https://github.com/cloudflare/serverless-registry Skip to content Navigation Menu Toggle navigation Sign in * Product + Actions Automate any workflow + Packages Host and manage packages + Security Find and fix vulnerabilities + Codespaces Instant dev environments + GitHub Copilot Write better code with AI + Code review Manage code changes + Issues Plan and track work + Discussions Collaborate outside of code Explore + All features + Documentation + GitHub Skills + Blog * Solutions By size + Enterprise + Teams + Startups By industry + Healthcare + Financial services + Manufacturing By use case + CI/CD & Automation + DevOps + DevSecOps * Resources Topics + AI + DevOps + Security + Software Development + View all Explore + Learning Pathways + White papers, Ebooks, Webinars + Customer Stories + Partners * Open Source + GitHub Sponsors Fund open source developers + The ReadME Project GitHub community articles Repositories + Topics + Trending + Collections * Enterprise + Enterprise platform AI-powered developer platform Available add-ons + Advanced Security Enterprise-grade security features + GitHub Copilot Enterprise-grade AI features + Premium Support Enterprise-grade 24/7 support * Pricing Search or jump to... Search code, repositories, users, issues, pull requests... Search [ ] Clear Search syntax tips Provide feedback We read every piece of feedback, and take your input very seriously. [ ] [ ] Include my email address so I can be contacted Cancel Submit feedback Saved searches Use saved searches to filter your results more quickly Name [ ] Query [ ] To see all available qualifiers, see our documentation. Cancel Create saved search Sign in Sign up Reseting focus You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session. Dismiss alert {{ message }} cloudflare / serverless-registry Public * Notifications You must be signed in to change notification settings * Fork 24 * Star 487 A Docker registry backed by Workers and R2. License Apache-2.0 license 487 stars 24 forks Branches Tags Activity Star Notifications You must be signed in to change notification settings * Code * Issues 3 * Pull requests 4 * Actions * Projects 0 * Security * Insights Additional navigation options * Code * Issues * Pull requests * Actions * Projects * Security * Insights cloudflare/serverless-registry This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository. main BranchesTags Go to file Code Folders and files Name Name Last commit Last commit message date Latest commit History 42 Commits .github/workflows .github/workflows src src .gitignore .gitignore .prettierrc.js .prettierrc.js CONTRIBUTING.md CONTRIBUTING.md LICENSE LICENSE README.md README.md index.test.ts index.test.ts index.ts index.ts package.json package.json pnpm-lock.yaml pnpm-lock.yaml tsconfig.base.json tsconfig.base.json tsconfig.json tsconfig.json vitest.config.ts vitest.config.ts wrangler.toml.example wrangler.toml.example View all files Repository files navigation * README * Code of conduct * Apache-2.0 license * Security Container Registry in Workers This repository contains a container registry implementation in Workers that uses R2. It supports all pushing and pulling workflows. It also supports Username/Password and public key JWT based authentication. Deployment You have to install all the dependencies with pnpm (other package managers may work, but only pnpm is supported.) $ pnpm install After installation, there is a few steps to actually deploy the registry into production: 1. Have your own wrangler file. $ cp wrangler.toml.example wrangler.toml 2. Setup the R2 Bucket for this registry $ npx wrangler --env production r2 bucket create r2-registry Add this to your wrangler.toml r2_buckets = [ { binding = "REGISTRY", bucket_name = "r2-registry"} ] 3. Deploy your image registry $ npx wrangler deploy --env production Your registry should be up and running. It will refuse any requests if you don't setup credentials. Adding username password based authentication Set the USERNAME and PASSWORD as secrets with npx wrangler secret put USERNAME --env production and npx wrangler secret put PASSWORD --env production. Adding JWT authentication with public key You can add a base64 encoded JWT public key to verify passwords (or token) that are signed by the private key. npx wrangler secret put JWT_REGISTRY_TOKENS_PUBLIC_KEY --env production Using with Docker You can use this registry with Docker to push and pull images. Example using docker push and docker pull: export REGISTRY_URL=your-url-here # Replace $PASSWORD and $USERNAME with the actual credentials echo $PASSWORD | docker login --username $USERNAME --password-stdin $REGISTRY_URL docker pull ubuntu:latest docker tag ubuntu:latest $REGISTRY_URL/ubuntu:latest docker push $REGISTRY_URL/ubuntu:latest # Check that pulls work docker rmi ubuntu:latest $REGISTRY_URL/ubuntu:latest docker pull $REGISTRY_URL/ubuntu:latest Configuring Pull fallback You can configure the R2 regitry to fallback to another registry if it doesn't exist in your R2 bucket. It will download from the registry and copy it into the R2 bucket. In the next pull it will be able to pull it directly from R2. This is very useful for migrating from one registry to serverless-registry. It supports both Basic and Bearer authentications as explained in the registry spec. In the wrangler.toml file: [env.production] REGISTRIES_JSON = "[{ \"registry\": \"https://url-to-other-registry\", \"password_env\": \"REGISTRY_TOKEN\", \"username\": \"username-to-use\" }]" Set as a secret the registry token of the registry you want to setup pull fallback in. For example gcr: cat ./registry-service-credentials.json | base64 | wrangler --env production secrets put REGISTRY_TOKEN Github for example uses a simple token that you can copy. echo $GITHUB_TOKEN | wrangler --env production secrets put REGISTRY_TOKEN The trick is always looking for how you would login in Docker for the target registry and setup the credentials. Never put a registry password/token inside the wrangler.toml, please always use wrangler secrets put Known limitations Right now there is some limitations with this container registry. * Pushing with docker is limited to images that have layers of maximum size 500MB. Refer to maximum request body sizes in your Workers plan. * To circumvent that limitation, you can manually add the layer and the manifest into the R2 bucket or use a client that is able to chunk uploads in sizes less than 500MB (or the limit that you have in your Workers plan). * If you use npx wrangler dev and push to the R2 registry with docker, the R2 registry will have to buffer the request on the Worker. License The project is licensed under the Apache License. Contribution See CONTRIBUTING.md for contributing to the project. About A Docker registry backed by Workers and R2. Topics javascript docker registry typescript docker-registry workers cloudflare artifacts r2 Resources Readme License Apache-2.0 license Code of conduct Code of conduct Security policy Security policy Activity Custom properties Stars 487 stars Watchers 12 watching Forks 24 forks Report repository Releases No releases published Packages 0 No packages published Contributors 12 * @gabivlj * @skepticfx * @IvanDev * @harryzcy * @dependabot[bot] * @zaherg * @punkeel * @keyskull * @jahands * @iamaliyousefi * @Erisa * @polvallverdu Languages * TypeScript 99.9% * JavaScript 0.1% Footer (c) 2024 GitHub, Inc. Footer navigation * Terms * Privacy * Security * Status * Docs * Contact * Manage cookies * Do not share my personal information You can't perform that action at this time.