Skip to content

Commit 5038f80

Browse files
craig-osterhoutcraig-osterhout
committed
mirror via tag
Signed-off-by: Craig <craig.osterhout@docker.com>
1 parent 8b5f4e1 commit 5038f80

1 file changed

Lines changed: 15 additions & 13 deletions

File tree

content/manuals/dhi/how-to/mirror.md

Lines changed: 15 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -169,7 +169,8 @@ attestations using `regctl`. You must [install
169169
$ export DEST_REG="registry.example.com"
170170
$ export DEST_REPO="mirror/dhi-python"
171171
$ export SRC_REPO="docker.io/<your-org>/dhi-python"
172-
$ export SRC_TAG="3.13-alpine3.21"
172+
$ export SRC_ATT_REPO="registry.scout.docker.com/<your-org>/dhi-python"
173+
$ export TAG="3.13-alpine3.21"
173174
```
174175

175176
2. Sign in via `regctl` to Docker Hub, the Scout registry that contains
@@ -181,32 +182,33 @@ attestations using `regctl`. You must [install
181182
$ regctl registry login "$DEST_REG
182183
```
183184

184-
3. Get a digest for a specific tag and platform. For example, `linux/amd64`.
185+
3. Mirror the image and attestations using `--referrers` and referrer endpoints:
185186

186187
```console
187-
DIGEST="$(regctl manifest head "${SRC_REPO}:${SRC_TAG}" --platform linux/amd64)"
188+
$ regctl image copy \
189+
"${SRC_REPO}:${TAG}" \
190+
"${DEST_REG}/${DEST_REPO}:${TAG}" \
191+
--referrers \
192+
--referrers-src "${SRC_ATT_REPO}" \
193+
--referrers-tgt "${DEST_REG}/${DEST_REPO}" \
194+
--force-recursive
188195
```
189196

190-
4. Mirror the image and attestations using `--referrers` and referrer endpoints:
197+
4. Verify that artifacts were preserved.
198+
199+
First, get a digest for a specific tag and platform. For example, `linux/amd64`.
191200

192201
```console
193-
$ regctl image copy \
194-
"${SRC_REPO}@${DIGEST}" \
195-
"${DEST_REG}/${DEST_REPO}@${DIGEST}"
196-
--referrers \
197-
--referrers-src "registry.scout.docker.com/<your-org>/dhi-python" \
198-
--referrers-tgt "${DEST_REG}/${DEST_REPO}"
202+
DIGEST="$(regctl manifest head "${DEST_REG}/${DEST_REPO}:${TAG}" --platform linux/amd64)"
199203
```
200204

201-
5. Verify that artifacts were preserved.
202-
203205
List attached artifacts (SBOM, provenance, VEX, vulnerability reports).
204206

205207
```console
206208
$ regctl artifact list "${DEST_REG}/${DEST_REPO}@${DIGEST}"
207209
```
208210

209-
If you use Docker Scout:
211+
Or, list attached artifacts with `docker scout`.
210212

211213
```console
212214
$ docker scout attest list "registry://${DEST_REG}/${DEST_REPO}@${DIGEST}"

0 commit comments

Comments
 (0)