With docker changing its license and the general problem of running a super privileged daemon, I've been looking for alternatives. Here's what I've found to work.
Gcrane for interacting with registries:
go install github.com/google/go-containerregistry/cmd/gcrane@latest
export PATH="${HOME}/go/bin:$PATH"
gcrane pull ubuntu ubuntu.tar
gcrane push ubuntu.tar gcr.io/my-project/ubuntu
gcrane cp ubuntu gcr.io/my-project/ubuntu
Podman for building and pushing
sudo apt-get install podman
If you get this warning:
Reading allowed ID mappings: reading subuid mappings for user "${USER}" and subgid mappings for group "${USER}": no subuid ranges found for user "${USER}" in /etc/subuid
You need to add some UIDs:
sudo usermod --add-subuids ${start_uid:=100000}-$(( ${start_uid:=100000} + "65535" )) $(whoami)
sudo usermod --add-subgids ${start_gid:=100000}-$(( ${start_gid:=100000} + "65535" )) $(whoami)
Then you can use it:
podman build -t ${IMG}:${TAG} .
# Auth to an artifact registry repo
gcloud auth print-access-token | podman login -u oauth2accesstoken --password-stdin ${REGION}-docker.pkg.dev
podman push ${REGION}-docker.pkg.dev/${PROJECT}/${REPO}/${IMG}:${TAG}
# Run a container
podman run --rm -it alpine:latest /bin/sh