Docker image build, container lifecycle, and Harbor registry substrate.
ObjDocker is an ObjSubstrate implementation for Docker. It covers:
docker build driven by <package>.deployment.image.* in config.yaml, using a static Dockerfile and --build-arg for all variance./v2/_catalog when type is not harbor.docker:
registryhost: registry.technocore.co.za
registryport: ""
homechoice:
deployment:
registry:
type: "harbor"
host: "registry.technocore.co.za"
port: ""
project: "axion"
username: "admin"
password: "..."
auto_scan: true
mirrors:
"registry.technocore.co.za":
endpoint: "https://registry.technocore.co.za"
"10.0.10.5:5000":
endpoint: "http://10.0.10.5:5000"
image:
registry: registry.technocore.co.za
repository: axion-homechoice
tag: latest
baseImage: python:3.12-bookworm
baseRuntimeImage: python:3.12-slim-bookworm
dockerfile: resource.docker/dockerfile/axion.dockerfile
When registry.type is harbor, image tags include the project prefix:
registry.technocore.co.za/axion/meridian-report-homechoice:latest
| Method | Behaviour |
|---|---|
connect() |
docker.from_env() + ping(). |
list_instances() |
All containers with name/id/image/status. |
get_instance(name) |
Detail: id, image tags, ports, labels, status. |
start_instance(name) |
Start a stopped container. |
stop_instance(name, force) |
Graceful stop, or kill when force. |
delete_instance(name, force) |
Remove container. |
execute_command(name, cmd) |
exec_run returning stdout/stderr/exit_code. |
| Method | Purpose |
|---|---|
build(package, platform) |
Build image via docker build or docker buildx build --push for cross-platform. |
push(package) |
docker push to registry. |
connect_registry(host) |
Probe Harbor health API or /v2/_catalog. |
| Method | Purpose |
|---|---|
harbor_list_repos() |
List all repositories in the Harbor project. |
harbor_list_artifacts(repo) |
List artifacts with scan overview. |
harbor_scan_results(repo, tag) |
Fetch Trivy scan results for an artifact. |
harbor_trigger_scan(repo, tag) |
Manually trigger a scan. |
harbor_delete_artifact(repo, ref) |
Delete an artifact by digest. |
harbor_gc() |
Trigger Harbor garbage collection. |
# Verify Docker daemon + registry reachability
python factory.deploy/extend.substrate/ObjDocker.py preflight
# Build the active package image
python factory.deploy/extend.substrate/ObjDocker.py build
# Push to registry
python factory.deploy/extend.substrate/ObjDocker.py push homechoice
# Harbor: list repositories
python factory.deploy/extend.substrate/ObjDocker.py harbor-repos
# Harbor: check scan results
python factory.deploy/extend.substrate/ObjDocker.py harbor-scan meridian-report-homechoice
# Harbor: trigger garbage collection
python factory.deploy/extend.substrate/ObjDocker.py harbor-gc
resource.docker/dockerfile/axion.dockerfile — multi-stage Dockerfile (builder, per-tier venvs, compiler, per-service targets).factory.deploy/ObjCompile.py — Cython compile inside the image build.factory.deploy/extend.runner/ObjBuildRunnerK3s.py — generates registries.yaml with Harbor auth from config.yaml.factory.deploy/ObjBuild.py — pipeline orchestrator, uses Harbor scan results instead of local Trivy.