crane-copy

Copy an image from source to target

$ crane copy [source] [target]

$ crane copy [source] [target] [[-a|--all-tags]]

$ crane copy [source] [target] [[-j|--jobs]] [int]

$ crane copy [source] [target] [[-n|--no-clobber]]

$ crane copy [[-h|--help]]

crane copy

    The name of the source container image, including registry, repository, and tag or digest. Example: docker.io/library/nginx:latest.


    The name of the destination container image, including registry, repository, and tag. Example: gcr.io/my-project/my-image:v1.0.

The crane copy command facilitates copying container images between different container registries. It's primarily designed for environments where you need to move images without relying on a central registry or when network policies restrict direct pushing and pulling between source and destination registries. crane copy efficiently handles image layers, configuration, and manifests, ensuring a complete and accurate copy. It can copy between various registry types, including Docker Hub, Google Container Registry (GCR), Amazon Elastic Container Registry (ECR) and others that conform to the OCI distribution spec. The copying process involves pulling the image from the source registry and pushing it to the destination. Crane does not rely on the docker daemon, which makes it lightweight and faster.
crane copy aims to be a more versatile and efficient alternative to tools like docker pull followed by docker tag and docker push, especially in automated CI/CD pipelines or scripting scenarios.

Authentication with both source and destination registries may be required, using either environment variables (like DOCKER_USERNAME, DOCKER_PASSWORD for Docker Hub, or GOOGLE_APPLICATION_CREDENTIALS for GCR), or through platform-specific authentication mechanisms.
Some registries may have limitations on the size or number of layers in an image, which could affect the copy process.

Crane determines credentials by consulting the same sources used by `docker` - specifically, it honors the contents of `$HOME/.docker/config.json`. It also honors the DOCKER_USERNAME and DOCKER_PASSWORD environment variables as well as platform-specific credential helpers.
For Google Container Registry, setting the GOOGLE_APPLICATION_CREDENTIALS environment variable may be needed to successfully authenticate.

crane copy is part of the crane toolset, designed to be a lightweight and specialized tool for interacting with container registries. It emerged as a response to the need for more efficient and flexible image management compared to using the docker CLI directly. It is maintained by Google's go-containerregistry.

crane manifest(1), crane push(1), crane pull(1)