eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/containers/nettest/Dockerfile
Erich Blume 0e2c10176d Harden zot registry, pt 1 (#231) 
## Summary
- Enable OIDC + API key authentication on zot with anonymous pull preserved
- Enforce tag immutability for version tags
- Adopt commit-SHA-based container image tagging

Details in the [[harden-zot-registry]] Mikado chain (`mise run docs-mikado harden-zot-registry`).

## Test plan
- [ ] Anonymous pull still works
- [ ] Unauthenticated push fails (401)
- [ ] CI container builds pass with new auth and tagging
- [ ] `mise run services-check` passes

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/231
2026-02-20 22:50:01 -08:00

20 lines
481 B
Docker
Raw Blame History

# Network connectivity test container for blumeops CI/CD debugging
#
# This container tests connectivity to tailnet services from various environments:
# - Docker on indri (during CI build)
# - Minikube pods (manual testing)
ARG CONTAINER_APP_VERSION=0.1.0
FROM alpine:3.22
RUN apk add --no-cache \
curl \
ca-certificates \
jq \
bind-tools
COPY test-connectivity.sh /test-connectivity.sh
RUN chmod +x /test-connectivity.sh
ENTRYPOINT ["/test-connectivity.sh"]
Reference in a new issue View git blame Copy permalink