dig
distribution
Our great sponsors
dig | distribution | |
---|---|---|
5 | 15 | |
3,696 | 8,379 | |
2.4% | 1.9% | |
5.9 | 9.4 | |
about 2 months ago | 8 days ago | |
Go | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dig
- Injeção de dependência em Go
-
Go doesn’t do any magical stuff and I love that
Ironically given Spring’s history, you do have dependency injection in Go. But you don’t need to use it unless there’s a clear benefit. Most code reviewers would be appalled if you pulled in dig into a project that didn’t need it.
-
What's the best dependency injection framework / methodology for Golang for the enterprise?
Interesting, one of my friends works at a big tech company and they said they passed on Wire and ultimately decided on Uber Dig https://github.com/uber-go/dig. But looking at that lib it seems a bit anti-paradigm of the goal of the Golang language (no magic/obfuscated code running in the background, what you see is what you get style coding)
-
Is dependency injection in Go a thing?
It's a library to help with DI, by Uber: https://github.com/uber-go/dig
- Alternative for Monkey patching
distribution
-
How Do I Actually Use Docker?
To transfer the image between your local machine and the server, you'll need a registry such as Docker Hub or GitHub Container Registry. (Technically you can compress images and distribute them as files but it's more of a headache than it's worth) There are plenty of registries that will allow you to host private images if that's a concern for you, but it will be harder to find a free/cheap solution. You can also host your own registry using the Distribution Project. But be warned that while hosting a basic registry is really easy, locking it down can be a pain because of the lack of well maintained and easy to use projects.
-
Go doesn’t do any magical stuff and I love that
The open source repository my colleague and I reference in this talk can be seen at https://github.com/distribution/distribution/
-
Good options for HA docker registry?
FWIW, the open source registry application itself is essentially stateless. You just run multiple copies of it and point all of them at the same storage for a High Availability setup. If you have GlusterFS, you can mount it to the local filesystem and use the filesystem storage driver, though you may need to tweak settings for it to function properly (example).
- Self-Hosting container registry
-
Ask HN: Has anyone self/on-prem hosted a container registry
It's always been one of those items deep down on the "to consider" list, and my rationale was that there really aren't any straight-forward solutions for this and with Gitlab and Github offering their own registries it was never a problem.
But yesterday I found out that Docker's Registry core (Distribution) [0] is OpenSource (and used by other registries too!), but I haven't seen many mentions of it until then. I've checked out their documentation and it seems solid.
So, what is your experience with self-hosting registries be it Distribution, Harbour or something else. Any hidden PITA? I myself will spin Distribution up on the dev env and see how it goes!
[0]: https://github.com/distribution/distribution
-
What is "registry"?
The original registry "distribution" project (which is the base of Docker Hub, Harbor, etc) was donated to the CNCF: https://github.com/distribution/distribution
-
Harbor + Kubernetes = Self-Hosted Container Registry
Evaluated this a couple of weeks back. Ended up going for registry:2 aka distribution/distribution + https://github.com/cesanta/docker_auth + https://github.com/Quiq/docker-registry-ui
-
Docker desktop no longer free for large companies
> There's a standards conversion going on where we can trace the provenance of each and every layer of the image, we can start signing those layers, and with that metadata, we can start doing automated decisioning, automated reporting, automated visibility into what's been done to that image at each step of the lifecycle.
Docker's CEO is being disingenuous. When you deploy a Docker container, you specify the image ID. The ID looks like a SHA-256 digest and even starts with the string 'sha256' but it is an arbitrary value generated by the docker daemon on the local machine. The ID is not a hash of the image contents [0]. In other words, docker images are not content-addressed.
Since docker images are not content-addressed, your image registry and image transfer tools can subvert the security of your production systems. The fix is straightforward: make an image ID be the SHA-256 digest of the image contents, which is the same everywhere: on your build system, image registry, test system, and production hosts. This fix will increase supply chain security for all Docker users. It is massive low-hanging fruit.
Now Docker will add image signatures without first making images content-addressed. Their decision makes sense only if their goal is to make money and not make a secure product. I cannot trust a company with such priorities.
[0] https://github.com/distribution/distribution/issues/1662
-
Any lightweight docker registry host suggestion?
no docker distribution please, https://github.com/distribution/distribution seems hard to run and config.
-
Suggestions for self hosted container registries?
I’ve not used it myself but it does look like the Docker registry itself is open source https://docs.docker.com/registry/deploying/ and https://github.com/distribution/distribution
What are some alternatives?
fx - A dependency injection based application framework for Go.
Harbor - An open source trusted cloud native registry project that stores, signs, and scans content.
wire - Compile-time Dependency Injection for Go
Portus - Authorization service and frontend for Docker registry (v2)
wire - Strict Runtime Dependency Injection for Golang
Dragonfly - This repository has be archived and moved to the new repository https://github.com/dragonflyoss/Dragonfly2.
di - 🛠 A full-featured dependency injection container for go programming language.
OPA (Open Policy Agent) - Open Policy Agent (OPA) is an open source, general-purpose policy engine.
container - A lightweight yet powerful IoC dependency injection container for the Go programming language
distribution-library-image
gocontainer - Simple Dependency Injection Container
machine