Automated Image Synchronization to Your Registry
This guide helps organizations set up automated synchronization of sfp pro images from Flxbl's registry to their own container registry, with optional customization capabilities
Why Synchronize to Your Registry?
While you can pull directly from source.flxbl.io, maintaining your own synchronized copy provides:
Centralized version control across all teams
Reduced external dependencies during CI/CD runs
Ability to add organization-specific customizations
Improved pull performance from your own registry
Compliance with internal security policies
Setting Up Automated Synchronization
Step 1: Create a Dedicated Repository
Create a GitHub repository in your organization specifically for Docker image management (e.g., docker-images or sfp-docker).
Step 2: Configure Repository Secrets
Add the following secrets to your repository (Settings → Secrets and variables → Actions):
GITEA_USER
Your Gitea username
From your welcome email
GITEA_PAT
Personal Access Token for Gitea
Generate at source.flxbl.io (Settings → Applications → Personal Access Tokens) with read:package permission
Step 3: Create Synchronization Workflow
Create .github/workflows/sync-sfp-pro.yml in your repository:
name: Sync SFP Pro Images
on:
workflow_dispatch:
inputs:
sfp_version:
description: 'SFP Pro version (leave empty for latest)'
required: false
type: string
include_sf_cli:
description: 'Also sync SF CLI variant'
required: false
type: boolean
default: true
env:
REGISTRY: ghcr.io
IMAGE_PREFIX: ${{ github.repository }}
jobs:
sync-images:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Login to source.flxbl.io
run: |
echo "${{ secrets.GITEA_PAT }}" | docker login source.flxbl.io \
-u ${{ secrets.GITEA_USER }} \
--password-stdin
- name: Login to GitHub Container Registry
run: |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io \
-u ${{ github.actor }} \
--password-stdin
- name: Determine version
id: version
run: |
if [ -n "${{ github.event.inputs.sfp_version }}" ]; then
echo "version=${{ github.event.inputs.sfp_version }}" >> $GITHUB_OUTPUT
else
# Fetch latest version from your version strategy
echo "version=latest" >> $GITHUB_OUTPUT
fi
- name: Sync base SFP-Pro Lite image
run: |
SOURCE_IMAGE="source.flxbl.io/flxbl/sfp-pro-lite:${{ steps.version.outputs.version }}"
TARGET_IMAGE="${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/sfp-pro-lite"
docker pull ${SOURCE_IMAGE}
docker tag ${SOURCE_IMAGE} ${TARGET_IMAGE}:${{ steps.version.outputs.version }}
docker tag ${SOURCE_IMAGE} ${TARGET_IMAGE}:latest
docker push ${TARGET_IMAGE}:${{ steps.version.outputs.version }}
docker push ${TARGET_IMAGE}:latest
- name: Sync SFP-Pro with SF CLI image
if: github.event.inputs.include_sf_cli == true
run: |
SOURCE_IMAGE="source.flxbl.io/flxbl/sfp-pro:${{ steps.version.outputs.version }}"
TARGET_IMAGE="${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/sfp-pro"
docker pull ${SOURCE_IMAGE}
docker tag ${SOURCE_IMAGE} ${TARGET_IMAGE}:${{ steps.version.outputs.version }}
docker tag ${SOURCE_IMAGE} ${TARGET_IMAGE}:latest
docker push ${TARGET_IMAGE}:${{ steps.version.outputs.version }}
docker push ${TARGET_IMAGE}:latestCreating Custom Images
If you need to add organization-specific tools or configurations, create a Dockerfile:
For base sfp-pro-lite (without SF CLI):
ARG BASE_VERSION=latest
FROM source.flxbl.io/flxbl/sfp-pro-lite:${BASE_VERSION}
# Add your customizations
RUN apt-get update && apt-get install -y \
jq \
your-custom-tools \
&& rm -rf /var/lib/apt/lists/*
# Copy custom scripts or configurations
# COPY scripts/ /usr/local/bin/
# COPY config/ /etc/your-app/For sfp-pro with SF CLI:
ARG BASE_VERSION=latest
FROM source.flxbl.io/flxbl/sfp-pro:${BASE_VERSION}
# Your customizations hereThen modify the workflow to build and push your custom image:
- name: Build and push custom image
run: |
docker build \
--build-arg BASE_VERSION=${{ steps.version.outputs.version }} \
-f Dockerfile \
-t ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/sfp-pro-custom:${{ steps.version.outputs.version }} \
-t ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/sfp-pro-custom:latest \
.
docker push ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/sfp-pro-custom:${{ steps.version.outputs.version }}
docker push ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/sfp-pro-custom:latestUsing Synchronized Images in Your Pipelines
Update your project workflows to use images from your registry:
GitHub Actions:
jobs:
build:
runs-on: ubuntu-latest
container:
image: ghcr.io/your-org/docker-images/sfp-pro:latest
credentials:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}GitLab CI:
image: ghcr.io/your-org/docker-images/sfp-pro:latest
before_script:
- echo "$CI_REGISTRY_PASSWORD" | docker login ghcr.io -u "$CI_REGISTRY_USER" --password-stdinAzure DevOps:
resources:
containers:
- container: sfp
image: ghcr.io/your-org/docker-images/sfp-pro:latest
endpoint: your-service-connection
jobs:
- job: Build
container: sfpVerification
After running the workflow, verify the synchronization:
# List available images in your registry
docker search ghcr.io/your-org/docker-images
# Pull and test the synchronized image
docker pull ghcr.io/your-org/docker-images/sfp-pro:latest
docker run --rm ghcr.io/your-org/docker-images/sfp-pro:latest sfp --versionTroubleshooting
Authentication Issues
If you encounter authentication errors:
Verify your PAT has
read:packagepermissionCheck that secrets are correctly set in repository settings
Ensure your Gitea username is correct
Image Not Found
If the source image cannot be pulled:
Check the version exists at https://source.flxbl.io/flxbl/-/packages/container/sfp-pro/
Verify your network can reach source.flxbl.io
Confirm your credentials are valid
Push Failures to GitHub Container Registry
Ensure the workflow has
packages: writepermissionVerify the repository name in
IMAGE_PREFIXis correctCheck GitHub Packages settings for your repository
Last updated
Was this helpful?