LabNow-ai · haobibo · Mar 13, 2026 · Mar 13, 2026 · Mar 13, 2026 · Mar 13, 2026
diff --git a/.github/workflows/task-sync.yml b/.github/workflows/task-sync.yml
@@ -0,0 +1,34 @@
+name: sync-docker-images
+
+on:
+  push:
+    branches: [ "main" ]
+    paths-ignore: [ "*.md" ]
+  pull_request:
+    branches: [ "main" ]
+    paths-ignore: [ "*.md" ]
+  workflow_dispatch:  # Allows you to run this workflow manually from the Actions tab
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  ## Sync all images defined in `task-sync-docker-images/images.yaml`
+  sync_images:
+    # needs: []
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v5
+      - env:
+          AUTH_FILE_CONTENT: ${{ secrets.AUTH_FILE_CONTENT }}
+        run: |
+          printf '%s' "$AUTH_FILE_CONTENT" > .github/workflows/auth.json && ls -alh ./.github/workflows
+          printenv | grep -v 'PATH' > /tmp/docker.env
+          docker run --rm --env-file /tmp/docker.env \
+            -e XDG_RUNTIME_DIR="" \
+            -v $(pwd):/tmp -w /tmp\
+            labnow/docker-kit \
+            image-syncer --proc=8 --retries=2 \
+            --images /tmp/task-sync-docker-images/images.yaml \
+            --auth /tmp/.github/workflows/auth.json
diff --git a/README-zh_CN.md b/README-zh_CN.md
@@ -0,0 +1,22 @@
+# Task Sync Docker Images（中文版）
+
+本仓库提供一个自动化的 GitHub Actions 工作流，用于将源镜像仓库的镜像同步到镜像仓库（mirror）。适合需要稳定、可审计、可重复的镜像同步流程的团队使用。
+
+## 项目用途
+
+- 使用 `task-sync-docker-images/images.yaml` 定义需要同步的镜像及目标仓库。
+- 通过 GitHub Actions 工作流，使用 `labnow/docker-kit` 容器中的 `image-syncer` 执行同步。
+- 按配置将镜像推送到目标仓库。
+
+## 使用方式（Fork + 自定义）
+
+1. 将本仓库 Fork 到你自己的 GitHub 账号或组织。
+2. 修改 `task-sync-docker-images/images.yaml`，添加或更新需要同步的镜像和目标仓库。
+3. 在仓库 Secrets 中创建 `AUTH_FILE_CONTENT`，内容为 JSON 格式的认证信息（示例见 `task-sync-docker-images/README.md`）。
+4. 触发工作流：
+   - 在 Actions 中手动运行 `sync-docker-images`；
+   - 或者向 `main` 分支提交代码（工作流会忽略 `*.md` 变更）。
+
+## 本地手动运行
+
+如需在本地或 GitHub Codespaces 中运行，请参考 `task-sync-docker-images/README.md` 中的本地运行说明。
diff --git a/README.md b/README.md
@@ -1 +1,24 @@
-# tool-sync-docker-image
+# Task Sync Docker Images
+
+This repository provides an automated GitHub Actions workflow to sync container images from source registries to mirror registries. It is designed for teams that need repeatable, auditable image mirroring using a simple YAML configuration.
+
+中文介绍: `README-zh_CN.md`
+
+## What This Project Does
+
+- Defines image mappings in `task-sync-docker-images/images.yaml`.
+- Runs a GitHub Actions workflow that uses `image-syncer` inside `labnow/docker-kit`.
+- Pushes images to target registries based on the mappings.
+
+## How to Use (Fork + Customize)
+
+1. Fork this repository to your own GitHub org or account.
+2. Edit `task-sync-docker-images/images.yaml` to add or update the images and target registries you want to mirror.
+3. Create a repository secret named `AUTH_FILE_CONTENT` containing your registry credentials in JSON format (see `task-sync-docker-images/README.md` for an example).
+4. Trigger the workflow:
+   - Manually via the Actions tab using the `sync-docker-images` workflow.
+   - Or by pushing changes to `main` (the workflow ignores `*.md` changes).
+
+## Manual Local Run
+
+If you want to run the sync locally (or in GitHub Codespaces), follow the instructions in `task-sync-docker-images/README.md`.
diff --git a/task-sync-docker-images/README.md b/task-sync-docker-images/README.md
@@ -0,0 +1,81 @@
+# Docker Images Sync (Task Module)
+
+This module syncs container images to mirror registries using `image-syncer` running inside the `labnow/docker-kit` container.
+
+## Overview
+
+The workflow reads the source/target mappings from `task-sync-docker-images/images.yaml` and pushes images to the configured mirror registries.
+
+## How the GitHub Actions Workflow Works
+
+The workflow is defined in `.github/workflows/task-sync.yml` and behaves as follows:
+
+- Triggers on push and pull request to `main`, ignoring changes to `*.md`.
+- Supports manual runs via `workflow_dispatch`.
+- Reads the `AUTH_FILE_CONTENT` secret and writes it to `.github/workflows/auth.json`.
+- Runs `labnow/docker-kit` and executes:
+  `image-syncer --proc=8 --retries=2 --images /tmp/task-sync-docker-images/images.yaml --auth /tmp/.github/workflows/auth.json`
+
+## Manual Run via GitHub Actions
+
+1. Ensure the repository secret `AUTH_FILE_CONTENT` is set with the content of your auth file (JSON format).
+2. Go to the Actions tab and run the `sync-docker-images` workflow using the "Run workflow" button.
+
+## Manual Local Run (or using Github Codespace)
+
+From the repo root, you can run the sync locally with docker-kit:
+
+```shell
+docker run -it --rm -v "$(pwd):/root/app" -w /root/app docker.io/labnow/docker-kit \
+  image-syncer --proc=8 --retries=2 --images ./task-sync-docker-images/images.yaml --auth ./auth.json
+```
+
+Use either `auth.json` or `auth.yaml` and pass the corresponding path with `--auth`.
+
+### images.yaml Example
+
+```yaml
+quay.io/labnow/docker-kit:
+  - docker.io/labnow/docker-kit
+  - registry.cn-hangzhou.aliyuncs.com/labnow/docker-kit
+```
+
+### auth.yaml Example
+
+```yaml
+docker.io:
+  username: ""
+  password: ""
+  insecure: true
+registry.cn-hangzhou.aliyuncs.com:
+  username: ""
+  password: ""
+  insecure: true
+```
+
+### auth.json Example
+
+Notice: the `AUTH_FILE_CONTENT` use this format by compact the JSON string into a single line.
+
+```json
+{
+  "docker.io": {
+    "username": "<your-docker-io-username>",
+    "password": "<your-docker-io-password>",
+    "insecure": true
+  },
+  "quay.io": {
+    "username": "<your-quay-io-username>",
+    "password": "<your-quay-io-password>",
+    "insecure": true
+  },
+  "registry.cn-beijing.aliyuncs.com": {
+    "username": "<your-aliyun-acr-username>",
+    "password": "<your-aliyun-acr-password>"
+  },
+  "registry.cn-hangzhou.aliyuncs.com": {
+    "username": "<your-aliyun-acr-username>",
+    "password": "<your-aliyun-acr-password>"
+  }
+}
+```
diff --git a/task-sync-docker-images/images.yaml b/task-sync-docker-images/images.yaml
@@ -0,0 +1,70 @@
+# Ref: https://github.com/AliyunContainerService/image-syncer/blob/master/README-zh_CN.md
+
+# nvidia/cuda: https://hub.docker.com/r/nvidia/cuda/tags
+docker.io/nvidia/cuda:12.6.3-cudnn-devel-ubuntu24.04,12.4.1-cudnn-devel-ubuntu22.04,12.0.1-cudnn8-devel-ubuntu22.04,11.8.0-cudnn8-devel-ubuntu22.04,11.2.2-cudnn8-devel-ubuntu20.04:
+ - quay.io/labnow/nvidia-cuda
+ - registry.cn-hangzhou.aliyuncs.com/labnow-ai/nvidia-cuda
+ - registry.cn-beijing.aliyuncs.com/labnow-ai/nvidia-cuda
+
+
+# Elasticserach
+#  - ref1: https://github.com/elastic/elasticsearch/releases
+#  - ref2: https://www.elastic.co/docs/deploy-manage/deploy/self-managed/install-elasticsearch-with-docker
+docker.elastic.co/elasticsearch/elasticsearch:7.17.28,8.11.3,8.17.5,8.18.0,9.0.0:
+ - quay.io/labnow/elasticsearch
+ - registry.cn-hangzhou.aliyuncs.com/labnow-ai/elasticsearch
+ - registry.cn-beijing.aliyuncs.com/labnow-ai/elasticsearch
+
+
+# Minio
+# - ref1: https://github.com/minio/minio/releases
+# - ref2: https://min.io/docs/minio/container/index.html
+docker.io/minio/minio:latest,RELEASE.2023-12-20T01-00-02Z,RELEASE.2025-04-08T15-41-24Z:
+ - quay.io/labnow/minio
+ - registry.cn-hangzhou.aliyuncs.com/labnow-ai/minio
+ - registry.cn-beijing.aliyuncs.com/labnow-ai/minio
+
+
+# valkey
+# - ref1: https://github.com/valkey-io/valkey/releases
+# - ref2: https://hub.docker.com/r/valkey/valkey
+docker.io/valkey/valkey:latest,8,8.1,8.1.0:
+ - quay.io/labnow/valkey
+ - registry.cn-hangzhou.aliyuncs.com/labnow-ai/valkey
+ - registry.cn-beijing.aliyuncs.com/labnow-ai/valkey
+
+
+# k3s
+# - ref1: https://github.com/k3s-io/k3s/releases
+# - ref2: https://docs.k3s.io/installation/airgap
+rancher/k3s:latest,v1.32.3-k3s1:
+ - quay.io/labnow/k3s
+ - registry.cn-hangzhou.aliyuncs.com/labnow-ai/k3s
+ - registry.cn-beijing.aliyuncs.com/labnow-ai/k3s
+
+
+# k3d: https://github.com/k3d-io/k3d/pkgs/container/k3d
+ghcr.io/k3d-io/k3d:latest,5-dind,5:
+ - quay.io/labnow/k3s
+ - registry.cn-hangzhou.aliyuncs.com/labnow-ai/k3d
+ - registry.cn-beijing.aliyuncs.com/labnow-ai/k3d
+
+
+# k3d-proxy:https://github.com/k3d-io/k3d/pkgs/container/k3d-proxy
+ghcr.io/k3d-io/k3d-proxy:latest,5:
+ - quay.io/labnow/k3s
+ - registry.cn-hangzhou.aliyuncs.com/labnow-ai/k3d-proxy
+ - registry.cn-beijing.aliyuncs.com/labnow-ai/k3d-proxy
+
+
+# k3d-tools: https://github.com/k3d-io/k3d/pkgs/container/k3d-tools
+ghcr.io/k3d-io/k3d-tools:latest,5:
+ - quay.io/labnow/k3s
+ - registry.cn-hangzhou.aliyuncs.com/labnow-ai/k3d-tools
+ - registry.cn-beijing.aliyuncs.com/labnow-ai/k3d-tools
+
+# kube-scheduler
+registry.k8s.io/kube-scheduler:/v\d+\.\d+\.\d+/:
+ - quay.io/labnow/kube-scheduler
+ - registry.cn-hangzhou.aliyuncs.com/labnow-ai/kube-scheduler
+ - registry.cn-beijing.aliyuncs.com/labnow-ai/kube-scheduler