# Automated Image Synchronization to Your Registry

## Why Synchronize to Your Registry?

While you can pull directly from `source.flxbl.io`, maintaining your own synchronized copy provides:

* **Centralized version control** across all teams
* **Reduced external dependencies** during CI/CD runs
* **Ability to add organization-specific customizations**
* **Improved pull performance** from your own registry
* **Compliance** with internal security policies

### Setting Up Automated Synchronization

#### Step 1: Create a Dedicated Repository

Create a GitHub repository in your organization specifically for Docker image management (e.g., `docker-images` or `sfp-docker`).

#### Step 2: Configure Repository Secrets

Add the following secrets to your repository (Settings → Secrets and variables → Actions):

| Secret Name  | Description                     | Value                                                                                                         |
| ------------ | ------------------------------- | ------------------------------------------------------------------------------------------------------------- |
| `GITEA_USER` | Your Gitea username             | From your welcome email                                                                                       |
| `GITEA_PAT`  | Personal Access Token for Gitea | Generate at source.flxbl.io (Settings → Applications → Personal Access Tokens) with `read:package` permission |

#### Step 3: Create Synchronization Workflow

Create `.github/workflows/sync-sfp-pro.yml` in your repository:

```yaml
name: Sync SFP Pro Images

on:
  workflow_dispatch:
    inputs:
      sfp_version:
        description: 'SFP Pro version (leave empty for latest)'
        required: false
        type: string
      include_sf_cli:
        description: 'Also sync SF CLI variant'
        required: false
        type: boolean
        default: true

env:
  REGISTRY: ghcr.io
  IMAGE_PREFIX: ${{ github.repository }}

jobs:
  sync-images:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
    
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        
      - name: Login to source.flxbl.io
        run: |
          echo "${{ secrets.GITEA_PAT }}" | docker login source.flxbl.io \
            -u ${{ secrets.GITEA_USER }} \
            --password-stdin

      - name: Login to GitHub Container Registry
        run: |
          echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io \
            -u ${{ github.actor }} \
            --password-stdin

      - name: Determine version
        id: version
        run: |
          if [ -n "${{ github.event.inputs.sfp_version }}" ]; then
            echo "version=${{ github.event.inputs.sfp_version }}" >> $GITHUB_OUTPUT
          else
            # Fetch latest version from your version strategy
            echo "version=latest" >> $GITHUB_OUTPUT
          fi

      - name: Sync base SFP-Pro Lite image
        run: |
          SOURCE_IMAGE="source.flxbl.io/flxbl/sfp-pro-lite:${{ steps.version.outputs.version }}"
          TARGET_IMAGE="${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/sfp-pro-lite"
          
          docker pull ${SOURCE_IMAGE}
          docker tag ${SOURCE_IMAGE} ${TARGET_IMAGE}:${{ steps.version.outputs.version }}
          docker tag ${SOURCE_IMAGE} ${TARGET_IMAGE}:latest
          
          docker push ${TARGET_IMAGE}:${{ steps.version.outputs.version }}
          docker push ${TARGET_IMAGE}:latest

      - name: Sync SFP-Pro with SF CLI image
        if: github.event.inputs.include_sf_cli == true
        run: |
          SOURCE_IMAGE="source.flxbl.io/flxbl/sfp-pro:${{ steps.version.outputs.version }}"
          TARGET_IMAGE="${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/sfp-pro"
          
          docker pull ${SOURCE_IMAGE}
          docker tag ${SOURCE_IMAGE} ${TARGET_IMAGE}:${{ steps.version.outputs.version }}
          docker tag ${SOURCE_IMAGE} ${TARGET_IMAGE}:latest
          
          docker push ${TARGET_IMAGE}:${{ steps.version.outputs.version }}
          docker push ${TARGET_IMAGE}:latest
```

### Creating Custom Images

If you need to add organization-specific tools or configurations, create a `Dockerfile`:

#### For base sfp-pro-lite (without SF CLI):

```dockerfile
ARG BASE_VERSION=latest
FROM source.flxbl.io/flxbl/sfp-pro-lite:${BASE_VERSION}

# Add your customizations
RUN apt-get update && apt-get install -y \
    jq \
    your-custom-tools \
    && rm -rf /var/lib/apt/lists/*

# Copy custom scripts or configurations
# COPY scripts/ /usr/local/bin/
# COPY config/ /etc/your-app/
```

#### For sfp-pro with SF CLI:

```dockerfile
ARG BASE_VERSION=latest
FROM source.flxbl.io/flxbl/sfp-pro:${BASE_VERSION}

# Your customizations here
```

Then modify the workflow to build and push your custom image:

```yaml
      - name: Build and push custom image
        run: |
          docker build \
            --build-arg BASE_VERSION=${{ steps.version.outputs.version }} \
            -f Dockerfile \
            -t ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/sfp-pro-custom:${{ steps.version.outputs.version }} \
            -t ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/sfp-pro-custom:latest \
            .
          
          docker push ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/sfp-pro-custom:${{ steps.version.outputs.version }}
          docker push ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/sfp-pro-custom:latest
```

### Using Synchronized Images in Your Pipelines

Update your project workflows to use images from your registry:

#### GitHub Actions:

```yaml
jobs:
  build:
    runs-on: ubuntu-latest
    container:
      image: ghcr.io/your-org/docker-images/sfp-pro:latest
      credentials:
        username: ${{ github.actor }}
        password: ${{ secrets.GITHUB_TOKEN }}
```

#### GitLab CI:

```yaml
image: ghcr.io/your-org/docker-images/sfp-pro:latest

before_script:
  - echo "$CI_REGISTRY_PASSWORD" | docker login ghcr.io -u "$CI_REGISTRY_USER" --password-stdin
```

#### Azure DevOps:

```yaml
resources:
  containers:
  - container: sfp
    image: ghcr.io/your-org/docker-images/sfp-pro:latest
    endpoint: your-service-connection

jobs:
- job: Build
  container: sfp
```

### Verification

After running the workflow, verify the synchronization:

```bash
# List available images in your registry
docker search ghcr.io/your-org/docker-images

# Pull and test the synchronized image
docker pull ghcr.io/your-org/docker-images/sfp-pro:latest
docker run --rm ghcr.io/your-org/docker-images/sfp-pro:latest sfp --version
```

### Troubleshooting

#### Authentication Issues

If you encounter authentication errors:

1. Verify your PAT has `read:package` permission
2. Check that secrets are correctly set in repository settings
3. Ensure your Gitea username is correct

#### Image Not Found

If the source image cannot be pulled:

1. Check the version exists at <https://source.flxbl.io/flxbl/-/packages/container/sfp-pro/>
2. Verify your network can reach source.flxbl.io
3. Confirm your credentials are valid

#### Push Failures to GitHub Container Registry

1. Ensure the workflow has `packages: write` permission
2. Verify the repository name in `IMAGE_PREFIX` is correct
3. Check GitHub Packages settings for your repository


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.flxbl.io/flxbl/sfp/getting-started/docker-images/sfp-pro/migrating-to-sfp-pro.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.