Add job (#20)

* init

# Conflicts:
#	scripts/sreg-storage.sh

* support job

* fix s3 no check bucket

* use copyto

* save docker config

* optimize job example

* fix

* remove debug log

Author: bxy4543

scripts/.dockerignore

@@ -0,0 +1,50 @@
+# Git 相关
+.git
+.gitignore
+.gitattributes
+
+# 文档
+*.md
+README*
+CHANGELOG*
+LICENSE
+docs/
+
+# 构建产物
+bin/
+dist/
+build/
+*.exe
+*.dll
+*.so
+*.dylib
+*.test
+*.out
+
+# 临时文件
+*.tmp
+*.temp
+*.log
+*.swp
+*.swo
+*~
+.DS_Store
+
+# IDE 和编辑器
+.idea/
+.vscode/
+*.iml
+.vs/
+*.suo
+*.user
+
+# 测试和覆盖率
+*.coverprofile
+coverage.html
+coverage.txt
+vendor/
+
+# 其他
+scripts/config*.yaml
+!.dockerignore
+Dockerfile*

scripts/Dockerfile.sreg-storage

@@ -0,0 +1,72 @@
+# 多阶段构建 - 构建阶段
+FROM golang:1.23-alpine AS builder
+
+# 安装构建依赖和 CGO 所需的 C 库
+RUN apk add --no-cache \
+    git \
+    make \
+    gcc \
+    musl-dev \
+    gpgme-dev \
+    btrfs-progs-dev \
+    lvm2-dev
+
+# 设置工作目录
+WORKDIR /build
+
+# 复制 go.mod 和 go.sum
+COPY go.mod go.sum ./
+
+# 下载依赖
+RUN go mod download
+
+# 复制源代码
+COPY . .
+
+# 构建 sreg 二进制文件（使用 CGO 和正确的构建标签）
+RUN CGO_ENABLED=0 \
+    go build \
+    -tags "containers_image_openpgp netgo exclude_graphdriver_devicemapper osusergo exclude_graphdriver_btrfs" \
+    -ldflags="-s -w" \
+    -o sreg .
+
+# 运行阶段
+FROM alpine:3.19
+
+# 安装运行时依赖和 CGO 运行时库
+RUN apk add --no-cache \
+    bash \
+    python3 \
+    py3-yaml \
+    tar \
+    gzip \
+    ca-certificates \
+    tzdata \
+    gpgme \
+    lvm2 \
+    libressl
+
+# 安装 rclone (直接使用 apk 包)
+RUN apk add --no-cache rclone
+
+# 从构建阶段复制 sreg 二进制文件
+COPY --from=builder /build/sreg /usr/local/bin/sreg
+
+# 复制脚本文件
+COPY scripts/sreg-storage.sh /usr/local/bin/sreg-storage.sh
+
+# 设置脚本可执行权限
+RUN chmod +x /usr/local/bin/sreg-storage.sh && \
+    chmod +x /usr/local/bin/sreg
+
+# 创建工作目录
+RUN mkdir -p /tmp/sreg-storage
+
+# 设置工作目录
+WORKDIR /tmp/sreg-storage
+
+# 定义默认入口点
+ENTRYPOINT ["/usr/local/bin/sreg-storage.sh"]
+
+# 默认命令（显示帮助信息）
+CMD ["--help"]

scripts/README.md

@@ -124,21 +124,31 @@ kubectl logs -l job-name=sreg-storage-load -f
 rclone:
   remote: "myremote"
   config:
+    # 顶层写法也兼容，脚本会自动按运行参数处理
+    no_check_certificate: true
+    s3-no-check-bucket: true
     type: "s3"
     provider: "Other"
     endpoint: "https://objectstorage.example.com"
     access_key_id: "admin"
     secret_access_key: "secret"
     override:
       no_check_certificate: true
+      s3-no-check-bucket: true
 ```
 
+推荐将运行时开关放在 `override` 或 `global` 下；如果直接写在 `rclone.config` 顶层，当前脚本也会兼容处理。
+
 如果对象存储使用自签名证书，需确认：
 
 - 服务端证书域名与访问域名一致
 - 证书链完整
 - 或显式允许跳过证书校验
 
+如果对象存储不支持 bucket 存在性探测，需同时启用：
+
+- `s3-no-check-bucket: true`
+
 ## 6. 清理与排查
 
 查看任务：

scripts/job-load.example.yaml

@@ -2,7 +2,7 @@ apiVersion: batch/v1
 kind: Job
 metadata:
   name: sreg-storage-load
-  namespace: default
+  namespace: ns-admin
 spec:
   ttlSecondsAfterFinished: 604800
   backoffLimit: 1
@@ -13,14 +13,17 @@ spec:
       restartPolicy: Never
       containers:
         - name: sreg-storage
-          image: your-registry/sreg-storage:latest
+          image: registry.cn-hangzhou.aliyuncs.com/bxy4543/sreg-storage:0313.1655
           imagePullPolicy: IfNotPresent
           command: ["/usr/local/bin/sreg-storage.sh", "load", "--config=/config/config.yaml"]
           volumeMounts:
             - name: config
               mountPath: /config
             - name: tmp
               mountPath: /tmp/sreg-storage
+            - name: image-cri-shim-config
+              mountPath: /etc/image-cri-shim.yaml
+              readOnly: true
           resources:
             requests:
               cpu: "500m"
@@ -35,30 +38,34 @@ spec:
         - name: tmp
           emptyDir:
             sizeLimit: 20Gi
+        - name: image-cri-shim-config
+          hostPath:
+            path: /etc/image-cri-shim.yaml
+            type: File
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
   name: sreg-storage-load-config
-  namespace: default
+  namespace: ns-admin
 data:
   config.yaml: |
     rclone:
       remote: "myremote"
       config:
         type: "s3"
         provider: "Other"
-        endpoint: "https://objectstorage.example.com"
-        access_key_id: "replace-me"
-        secret_access_key: "replace-me"
-        override:
-          no_check_certificate: true
+        endpoint: "objectstorageapi.192.168.10.70.nip.io"
+        access_key_id: "admin"
+        secret_access_key: "lvn25znf4tl5mtww"
+        no_check_certificate: true
+        s3-no-check-bucket: true
     tmp_dir: "/tmp/sreg-storage"
     load:
       source:
-        remote: "myremote:admin-test-sreg/registry-backups/registry-20260312141027.tar.gz"
+        remote: "myremote:admin-test-sreg/registry-backups/registry-20260313093103.tar.gz"
       extract_dir: "/tmp/sreg-storage/extracted"
       local_registry:
         port: 15001
       dest_registry:
-        url: "localhost:5000"
+        url: "sealos.hub:5000"

scripts/job-save.example.yaml

@@ -2,7 +2,7 @@ apiVersion: batch/v1
 kind: Job
 metadata:
   name: sreg-storage-save
-  namespace: default
+  namespace: ns-admin
 spec:
   ttlSecondsAfterFinished: 604800
   backoffLimit: 1
@@ -13,14 +13,17 @@ spec:
       restartPolicy: Never
       containers:
         - name: sreg-storage
-          image: your-registry/sreg-storage:latest
+          image: registry.cn-hangzhou.aliyuncs.com/bxy4543/sreg-storage:0313.1655
           imagePullPolicy: IfNotPresent
           command: ["/usr/local/bin/sreg-storage.sh", "save", "--config=/config/config.yaml"]
           volumeMounts:
             - name: config
               mountPath: /config
             - name: tmp
               mountPath: /tmp/sreg-storage
+            - name: image-cri-shim-config
+              mountPath: /etc/image-cri-shim.yaml
+              readOnly: true
           resources:
             requests:
               cpu: "500m"
@@ -35,28 +38,31 @@ spec:
         - name: tmp
           emptyDir:
             sizeLimit: 20Gi
+        - name: image-cri-shim-config
+          hostPath:
+            path: /etc/image-cri-shim.yaml
+            type: File
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
   name: sreg-storage-save-config
-  namespace: default
+  namespace: ns-admin
 data:
   config.yaml: |
     rclone:
       remote: "myremote"
       config:
         type: "s3"
         provider: "Other"
-        endpoint: "https://objectstorage.example.com"
-        access_key_id: "replace-me"
-        secret_access_key: "replace-me"
-        override:
-          no_check_certificate: true
+        endpoint: "objectstorageapi.192.168.10.70.nip.io"
+        access_key_id: "admin"
+        secret_access_key: "lvn25znf4tl5mtww"
+        no_check_certificate: true
+        s3-no-check-bucket: true
     tmp_dir: "/tmp/sreg-storage"
     save:
       path: "admin-test-sreg/registry-backups"
+      filename: "my-registry-test.tar.gz"  # 可选: 自定义文件名，支持 {timestamp} 占位符
       images:
-        - "nginx:latest"
-        - "redis:7-alpine"
-        - "busybox:latest"
+        - "hello-world"