Allow setting the registry and image name.

BUILD.bazel

@@ -1,6 +1,6 @@
 load("@gazelle//:def.bzl", "gazelle")
 load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
-load("@rules_oci//oci:defs.bzl", "oci_image", "oci_load", "oci_push")
+load("@rules_oci//oci:defs.bzl", "oci_image", "oci_load")
 load("@rules_pkg//:pkg.bzl", "pkg_tar")
 
 gazelle(
@@ -139,9 +139,9 @@ oci_image(
 )
 
 oci_load(
-    name = "bazel-remote-image-tarball",
+    name = "bazel-remote-image-amd64-tarball",
     image = ":bazel-remote-image",
-    repo_tags = ["buchgr/bazel-remote-cache:tmp-amd64"],
+    repo_tags = ["bazel-remote-cache:tmp-amd64"],
 )
 
 pkg_tar(
@@ -174,30 +174,5 @@ oci_image(
 oci_load(
     name = "bazel-remote-image-arm64-tarball",
     image = ":bazel-remote-image-arm64",
-    repo_tags = ["buchgr/bazel-remote-cache:tmp-arm64"],
-)
-
-# The following container_push targets push to "tmp-amd64" and "tmp-arm64"
-# tags, so they can be combined into a multiarch tag on dockerhub. This
-# isn't currently possible with rules_docker, so instead we rely on some
-# external commands to be run after the tmp-* tags are pushed. See the
-# docker/push_to_dockerhub script.
-#
-# Background:
-# https://github.com/bazelbuild/rules_docker/issues/1599
-
-oci_push(
-    name = "push_to_dockerhub_amd64",
-    image = ":bazel-remote-image",
-    remote_tags = ["tmp-amd64"],
-    repository = "buchgr/bazel-remote-cache",
-    visibility = ["//visibility:public"],
-)
-
-oci_push(
-    name = "push_to_dockerhub_arm64",
-    image = ":bazel-remote-image-arm64",
-    remote_tags = ["tmp-arm64"],
-    repository = "buchgr/bazel-remote-cache",
-    visibility = ["//visibility:public"],
+    repo_tags = ["bazel-remote-cache:tmp-arm64"],
 )

README.md

@@ -24,6 +24,7 @@ commodity hardware and AWS servers. Outgoing bandwidth can exceed 15 Gbit/s on t
 ## HTTP/1.1 REST API
 
 Cache entries are set and retrieved by key, and there are two types of keys that can be used:
+
 1. Content addressed storage (CAS), where the key is the lowercase SHA256 hash of the entry.
    The REST API for these entries is: `/cas/<key>` or with an optional but ignored instance name:
    `/<instance>/cas/<key>`.
@@ -60,6 +61,7 @@ for GET requests and `Content-type: application/json` for PUT requests.
 **/status**
 
 Returns the cache status/info.
+
 ```
 $ curl http://localhost:8080/status
 {
@@ -78,6 +80,7 @@ $ curl http://localhost:8080/status
 
 The empty CAS blob is always available, even if the cache is empty. This can be used to test that
 a bazel-remote instance is running and accepting requests.
+
 ```
 $ curl --head --fail http://localhost:8080/cas/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
 HTTP/1.1 200 OK
@@ -487,7 +490,6 @@ max_size: 100
 # use unix:///path/to/socket.sock, where /path/to/socket.sock can be
 # either an absolute or relative path to a socket path.
 http_address: 0.0.0.0:8080
-
 # The server listener address for gRPC (unix sockets are also supported
 # as described above):
 #grpc_address: 0.0.0.0:9092
@@ -633,7 +635,7 @@ http_address: 0.0.0.0:8080
 #  auth_method: environment_credential
 #
 #  auth_method: default
-  
+
 # If set to a valid port number, then serve /debug/pprof/* URLs here:
 #profile_port: 7070
 # IP address to use, if profiling is enabled:
@@ -689,16 +691,16 @@ See [examples/docker-compose.yml](examples/docker-compose.yml) for an example co
 
 ### Kubernetes notes
 
-* See [examples/kubernetes.yml](examples/kubernetes.yml) for an example
+- See [examples/kubernetes.yml](examples/kubernetes.yml) for an example
   configuration.
 
-* Don't name your deployment `bazel-remote`!
-  
+- Don't name your deployment `bazel-remote`!
+
   Kubernetes sets some environment variables based on this name, which conflict
   with the `BAZEL_REMOTE_*` environment variables that bazel-remote tries to
   parse.
 
-* bazel-remote supports the `/grpc.health.v1.Health/Check` service, which you can
+- bazel-remote supports the `/grpc.health.v1.Health/Check` service, which you can
   configure like so:
   ```
   alb.ingress.kubernetes.io/backend-protocol: HTTP
@@ -715,9 +717,9 @@ See [examples/docker-compose.yml](examples/docker-compose.yml) for an example co
 The command below will build a docker image from source and install it into your local docker registry.
 
 ```bash
-$ bazel run :bazel-remote-image-tarball
+$ bazel run :bazel-remote-image-amd64-tarball
 # Ensure /your/path/to/data exists and is writable (e.g. by UID 65532)
-$ docker run -v /your/path/to/data:/data buchgr/bazel-remote-cache:tmp-amd64 --max_size 5 --dir /data
+$ docker run -v /your/path/to/data:/data bazel-remote-cache:tmp-amd64 --max_size 5 --dir /data
 ```
 
 ### ARM64 docker image
@@ -729,7 +731,7 @@ To build a docker image for ARM64:
 ```bash
 $ bazel run :bazel-remote-image-arm64-tarball
 # Ensure /your/path/to/data exists and is writable (e.g. by UID 65532)
-$ docker run -v /your/path/to/data:/data buchgr/bazel-remote-cache:tmp-arm64 --max_size 5 --dir /data
+$ docker run -v /your/path/to/data:/data bazel-remote-cache:tmp-arm64 --max_size 5 --dir /data
 ```
 
 ## Build a standalone Linux binary
@@ -852,6 +854,7 @@ To avoid leaking your password in log files, you can place this flag in a
 
 To use mutual TLS with bazel, use a `grpcs` URL for the `--remote_cache`
 argument, and add the following flags:
+
 ```bash
 	--tls_certificate=path/to/ca.cert
 	--tls_client_certificate=path/to/client/cert.cert

docker/push_to_dockerhub

@@ -1,59 +1,49 @@
-#!/bin/bash
+#!/usr/bin/env bash
 set -euo pipefail
 
-script_dir=$(dirname "${BASH_SOURCE[0]}")
-cd "${script_dir}/.."
-
-tag=latest
-if [ $# = 1 ]
-then
-	case "$1" in
-		v*)
-			if [ "$(git rev-list -1 $1)" = "$(git rev-list -1 HEAD)" ]
-			then
-				tag="$1"
-			else
-				echo "Error: can only push \"latest\" or tagged commits"
-				exit 1
-			fi
-			;;
-		*)
-			echo "Error: can only push \"latest\" or tagged commits"
-			exit 1
-			;;
-	esac
-fi
+# Defaults
+REGISTRY="${REGISTRY:-docker.io}"
+IMAGE_NAME="${IMAGE_NAME:-buchgr/bazel-remote-cache}"
+TAG="${TAG:-latest}"
 
-# push test-amd64 and test-arm64 images.
-if [ "$(uname -p)" = aarch64 ]
-then
-	bazel run //:push_to_dockerhub_arm64
+FULL_IMAGE="${REGISTRY}/${IMAGE_NAME}"
 
-	# Check that the image works, at least well enough to print help, and with cgo support.
-	docker pull docker.io/buchgr/bazel-remote-cache:tmp-arm64
-	docker run docker.io/buchgr/bazel-remote-cache:tmp-arm64 -h
-	docker run docker.io/buchgr/bazel-remote-cache:tmp-arm64 -h | grep zstd_implementation | grep '"cgo"'
+script_dir=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" && pwd)
+cd "$script_dir/.."
 
-	exit 0
+# Detect arch.
+img_arch=amd64
+if [[ "$(uname -m)" == "arm64" || "$(uname -m)" == "aarch64" ]]; then
+    img_arch=arm64
 fi
-bazel run //:push_to_dockerhub_amd64
 
-# Check that the image works, at least well enough to print help, and with cgo support.
-docker pull docker.io/buchgr/bazel-remote-cache:tmp-amd64
-docker run docker.io/buchgr/bazel-remote-cache:tmp-amd64 -h
-docker run docker.io/buchgr/bazel-remote-cache:tmp-amd64 -h | grep zstd_implementation | grep '"cgo"'
+echo "Building and pushing $img_arch image..."
+
+# Build and load.
+bazel run //:bazel-remote-image-${img_arch}-tarball
+
+# Tag and push.
+docker tag bazel-remote-cache:tmp-${img_arch} "$FULL_IMAGE:tmp-${img_arch}"
+docker push "$FULL_IMAGE:tmp-${img_arch}"
 
-# Create the multiarch manifest.
-docker manifest rm buchgr/bazel-remote-cache:$tag || true
-docker manifest create buchgr/bazel-remote-cache:$tag \
-    --amend buchgr/bazel-remote-cache:tmp-amd64 \
-    --amend buchgr/bazel-remote-cache:tmp-arm64
+# Collect existing arch images.
+manifest_args=()
+
+for arch in amd64 arm64; do
+    if docker manifest inspect "$FULL_IMAGE:tmp-${arch}" >/dev/null 2>&1; then
+        manifest_args+=( "$FULL_IMAGE:tmp-${arch}" )
+    fi
+done
+
+if [[ ${#manifest_args[@]} -eq 0 ]]; then
+    echo "ERROR: no images found to create manifest"
+    exit 1
+fi
 
-# Push the multiarch manifest
-docker manifest push buchgr/bazel-remote-cache:$tag
+# Recreate manifest atomically
+docker manifest rm "$FULL_IMAGE:$TAG" >/dev/null 2>&1 || true
 
-# Mirror to quay.io (using https://github.com/regclient/regclient):
-regctl image copy docker.io/buchgr/bazel-remote-cache:$tag \
-	quay.io/bazel-remote/bazel-remote:$tag
+docker manifest create "$FULL_IMAGE:$TAG" "${manifest_args[@]}"
+docker manifest push "$FULL_IMAGE:$TAG"
 
-echo "Go ahead and delete the tmp-amd64 and tmp-arm64 images from the web ui"
+echo "Updated multi-arch manifest: $FULL_IMAGE:$TAG"