This is a library of busybox builds for Singularity images hosted on Singularity Static Registry. The following standard applies:
- each
Singularity
file corresponds to a build - tags are supported based on the extension of the Singularity file, with an extensionless file corresponding to "latest"
The repository here serves the container under the namespace singularityhub/busybox
. Specifically,
it provides an example of using CircleCI to build and push a container to Google Storage,
and then update manifests at singularityhub/registry-org.
If you are interested in other container build templates, see this page.
We will submit this container to the (organizational) registry at
singularityhub/registry-org
for a final container uri corresponding to https://singularityhub.github.io/registry-org/singularityhub/busybox
. Specifically:
singularityhub/registry-org --) the organization registry
singularityhub/busybox --) a container collection
then on GitHub pages:
singularityhub.github.io/registry-org --) the registry interface
singularityhub.github.io/registry-org/singularityhub/busybox --) the added container
For the repository here to your account, and make sure to add write permissions for a machine user for the repository, and the machine user's key to CircleCI. This means:
- adding the machine user as a collaborator to the repository (and accepting the invitation)
- connecting the repository to CircleCI
- navigating to the CircleCI project page logged in as the machine user to follow the project (button in upper right)
- going to the settings -> Checkout SSH keys to add the machine user key.
Full instructions are provided here.
If you haven't done so, follow the instructions here to create the organizational registry. You will need to update the environment variables in the top of the .circleci/config.yml to reflect your repository:
environment:
# The GitHub username / reponame that the container will be submit to
- REGISTRY_BASE: singularityhub/registry-org
...
You should only need to do this once. The example provided here uses singularityhub/registry-org.
We will be interacting with Google Storage via the sregistry command line client.
Create a Google Project and a service account.
You should first download a service account key from the service accounts page. For the roles, add an admin for Google Storage (to store your container). If you want to use the Google Cloud Builder (a similar configuration, example at nginx) then you can also add Google Build.
Once you add the roles, you do not need to add users to the account. You can next download the service account key to your local machine, and move it to the repository folder.
Note that the .gitignore includes *.json so it won't be added to your project!
Once you have the <project-id>-<number>.json
in the present working directory,
you can add the entire thing to your project as an encrypted environment variable.
Here is how to copy paste the string from your terminal:
$ cat <project-id>-<number>.json
Add the text output from the above to an environment variable
called GOOGLE_APPLICATION_CREDENTIALS
along with the following (all project secrets):
- GOOGLE_COMPUTE_ZONE: the zone you want your compute builder to run in.
- SREGISTRY_GOOGLE_PROJECT: the id of your project, easiest to find in the Google Project console url.
Optionally, export a name for your bucket, SREGISTRY_GOOGLE_STORAGE_BUCKET
(it will be created if it doesn't exist). It will default to your project id with sregistry- as a prefix.
Don't forget to add the machine user to the repository, and then add its credential.