zzstoatzz.io
prefect server in zig
1# docker
2
3## registry
4
5images are published to [atcr.io](https://atcr.io) - a distributed container registry built on AT Protocol.
6
7```
8atcr.io/zzstoatzz.io/prefect-server:latest
9```
10
11## publishing
12
13```bash
14just docker-publish # push :latest
15just docker-publish v0.1.0 # push specific tag
16```
17
18requires authentication via `docker-credential-atcr`:
19```bash
20# install credential helper
21curl -fsSL https://github.com/mary-ext/atcr/releases/latest/download/docker-credential-atcr-darwin-arm64 \
22 -o /usr/local/bin/docker-credential-atcr && chmod +x /usr/local/bin/docker-credential-atcr
23
24# add to ~/.docker/config.json
25# "credHelpers": { "atcr.io": "atcr" }
26
27# first push triggers browser auth
28ATCR_AUTO_AUTH=1 docker push atcr.io/zzstoatzz.io/prefect-server:latest
29```
30
31## CI (future)
32
33ATCR.io uses device authorization (browser-based) for initial auth, then stores a device token:
34```
35atcr_device_<random>
36```
37
38**potential CI approach** (not yet tested):
391. authenticate locally to generate device token
402. extract token: `docker-credential-atcr get <<< "atcr.io"`
413. store as CI secret (e.g., `ATCR_TOKEN`)
424. in CI, write credentials before push:
43 ```bash
44 echo '{"ServerURL":"atcr.io","Username":"zzstoatzz.io","Secret":"$ATCR_TOKEN"}' | docker-credential-atcr store
45 ```
46
47**open questions:**
48- token expiration/rotation policy
49- whether ATCR.io will add app passwords or CI-specific auth
50- official GitHub Actions support
51
52check [atcr.io](https://atcr.io) for updates on CI/CD support.
53
54## image details
55
56- base: `alpine:3.20`
57- size: ~47MB
58- healthcheck: `curl -f http://localhost:4200/api/health`
59- multi-arch: amd64, arm64