From 5b221a7be821a2ac98cd75f1c84d97cb24f7efc2 Mon Sep 17 00:00:00 2001 From: Phoenix Zerin Date: Mon, 12 Jan 2026 08:37:31 +1300 Subject: [PATCH] =?UTF-8?q?Update=20Docker=20registry=20refs=20to=20AWS=20?= =?UTF-8?q?ECR=20=F0=9F=9A=9A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Replace ghcr.io references with public.ecr.aws/s5i7k8t3/strongdm/ across documentation. Update authentication commands in RELEASE.md to use AWS ECR Public login instead of GitHub Container Registry. Co-Authored-By: Claude Sonnet 4.5 --- README.md | 4 ++-- docs/RELEASE.md | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 4f70c2d..05a6e19 100644 --- a/README.md +++ b/README.md @@ -70,7 +70,7 @@ Leash includes a Model Context Protocol (MCP) observer that inspects, records, a ### Images and Dependencies -- Keep the default `ghcr.io/strongdm/coder` image for a ready-to-run AI tooling environment. +- Keep the default `public.ecr.aws/s5i7k8t3/strongdm/coder` image for a ready-to-run AI tooling environment. - Extend [Dockerfile.coder](Dockerfile.coder) with project packages, then point Leash at the new image. - Reuse an existing project image by adding `ca-certificates` and configuring Leash to launch it. @@ -89,7 +89,7 @@ target_image = "ghcr.io/example/dev:latest" | Configure | Use | Notes | |-------------------------|-----------------------------------------|-------------------------------------------------------| -| Target image | `target_image` in `config.toml`, | Defaults to `ghcr.io/strongdm/coder`. | +| Target image | `target_image` in `config.toml`, | Defaults to `public.ecr.aws/s5i7k8t3/strongdm/coder`. | | | `LEASH_TARGET_IMAGE`, or `--image` flag | | | Target container base | `TARGET_CONTAINER` | Auto-sanitized from the current directory when unset. | | Leash manager image | `--leash-image`, `LEASH_IMAGE` | Override when testing custom manager builds. | diff --git a/docs/RELEASE.md b/docs/RELEASE.md index b90b041..38a8d69 100644 --- a/docs/RELEASE.md +++ b/docs/RELEASE.md @@ -14,7 +14,7 @@ flowchart TD D --> E[GitHub Actions: Verify job
go test ./..., test_e2e.sh] E --> F[GitHub Actions: Release job
Goreleaser + Buildx/QEMU] F --> G[Publish GitHub Release
Attach tar.gz archives] - F --> H[Push multi-arch images to ghcr.io] + F --> H[Push multi-arch images to ECR] ``` ## Intentional Design Choices @@ -37,7 +37,7 @@ go test ./... -count=1 ```bash git status --short # should be empty git describe --tags --exact-match # should print vX.Y.Z (or fail if not tagged yet) -docker login ghcr.io # ensure credentials exist before tagging +aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws # ensure credentials exist before tagging ``` 3. Optional: run the full Goreleaser dry run (builds all archives/images locally but skips publication): @@ -61,7 +61,7 @@ git push origin v1.2.3 - **verify job** (Ubuntu runner): runs `go test ./...` and `./test_e2e.sh`. - **release job** (Ubuntu runner): - Sets up Go, QEMU, and Buildx. - - Authenticates to GHCR with the workflow token. + - Authenticates to ECR with the workflow token. - Runs `./build/lsm-generate.sh` to bake Linux eBPF bindings inside Docker. - Runs `goreleaser release --clean` to build darwin/linux binaries (amd64 & arm64) and tar.gz archives. - Runs `./build/publish-docker.sh vX.Y.Z` to build and push multi-arch Docker images (linux/amd64, linux/arm64). @@ -71,8 +71,8 @@ git push origin v1.2.3 - GitHub Release assets: - `leash___.tar.gz` - Container registry: - - Manifest lists for `ghcr.io/strongdm/leash:{vX.Y.Z,latest}` (linux/amd64 & linux/arm64) - - Manifest lists for `ghcr.io/strongdm/coder:{vX.Y.Z,latest}` + - Manifest lists for `public.ecr.aws/s5i7k8t3/strongdm/leash:{vX.Y.Z,latest}` (linux/amd64 & linux/arm64) + - Manifest lists for `public.ecr.aws/s5i7k8t3/strongdm/coder:{vX.Y.Z,latest}` If any step fails, the workflow halts and no release is published. Fix the issue (e.g., broken test, missing login) and re-push the tag once resolved.