works for me as I did some customization in chrome. Let me know in case you need more information.
What is the main Bower registry URL?
We're trying to set up Bower to use our registry first, then the "official" Bower registry second.
We've created our own little Bower registry based on the endpoints exposed in [bower/registry]1. Works great.
Based on this doc, it looks like we need to create a .bowerrc file with an array of registries like
{
"registry": {
"search": [
"http://myCustomRegistry/api",
"theMainBowerRegistry"
]
}
}
Works fine for use my custom registry, but I can't find the URL for the main Bower registry. Anyone?
The default registry URL is => https://bower.herokuapp.com
Now it is https://registry.bower.io
https://twitter.com/bower/status/908359136601133056
See the explanation https://gist.github.com/sheerun/c04d856a7a368bad2896ff0c4958cb00
The default registry as of now is https://raw.githubusercontent.com/bower/components/1.0.0 for anyone looking in 2017. Entering this into my .bowerrc file solved my ECONNRESET errors. Bower moved away from the herokuapp repository it was using to Github.
The link to Bower's link on Twitter describing this move is linked below.
https://twitter.com/bower/status/796046017133211648
Actually, it's just https://bower.herokuapp.com. /packages is part of the REST API routes, which would create redundant URL segments in your Bower requests (e.g. https://bower.herokuapp.com/packages/search/bootstrap`).