Imagesync is a tool that functions as a wrapper for Google's Crane tool to create, manage, and transfer a list of images from various sources to a single destination registry
It is very common for an organization to create a Mutating Webhook to mutate the image spec of a Pod definition. This is normally done in airgapped contexts where commonly used registries are not accessible, so images must be synced to a registry accessible within the airgapped environment.
Custom mutating webhook services or services like Kyverno, in addition to changing the image: spec, are also capable of adding annotations to the Pod definition to denote the original image location before it was mutated. This ensures that the original image name remains accessible to tools, like imagesync, who comb through Kubernetes clusters to gather image information.
Imagesync should be capable of taking an arbitrary regex string as a config item and using it to identify the original source of an image.
chaospuppy
commented
1 year ago
Configurable image name annotation
It is very common for an organization to create a Mutating Webhook to mutate the
imagespec of a Pod definition. This is normally done in airgapped contexts where commonly used registries are not accessible, so images must be synced to a registry accessible within the airgapped environment.Custom mutating webhook services or services like Kyverno, in addition to changing the
image:spec, are also capable of adding annotations to the Pod definition to denote the original image location before it was mutated. This ensures that the original image name remains accessible to tools, like imagesync, who comb through Kubernetes clusters to gather image information.Imagesync should be capable of taking an arbitrary regex string as a config item and using it to identify the original source of an image.