summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZuul <zuul@review.openstack.org>2019-02-02 08:12:23 +0000
committerGerrit Code Review <review@openstack.org>2019-02-02 08:12:23 +0000
commita9ae9ffb0c8700089ffd1a7ded2917e603578a0b (patch)
treefd46c8b98857d252f68224e360184f29af4fd527
parentd30f69d2ab0f4596df475aab10e980c3f0724d42 (diff)
parent0f6796d12bb1b78f897355dfb683d68e69371b75 (diff)
Merge "Add role to use buildset registry"
-rw-r--r--roles/use-buildset-registry/README.rst30
-rw-r--r--roles/use-buildset-registry/tasks/main.yaml39
2 files changed, 69 insertions, 0 deletions
diff --git a/roles/use-buildset-registry/README.rst b/roles/use-buildset-registry/README.rst
new file mode 100644
index 0000000..415a6cc
--- /dev/null
+++ b/roles/use-buildset-registry/README.rst
@@ -0,0 +1,30 @@
1Adds a buildset registry to the docker configuration.
2
3Use this role on any host which should use the buildset registry.
4
5**Role Variables**
6
7.. zuul:rolevar:: buildset_registry
8
9 Information about the registry, as returned by
10 :zuul:role:`run-buildset-registry`.
11
12 .. zuul:rolevar:: host
13
14 The host (IP address) of the registry.
15
16 .. zuul:rolevar:: port
17
18 The port on which the registry is listening.
19
20 .. zuul:rolevar:: username
21
22 The username used to access the registry via HTTP basic auth.
23
24 .. zuul:rolevar:: password
25
26 The password used to access the registry via HTTP basic auth.
27
28 .. zuul:rolevar:: cert
29
30 The (self-signed) certificate used by the registry.
diff --git a/roles/use-buildset-registry/tasks/main.yaml b/roles/use-buildset-registry/tasks/main.yaml
new file mode 100644
index 0000000..983e25b
--- /dev/null
+++ b/roles/use-buildset-registry/tasks/main.yaml
@@ -0,0 +1,39 @@
1- name: Ensure registry cert directory exists
2 become: true
3 file:
4 path: "/etc/docker/certs.d/{{ buildset_registry.host }}:{{ buildset_registry.port }}/"
5 state: directory
6- name: Write registry TLS certificate
7 become: true
8 copy:
9 content: "{{ buildset_registry.cert }}"
10 dest: "/etc/docker/certs.d/{{ buildset_registry.host }}:{{ buildset_registry.port }}/ca.crt"
11- name: Load docker daemon configuration
12 slurp:
13 path: /etc/docker/daemon.json
14 register: docker_config
15- name: Parse docker daemon configuration
16 set_fact:
17 docker_config: "{{ docker_config.content | b64decode | from_json }}"
18- name: Add registry to docker daemon configuration
19 vars:
20 new_config:
21 registry-mirrors: "['https://{{ buildset_registry.host }}:{{ buildset_registry.port}}/'] + {{ docker_config['registry-mirrors'] }}"
22 set_fact:
23 docker_config: "{{ docker_config | combine(new_config) }}"
24- name: Save docker daemon configuration
25 copy:
26 content: "{{ docker_config | to_nice_json }}"
27 dest: /etc/docker/daemon.json
28 become: true
29- name: Restart docker daemon
30 service:
31 name: docker
32 state: restarted
33 become: true
34- name: Log in to registry
35 command: "docker login -u {{ buildset_registry.username }} -p {{ buildset_registry.password }} https://{{ buildset_registry.host }}:{{ buildset_registry.port}}/"
36 register: result
37 until: result.rc ==0
38 delay: 1
39 retries: 120