Once codename/meta#1 is resolved, an account (organisation?) on Docker Hub should be reserved to publish container image releases of codename/meta#6.
This might be related to codename/meta#21
Once codename/meta#1 is resolved, an account (organisation?) on Docker Hub should be reserved to publish container image releases of codename/meta#6.
This might be related to codename/meta#21
There is no need as the container images will be published on the codeberg.org registry.
I partly disagree. We should reserve the name on Docker Hub and be it only to point to Codeberg's registry.
This will help prevent cybersquatting and direct people (who are likely to go with Docker Hub first) to the correct place.
Therefore I re-open the issue.
Good point. I assigned this to you but feel free to assign it to me if you don't have the time to deal with it.
I had to create an account on Docker Hub for work the other day.
There are different tiers.
I assume, we can go with the „personal" one?
Ideal for individual developers, education, open source communities, and small businesses.
Features:
- Docker Desktop
- Unlimited public repositories
- Docker Engine + Kubernetes
- 200 image pulls per 6 hours
- Unlimited scoped tokens
I'm a bit concerned regarding the 200 image pulls.
But if we redirect to Codeberg, it should be fine?
Basically, I imagine to simply put a README of sorts there.
That being said: @fnetX The grant application spoke about a 100M+ downloads. Brace for traffic.
That being said: @fnetX The grant application spoke about a 100M+ downloads. Brace for traffic.
I would not be too worried about that. It takes a really, really long time to get there.
Basically, I imagine to simply put a README of sorts there.
I agree with you that a personal account should be fine.
@Ryuno-Ki could you please update https://codeberg.org/codename/secrets with the account credientials? Feel free to close this issue when you're done.
Image pull rate-limits are imposed on the folks downloading images. From Docker's rate-limit documentation:
Docker Hub limits the number of Docker image downloads ("pulls") based on the account type of the user pulling the image. Pull rates limits are based on individual IP address. For anonymous users, the rate limit is set to 100 pulls per 6 hours per IP address. For authenticated users, it is 200 pulls per 6 hour period.
So an image can have unlimited pulls.
@Ryuno-Ki gentle ping?
I imagine the account cannot be created until #1 is closed, unless it can later be renamed?
Yepp, awaited the name choice (and was swamped yesterday).
Springing into action now.
You can use contact@forgejo.org to register the docker account which is redirected to you as well as other people.
Once it's done you can send me the credentials via email at loic@dachary.org so that I store them for safekeeping in the secrets repository.
Once it's done you can send me the credentials via email at loic@dachary.org so that I store them for safekeeping in the secrets repository.
I recommend only using encrypted messaging to transfer secrets (email is fine with PGP of course).
Matrix DMs are a good option if you don't want to use PGP.
My GPG public key can be found at https://keys.openpgp.org/search?q=loic%40dachary.org
Account is created. Looking into PGP (not sure whether my key expired. It's been a while since I last used it ...)
I sent you an email, but I can't recall whether my public key is online somewhere.
KeyID 5A668E771F1ED854
Fingerprint: 4206 E6ED F1DD 8C4D 6428 07AF 5A66 8E77 1F1E D854
Please report back whether it worked or not.
Fee free to close this once you're done @Ryuno-Ki
Yesterday, we could confirm that Dachary could log in to.
I'm awaiting the choice of a plan (leave that to @Forgejo/Owners) before I look into putting a README there that points to Codeberg Docker registry.
How does that matter?
I think the "personnal" plan was the correct one (you proposed it and dachary agrees)
Okay, I take that as delegation. I'm not an „Owner" anymore (fine) and was a bit unsure whether I would have the authority now.
I'm not an „Owner" anymore (fine) and was a bit unsure whether I would have the authority now.
I don't think that diminishes your authority, my understanding is that it's simply a technical measure to limit access to the secrets repo to those who need it (see #34). In every other respect @forgejo/Admins is equal to @forgejo/Owners, and I think we're trying to discourage the misleading "owners" terminology anyway (but it's currently a technical requirement from Gitea that the team has that name).
[edit: sorry for pinging everyone... 🤦♂️]
Okay, I take that as delegation. I'm not an „Owner" anymore (fine) and was a bit unsure whether I would have the authority now.
The "Owner" group should be renamed "secret keepers" (i.e. people who stepped forward to keep the passwords safe) but the codebase does not allow for such a renaming at the moment. You have the same privileges as you did before by being in the "Admins" group.
Thanks.
Clicking through the settings (the first thing you always do, right?) I spotted this:
Docker Hub screen asking for turning an user account into an org one
I'm not sure what the implications are.
https://hub.docker.com/r/forgejo/forgejo
Good for now?
The /r is likely to be replaced by /u once it becomes an organisation, I think.
Took https://hub.docker.com/r/ubuntu/nginx for comparison.
I linked to the packages site, because each single container appears to be versioned (and I don't want to create dead links).
Looks good enough to me 👍
LGTM. I guess it should be an org but if we won't be using it it's not important.
Will it just be a placeholder or will we mirror images there?
Realistically if the images are published there it will become the primary source people get the images from. In the interest of independence and dogfooding, I'm in favor of only hosting them on Codeberg.
Realistically if the images are published there it will become the primary source people get the images from. In the interest of independence and dogfooding, I'm in favor of only hosting them on Codeberg.
I agree. In this case it would be good to have a ballpark estimate of how many resources it's going to need/consume, both in terms of disk space and bandwidth.
In terms of space that's around 1GB per release all included, one release every two month or so. In terms of bandwidth it is quite impossible to say for sure right now. But I assume it will grow as the popularity of forgejo grows and the trend, after a few months, will provide a good estimate.
Of course there always is the possibility that forgejo becomes very popular by surprise but that's true of the tenth of thousands of projects hosted at Codeberg 😄
I think we should test, and grow Codeberg if it hits our limits. If we go for no GitHub, we should also go for no-Dockerhub IMHO.
BTW, I'm still a fan of saving resources, so we could technically drop very old containers again ... also see https://github.com/go-gitea/gitea/issues/16585 for a similar idea
It's my understanding that this is completed; please re-open if I am mistaken.
No due date set.
No dependencies set.
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?