summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJames E. Blair <jeblair@redhat.com>2019-01-31 15:27:23 -0800
committerJames E. Blair <jeblair@redhat.com>2019-02-01 13:26:03 -0800
commit0f6796d12bb1b78f897355dfb683d68e69371b75 (patch)
tree20332cf0f0ab5249c3e1c47cb480cb8c68beacf3
parent2292ce9aed3f404107251b76a22a1e80b98f67ac (diff)
Add role to use buildset registry
Notes
Notes (review): Code-Review+2: Monty Taylor <mordred@inaugust.com> Code-Review+2: Tobias Henkel <tobias.henkel@bmw.de> Workflow+1: Tobias Henkel <tobias.henkel@bmw.de> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Sat, 02 Feb 2019 08:12:23 +0000 Reviewed-on: https://review.openstack.org/634346 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
-rw-r--r--roles/use-buildset-registry/README.rst30
-rw-r--r--roles/use-buildset-registry/tasks/main.yaml39
2 files changed, 69 insertions, 0 deletions
diff --git a/roles/use-buildset-registry/README.rst b/roles/use-buildset-registry/README.rst
new file mode 100644
index 0000000..415a6cc
--- /dev/null
+++ b/roles/use-buildset-registry/README.rst
@@ -0,0 +1,30 @@
1Adds a buildset registry to the docker configuration.
2
3Use this role on any host which should use the buildset registry.
4
5**Role Variables**
6
7.. zuul:rolevar:: buildset_registry
8
9 Information about the registry, as returned by
10 :zuul:role:`run-buildset-registry`.
11
12 .. zuul:rolevar:: host
13
14 The host (IP address) of the registry.
15
16 .. zuul:rolevar:: port
17
18 The port on which the registry is listening.
19
20 .. zuul:rolevar:: username
21
22 The username used to access the registry via HTTP basic auth.
23
24 .. zuul:rolevar:: password
25
26 The password used to access the registry via HTTP basic auth.
27
28 .. zuul:rolevar:: cert
29
30 The (self-signed) certificate used by the registry.
diff --git a/roles/use-buildset-registry/tasks/main.yaml b/roles/use-buildset-registry/tasks/main.yaml
new file mode 100644
index 0000000..983e25b
--- /dev/null
+++ b/roles/use-buildset-registry/tasks/main.yaml
@@ -0,0 +1,39 @@
1- name: Ensure registry cert directory exists
2 become: true
3 file:
4 path: "/etc/docker/certs.d/{{ buildset_registry.host }}:{{ buildset_registry.port }}/"
5 state: directory
6- name: Write registry TLS certificate
7 become: true
8 copy:
9 content: "{{ buildset_registry.cert }}"
10 dest: "/etc/docker/certs.d/{{ buildset_registry.host }}:{{ buildset_registry.port }}/ca.crt"
11- name: Load docker daemon configuration
12 slurp:
13 path: /etc/docker/daemon.json
14 register: docker_config
15- name: Parse docker daemon configuration
16 set_fact:
17 docker_config: "{{ docker_config.content | b64decode | from_json }}"
18- name: Add registry to docker daemon configuration
19 vars:
20 new_config:
21 registry-mirrors: "['https://{{ buildset_registry.host }}:{{ buildset_registry.port}}/'] + {{ docker_config['registry-mirrors'] }}"
22 set_fact:
23 docker_config: "{{ docker_config | combine(new_config) }}"
24- name: Save docker daemon configuration
25 copy:
26 content: "{{ docker_config | to_nice_json }}"
27 dest: /etc/docker/daemon.json
28 become: true
29- name: Restart docker daemon
30 service:
31 name: docker
32 state: restarted
33 become: true
34- name: Log in to registry
35 command: "docker login -u {{ buildset_registry.username }} -p {{ buildset_registry.password }} https://{{ buildset_registry.host }}:{{ buildset_registry.port}}/"
36 register: result
37 until: result.rc ==0
38 delay: 1
39 retries: 120