diff --git a/.ansible-lint b/.ansible-lint deleted file mode 100644 index 5d88ddf..0000000 --- a/.ansible-lint +++ /dev/null @@ -1,8 +0,0 @@ -skip_list: # or 'skip_list' to silence them completely - - command-instead-of-shell # Use shell only when shell functionality is required - - experimental # all rules tagged as experimental - - package-latest # Package installs should not use latest - - role-name # Role name {0} does not match ``^[a-z][a-z0-9_]+$`` pattern - -exclude_paths: - - zuul.d/ diff --git a/.gitignore b/.gitignore deleted file mode 100644 index fb919b0..0000000 --- a/.gitignore +++ /dev/null @@ -1,69 +0,0 @@ -# Byte-compiled / optimized / DLL files -__pycache__/ -*.py[cod] - -# C extensions -*.so - -# Distribution / packaging -.Python -env/ -develop-eggs/ -dist/ -downloads/ -eggs/ -.eggs/ -lib/ -lib64/ -sdist/ -var/ -container_registry.egg-info/ -.installed.cfg -*.egg - -# PyInstaller -# Usually these files are written by a python script from a template -# before PyInstaller builds the exe, so as to inject date/other infos into it. -*.manifest -*.spec - -# Installer logs -pip-log.txt -pip-delete-this-directory.txt - -# Unit test / coverage reports -htmlcov/ -.tox/ -.coverage -.coverage.* -.cache -nosetests.xml -coverage.xml -*,cover - -# Translations -*.mo -*.pot - -# Django stuff: -*.log - -# Sphinx documentation -doc/build/ - -# PyBuilder -target/ - -# virtualenv -.venv/ - -# jenkins config -jenkins/config.ini -playbooks/debug.yml - -# Files created by releasenotes build -releasenotes/build - -# Editors -.*.sw[klmnop] - diff --git a/.yamllint b/.yamllint deleted file mode 100644 index ad0be76..0000000 --- a/.yamllint +++ /dev/null @@ -1,11 +0,0 @@ -extends: default - -rules: - braces: - max-spaces-inside: 1 - level: error - brackets: - max-spaces-inside: 1 - level: error - line-length: disable - truthy: disable diff --git a/LICENSE b/LICENSE deleted file mode 100644 index 68c771a..0000000 --- a/LICENSE +++ /dev/null @@ -1,176 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - diff --git a/README.rst b/README.rst index 70909d7..4ee2c5f 100644 --- a/README.rst +++ b/README.rst @@ -1,156 +1,10 @@ -ansible-role-container-registry -=============================== +This project is no longer maintained. -A role to deploy a container registry and provide methods to login to it. -For now, the role only support Docker Registry v2. -The login currently doesn't work with hub.docker.com. +The contents of this repository are still available in the Git +source code management system. To see the contents of this +repository before it reached its end of life, please check out the +previous commit with "git checkout HEAD^1". - -Role Variables --------------- - -.. list-table:: Variables used for container registry - :widths: auto - :header-rows: 1 - - * - Name - - Default Value - - Description - * - `container_registry_debug` - - `false` - - Enable debug option in Docker - * - `container_registry_deploy_docker` - - `true` - - Whether or not to deploy Docker - * - `container_registry_deploy_docker_distribution` - - `true` - - Whether or not to deploy Docker Distribution - * - `container_registry_deployment_user` - - `centos` - - User which needs to manage containers - * - `container_registry_docker_options` - - `--log-driver=journald --signature-verification=false --iptables=false --live-restore` - - Options given to Docker configuration - * - `container_registry_docker_disable_iptables` - - `false` - - Adds --iptables=false to /etc/sysconfig/docker-network config - * - `container_registry_insecure_registries` - - `[]` - - Array of insecure registries - * - `container_registry_network_options` - - `[undefined]` - - Docker networking options - * - `container_registry_host` - - `localhost` - - Docker registry host - * - `container_registry_port` - - `8787` - - Docker registry port - * - `container_registry_mirror` - - `[undefined]` - - Docker registry mirror - * - `container_registry_storage_options` - - `-s overlay2` - - Docker storage options - * - `container_registry_selinux` - - `false` - - Whether or not SElinux is enabled for containers - * - `container_registry_additional_sockets` - - `[undefined]` - - Additional sockets for containers - * - `container_registry_skip_reconfiguration` - - `false` - - Do not perform container registry reconfiguration if it's already configured - * - `container_registry_logins` - - `[]` - - A dictionary containing registries and a username and a password associated with the registry. - Example: {'docker.io': {'myusername': 'mypassword'}, 'registry.example.com:8787': {'otheruser': 'otherpass'}} - -Requirements ------------- - - - ansible >= 2.4 - - python >= 2.6 - -Dependencies ------------- - -None - -Example Playbooks ------------------ - -Modify Image -~~~~~~~~~~~~ - -The following playbook will deploy a Docker registry: - -.. code-block:: - - - hosts: localhost - become: true - roles: - - container-registry - -License -------- - -Apache 2.0 - - -Running local testing ---------------------- - -Local testing of this role can be done in a number of ways. - -Mimic Zuul -~~~~~~~~~~ - -Sometimes its nessisary to setup a test that will mimic what the OpenStack gate -will do (Zuul). To run tests that minic the gate, `python-virtualenv` `git`, -`gcc`, and `ansible` are required. - -.. code-block:: shell - - $ sudo yum install python-virtualenv git gcc - - -Once the packages are installed, create a python virtual environment. - -.. code-block:: shell - - $ python -m virtualenv --system-site-packages ~/test-python - $ ~/test-python/bin/pip install pip setuptools --upgrade - - -Now install the latest Ansible - -.. code-block:: shell - - $ ~/test-python/bin/pip install ansible - - -With Ansible installed, activate the virtual environment and run the -`run-local.yml` test playbook. - -.. code-block:: shell - - $ source ~/test-python/bin/activate - (test-python) $ ansible-playbook -i 'localhost,' \ - -e "tripleo_src=$(realpath --relative-to="${HOME}" "$(pwd)")" \ - -e "ansible_user=${USER}" \ - -e "ansible_user_dir=${HOME}" \ - -e "ansible_connection=local" \ - zuul.d/playbooks/run-local.yml - - -Running Molecule directly -~~~~~~~~~~~~~~~~~~~~~~~~~ - -It is also possible to test this role using molecule directly. When running -tests directly it is assumed all of the dependencies are setup and ready to -run on the local workstation. When - -.. code-block:: shell - - $ molecule test --all +For any further questions, please email +openstack-discuss@lists.openstack.org or join #openstack-dev on +OFTC. diff --git a/ansible-requirements.txt b/ansible-requirements.txt deleted file mode 100644 index f5398ac..0000000 --- a/ansible-requirements.txt +++ /dev/null @@ -1,6 +0,0 @@ -# These are required here because ansible can't be in global-requirements due -# to licensing conflicts. But we sill need to be able to pull them in for -# lint checks and want to document these as ansible specific things that may -# be required for this repository. -ansible-core<2.12 -ansible-lint diff --git a/ansible.cfg b/ansible.cfg deleted file mode 100644 index 6d7d679..0000000 --- a/ansible.cfg +++ /dev/null @@ -1,12 +0,0 @@ -[defaults] -gathering = smart -command_warnings = False -retry_files_enabled = False -callback_whitelist = profile_tasks - -# Attempt to load custom modules whether it's installed system-wide or from a virtual environment -roles_path = roles:$VIRTUAL_ENV/usr/share/ansible/roles/container-registry:$VIRTUAL_ENV/usr/local/share/ - - -[ssh_connection] -control_path = %(directory)s/%C diff --git a/bindep.txt b/bindep.txt deleted file mode 100644 index bf27e0c..0000000 --- a/bindep.txt +++ /dev/null @@ -1,32 +0,0 @@ -# This file facilitates OpenStack-CI package installation -# before the execution of any tests. -# -# See the following for details: -# - https://docs.openstack.org/infra/bindep/ -# - https://opendev.org/opendev/bindep/ -# -# Even if the role does not make use of this facility, it -# is better to have this file empty, otherwise OpenStack-CI -# will fall back to installing its default packages which -# will potentially be detrimental to the tests executed. - -# The gcc compiler -gcc - -# Base requirements for RPM distros -gcc-c++ [platform:rpm] -git [platform:rpm] -libffi-devel [platform:rpm] -openssl-devel [platform:rpm] -python2-dnf [platform:fedora] -python-virtualenv [platform:rpm] - -# For SELinux -libselinux-python [platform:rpm] -libsemanage-python [platform:redhat] - -# Required for compressing collected log files in CI -gzip - -# Required to build language docs -gettext diff --git a/defaults/main.yml b/defaults/main.yml deleted file mode 100644 index 60b9931..0000000 --- a/defaults/main.yml +++ /dev/null @@ -1,19 +0,0 @@ -# defaults file for ansible-role-container-registry - -container_registry_debug: false -container_registry_deploy_docker: true -container_registry_deploy_docker_distribution: true -container_registry_deployment_user: centos -container_registry_docker_options: '--log-driver=journald --signature-verification=false --iptables=false --live-restore' -container_registry_docker_disable_iptables: false -container_registry_insecure_registries: [] -container_registry_network_options: '' -container_registry_host: localhost -container_registry_port: 8787 -container_registry_mirror: '' -container_registry_storage_options: '-s overlay2' -container_registry_selinux: false -container_registry_additional_sockets: [] -container_registry_skip_reconfiguration: false -container_registry_logins: {} -container_registry_cleanup_client: false diff --git a/handlers/main.yml b/handlers/main.yml deleted file mode 100644 index e9f4806..0000000 --- a/handlers/main.yml +++ /dev/null @@ -1,60 +0,0 @@ ---- -- name: restart docker - command: /bin/true - notify: - - Docker | reload systemd - - Docker | reload docker - - Docker | pause while Docker restarts - - Docker | wait for docker - listen: "restart docker service" - -- name: restart docker-distribution - command: /bin/true - notify: - - Docker | reload systemd - - Docker | reload docker-distribution - listen: "restart docker-distribution service" - -- name: Docker | reload systemd - systemd: - daemon_reload: yes - become: true - when: ansible_facts['service_mgr'] == 'systemd' - -- name: Docker | reload docker - service: - name: docker - state: restarted - become: true - -- name: Docker | pause while Docker restarts - pause: - seconds: 10 - prompt: "Waiting for docker restart" - -- name: Docker | wait for docker - command: /usr/bin/docker images - register: docker_ready - retries: 10 - delay: 5 - until: docker_ready.rc == 0 - -- name: Docker | reload docker-distribution - service: - name: docker-distribution - state: restarted - notify: - - Docker | wait for registry - become: true - -# NOTE(bogdando): import caveats https://github.com/ansible/ansible/issues/42621 -- name: Docker | wait for registry - uri: - # Just checking API version should be fine - # https://docs.docker.com/registry/spec/api/#api-version-check - url: "http://{{ container_registry_host }}:{{ container_registry_port }}/v2/" - return_content: yes - register: registry_status - retries: 10 - delay: 5 - until: "registry_status.status|int == 200 and 'OK' in registry_status.msg" diff --git a/meta/main.yml b/meta/main.yml deleted file mode 100644 index 56b93cd..0000000 --- a/meta/main.yml +++ /dev/null @@ -1,19 +0,0 @@ -galaxy_info: - role_name: container-registry - author: tripleo - description: A role to deploy a container registry. - - license: Apache 2.0 - - min_ansible_version: 2.4 - - platforms: - - name: EL - versions: - - 7 - - galaxy_tags: - - docker - - registry - -dependencies: [] diff --git a/molecule-requirements.txt b/molecule-requirements.txt deleted file mode 100644 index 3414a74..0000000 --- a/molecule-requirements.txt +++ /dev/null @@ -1,9 +0,0 @@ -ansible -ansi2html -docker -pytest -pytest-cov -pytest-html -pytest-xdist -mock -molecule>=3.0,<3.1 diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml deleted file mode 100644 index ccf01f5..0000000 --- a/molecule/default/molecule.yml +++ /dev/null @@ -1,50 +0,0 @@ ---- -driver: - name: delegated - options: - managed: false - login_cmd_template: >- - ssh - -o UserKnownHostsFile=/dev/null - -o StrictHostKeyChecking=no - -o Compression=no - -o TCPKeepAlive=yes - -o VerifyHostKeyDNS=no - -o ForwardX11=no - -o ForwardAgent=no - {instance-default} - ansible_connection_options: - ansible_connection: ssh - -log: true - -platforms: - - name: instance-default - -provisioner: - name: ansible - config_options: - defaults: - fact_caching: jsonfile - fact_caching_connection: /tmp/molecule/facts - inventory: - hosts: - all: - hosts: - instance-default: - ansible_host: localhost - log: true - env: - ANSIBLE_STDOUT_CALLBACK: yaml - ANSIBLE_ROLES_PATH: "${ANSIBLE_ROLES_PATH}:${HOME}/zuul-jobs/roles" - -scenario: - name: default - test_sequence: - - prepare - - converge - - verify - -verifier: - name: testinfra - diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml deleted file mode 100644 index bd28dd8..0000000 --- a/molecule/default/playbook.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -# Copyright 2019 Red Hat, Inc. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - - -- name: Converge - become: true - hosts: all - tasks: - - name: Test ansible-role-container-registry - include_role: - name: ansible-role-container-registry - vars: - container_registry_deploy_docker: true - container_registry_deploy_docker_distribution: true diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml deleted file mode 100644 index c335449..0000000 --- a/molecule/default/prepare.yml +++ /dev/null @@ -1,34 +0,0 @@ ---- -# Copyright 2019 Red Hat, Inc. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - - - -- name: Prepare - hosts: all - become: true - gather_facts: true - pre_tasks: - - name: set basic user fact - set_fact: - ansible_user: "{{ lookup('env', 'USER') }}" - when: - - ansible_user is undefined - - - name: set basic home fact - set_fact: - ansible_user_dir: "{{ lookup('env', 'HOME') }}" - when: - - ansible_user_dir is undefined diff --git a/molecule/login/molecule.yml b/molecule/login/molecule.yml deleted file mode 100644 index 1585d42..0000000 --- a/molecule/login/molecule.yml +++ /dev/null @@ -1,50 +0,0 @@ ---- -driver: - name: delegated - options: - managed: false - login_cmd_template: >- - ssh - -o UserKnownHostsFile=/dev/null - -o StrictHostKeyChecking=no - -o Compression=no - -o TCPKeepAlive=yes - -o VerifyHostKeyDNS=no - -o ForwardX11=no - -o ForwardAgent=no - {instance-login} - ansible_connection_options: - ansible_connection: ssh - -log: true - -platforms: - - name: instance-login - -provisioner: - name: ansible - config_options: - defaults: - fact_caching: jsonfile - fact_caching_connection: /tmp/molecule/facts - inventory: - hosts: - all: - hosts: - instance-login: - ansible_host: localhost - ansible_user: zuul - log: true - env: - ANSIBLE_STDOUT_CALLBACK: yaml - ANSIBLE_ROLES_PATH: "${ANSIBLE_ROLES_PATH}:${HOME}/zuul-jobs/roles" - -scenario: - test_sequence: - - prepare - - converge - - verify - -verifier: - name: testinfra - diff --git a/molecule/login/playbook.yml b/molecule/login/playbook.yml deleted file mode 100644 index db8ba5b..0000000 --- a/molecule/login/playbook.yml +++ /dev/null @@ -1,195 +0,0 @@ ---- -# Copyright 2019 Red Hat, Inc. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -#### -# Testing that the role fails with information when we are not passing -# credentials for the login -# -- name: Ensure role checks for missing information - hosts: all - tasks: - - name: Test role failed false - set_fact: - role_failed: false - - - name: ensure role fails when credentials missing - block: - - name: ensure role fails when credentials missing - include_role: - name: ansible-role-container-registry - tasks_from: registry-login - vars: - ansible_python_interpreter: "{{ ansible_user_dir }}/test-python/bin/python" - rescue: - - name: Test role failed true - set_fact: - role_failed: true - - - name: assert on missing credentials - assert: - that: role_failed != false - fail_msg: Role did not fail and it should have while passing no credential - success_msg: Role failed correctly while passing no credentials - -##### -# We don't want to pollute the host by installing packages that -# should be installed elsewhere and maybe from different repository -# Here we test that we are removing any client package after installing it -# As sometimes the package is installed before we run this role, we are also -# testing that we are removing packages if and only if we were the ones -# installing it. -# -- name: Check role behaviour with docker installation - hosts: instance-login - vars: - docker_login_cache: /root/.docker/config.json - docker_socket: /var/run/docker.sock - container_registry_logins: - localhost:5000: - testuser: testpassword - tasks: - - name: preinstall docker - become: true - package: - name: docker - state: present - - - name: Include role with docker preinstalled - include_role: - name: ansible-role-container-registry - tasks_from: install-engine - vars: - ansible_python_interpreter: "{{ ansible_user_dir }}/test-python/bin/python" - - - name: remove clients with docker preinstalled - include_role: - name: ansible-role-container-registry - tasks_from: cleanup-engine - vars: - ansible_python_interpreter: "{{ ansible_user_dir }}/test-python/bin/python" - container_registry_cleanup_client: true - - - name: Check if tasks removed docker and it shouldn't - assert: - that: - - remove_docker is not defined or remove_docker is skipped - fail_msg: Role removed docker when it shouldn't have - success_msg: Role correctly left docker as it was installed before - - - name: remove docker - become: true - package: - name: docker - state: absent - - - name: Install client without docker preinstalled - include_role: - name: ansible-role-container-registry - tasks_from: install-engine - vars: - ansible_python_interpreter: "{{ ansible_user_dir }}/test-python/bin/python" - - - name: Cleanup client without docker preinstalled - include_role: - name: ansible-role-container-registry - tasks_from: cleanup-engine - vars: - ansible_python_interpreter: "{{ ansible_user_dir }}/test-python/bin/python" - container_registry_cleanup_client: true - - - name: Check if tasks removed docker - assert: - that: - - remove_docker is defined - fail_msg: Role did not remove docker when it should have - success_msg: Role correctly removed docker as it was not present before call - -#### -# This play tests that docker is chosen in centos7 and the login successfully -# created a auth cache file -# it also ensure that docker deamon is still running after we remove the client -# -- name: Test login behaviour in centos7 - hosts: instance-login - vars: - docker_login_cache: /root/.docker/config.json - docker_socket: /var/run/docker.sock - container_registry_logins: - localhost:5000: - testuser: testpassword - tasks: - - name: include container registry role - include_role: - name: ansible-role-container-registry - tasks_from: registry-login - - - name: check credentials file - become: true - stat: - path: "{{ docker_login_cache }}" - register: cache_file - - - block: - - name: assert on file existence - assert: - that: - - cache_file.stat.exists - fail_msg: Credential file was not created - success_msg: Credential file correctly present - failed_when: false - rescue: - - name: rescue - debug: - msg: noop - - - name: Verify credentials can be used - block: - - name: create build dir - file: - path: /tmp/tempimage - state: directory - mode: 0755 - - - name: create Dockerfile - copy: - content: | - FROM scratch - ADD nothing / - dest: /tmp/tempimage/Dockerfile - mode: 0644 - - - name: Build test image - become: true - shell: | - cd /tmp/tempimage - touch nothing - docker build -t localhost:5000/test/testimage:v1 . - changed_when: true - register: build - - - name: Verify authenticated push works - become: true - shell: | - docker push localhost:5000/test/testimage:v1 - changed_when: true - - - name: Cleanup - include_role: - name: ansible-role-container-registry - tasks_from: cleanup-engine - vars: - ansible_python_interpreter: "{{ ansible_user_dir }}/test-python/bin/python" - container_registry_cleanup_client: true diff --git a/molecule/login/prepare.yml b/molecule/login/prepare.yml deleted file mode 100644 index 42bfe7e..0000000 --- a/molecule/login/prepare.yml +++ /dev/null @@ -1,63 +0,0 @@ ---- -# Copyright 2019 Red Hat, Inc. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - - - -- name: Prepare - hosts: all - become: true - gather_facts: true - pre_tasks: - - name: set basic user fact - set_fact: - ansible_user: "{{ lookup('env', 'USER') }}" - when: - - ansible_user is undefined - - - name: set basic home fact - set_fact: - ansible_user_dir: "{{ lookup('env', 'HOME') }}" - when: - - ansible_user_dir is undefined - - - name: include container registry role - include_role: - name: ansible-role-container-registry - tasks_from: docker - - tasks: - - name: Install docker-sdk - pip: - name: docker - virtualenv: "{{ ansible_user_dir }}/test-python" - virtualenv_site_packages: true - - - name: Ensure htpasswd exists - package: - name: httpd-tools - state: present - - - name: Create a docker registry - become: true - shell: |- - docker pull ubuntu:16.04 - docker tag ubuntu:16.04 localhost:5000/my-ubuntu - mkdir auth - htpasswd -Bbn testuser testpassword > auth/htpasswd - docker container stop registry - docker run -d -p 5000:5000 --restart=always --name registry -v "$(pwd)"/auth:/auth -e "REGISTRY_AUTH=htpasswd" -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd registry:2 - args: - creates: /root/auth/htpasswd diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index d155c5c..0000000 --- a/requirements.txt +++ /dev/null @@ -1,2 +0,0 @@ -pbr>=1.6 -ansible-core<2.12 diff --git a/setup.cfg b/setup.cfg deleted file mode 100644 index e359bf9..0000000 --- a/setup.cfg +++ /dev/null @@ -1,38 +0,0 @@ -[metadata] -name = ansible-role-container-registry -summary = ansible-container-registry - Ansible role to deploy a container registry -description_file = - README.rst -author = TripleO Team -author_email = emilien@redhat.com -home_page = https://opendev.org/openstack/ansible-role-container-registry -classifier = - License :: OSI Approved :: Apache Software License - Development Status :: 4 - Beta - Intended Audience :: Developers - Intended Audience :: System Administrators - Intended Audience :: Information Technology - Topic :: Utilities - -[global] -setup_hooks = - pbr.hooks.setup_hook - -[files] -data_files = - share/ansible/roles/container-registry/defaults = defaults/* - share/ansible/roles/container-registry/handlers = handlers/* - share/ansible/roles/container-registry/meta = meta/* - share/ansible/roles/container-registry/tasks = tasks/* - share/ansible/roles/container-registry/templates = templates/* - share/ansible/roles/container-registry/tests = tests/* - share/ansible/roles/container-registry/vars = vars/* - share/ansible/roles/container-registry/files = files/* - -[wheel] -universal = 1 - -[pbr] -skip_authors = True -skip_changelog = True - diff --git a/setup.py b/setup.py deleted file mode 100644 index 58ffb52..0000000 --- a/setup.py +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright Red Hat, Inc. All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -import setuptools - -setuptools.setup( - setup_requires=['pbr'], - py_modules=[], - pbr=True) diff --git a/tasks/cleanup-engine.yml b/tasks/cleanup-engine.yml deleted file mode 100644 index d9decac..0000000 --- a/tasks/cleanup-engine.yml +++ /dev/null @@ -1,17 +0,0 @@ -- name: Cleanup Engine - block: - - name: Remove docker - package: - name: - - docker - state: absent - register: remove_docker - when: - - container_registry_docker_install is defined - - container_registry_docker_install is changed - rescue: - - name: Failed removing docker - debug: - msg: "unable to remove docker" - become: true - diff --git a/tasks/docker-distribution.yml b/tasks/docker-distribution.yml deleted file mode 100644 index ae7e79c..0000000 --- a/tasks/docker-distribution.yml +++ /dev/null @@ -1,45 +0,0 @@ ---- - -# tasks file for ansible-role-container-registry - -- name: ensure docker-distribution is installed - package: - name: docker-distribution - state: present - become: true - register: _distro_install - -- name: manage /etc/docker-distribution/registry/config.yml - template: - src: docker-distribution-config.yml.j2 - dest: /etc/docker-distribution/registry/config.yml - mode: '0644' - become: true - register: _distro_config - notify: restart docker-distribution service - -- name: Handle docker-distribution restart - become: true - when: _distro_install is changed or _distro_config is changed - block: - - name: Reload systemd - systemd: - daemon_reload: yes - become: true - - name: Reload docker-distribution - service: - enabled: true - name: docker-distribution - state: restarted - become: true - # NOTE(bogdando): import caveats https://github.com/ansible/ansible/issues/42621 - - name: Wait for registry - uri: - # Just checking API version should be fine - # https://docs.docker.com/registry/spec/api/#api-version-check - url: "http://{{ container_registry_host }}:{{ container_registry_port }}/v2/" - return_content: yes - register: registry_status - retries: 10 - delay: 5 - until: "registry_status.status|int == 200 and 'OK' in registry_status.msg" diff --git a/tasks/docker-login.yml b/tasks/docker-login.yml deleted file mode 100644 index f5be95b..0000000 --- a/tasks/docker-login.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- - -# tasks file for ansible-role-container-registry - -- name: perform docker login - become: true - docker_login: - username: "{{ lookup('dict', item.value).key }}" - password: "{{ lookup('dict', item.value).value }}" - registry: "{{ item.key }}" - loop: "{{ query('dict', container_registry_logins | default({})) }}" - no_log: "{{ not container_registry_debug|bool }}" - when: container_registry_logins | length > 0 diff --git a/tasks/docker-update.yml b/tasks/docker-update.yml deleted file mode 100644 index 643a411..0000000 --- a/tasks/docker-update.yml +++ /dev/null @@ -1,50 +0,0 @@ ---- - -# tasks file for ansible-role-container-registry -# the tasks will ensure docker is up to date. - -- block: - - name: set package manager to yum - set_fact: - registry_pkg_manager: yum - when: - - ansible_facts['os_family'] == 'RedHat' - - ansible_facts['distribution_major_version']|int == 7 - - - name: set package manager to dnf - set_fact: - registry_pkg_manager: dnf - when: (ansible_facts['os_family'] == 'RedHat' and ansible_facts['distribution_major_version']|int > 7) or (ansible_facts['distribution'] == 'Fedora') - - - - name: can docker be updated - shell: "{{ registry_pkg_manager }} check-update docker" - register: docker_check_update - failed_when: docker_check_update.rc not in [0, 100] - changed_when: docker_check_update.rc == 100 - - - name: set docker_rpm_needs_update fact - set_fact: docker_rpm_needs_update={{ docker_check_update.rc == 100 }} - - - name: ensure docker is installed - package: - name: docker - state: present - when: docker_rpm_needs_update - - - name: update the docker package (yum) - yum: name=docker state=latest update_cache=yes # cache for https://bugs.launchpad.net/tripleo/+bug/1703830 - notify: restart docker service - when: - - docker_rpm_needs_update - - registry_pkg_manager == 'yum' - - - name: update the docker package (dnf) - dnf: name=docker state=latest - notify: restart docker service - when: - - docker_rpm_needs_update - - registry_pkg_manager == 'dnf' - - # Note(mfedosin): explicitly skip all preceding tasks if we don't need reconfiguration. - when: not container_registry_skip_reconfiguration diff --git a/tasks/docker.yml b/tasks/docker.yml deleted file mode 100644 index feee550..0000000 --- a/tasks/docker.yml +++ /dev/null @@ -1,194 +0,0 @@ ---- - -# tasks file for ansible-role-container-registry - -# NOTE(mfedosin): In order to verify that we have already configured docker -# we add a line `# Configured by Ansible container registry role` in -# /etc/sysconfig/docker config file when initial configuration is done, -# and check its existence later. -- name: Check that the configuration mark exists in /etc/sysconfig/docker - command: grep -Fq "# Configured by Ansible container registry role" /etc/sysconfig/docker - register: is_configured - check_mode: false - failed_when: false - changed_when: false - -- name: configure docker registry block - when: not container_registry_skip_reconfiguration or is_configured.rc != 0 - become: true - block: - # NOTE(aschultz): LP#1750194 - need to set ip_forward before docker starts - # so lets set it before we install the package if we're managing it. - - name: enable net.ipv4.ip_forward - sysctl: - name: net.ipv4.ip_forward - value: 1 - sysctl_set: yes - state: present - reload: yes - - # NOTE(aschultz): LP#1765121 - need to check that we don't have any ftype=0 - # volumes because other wise docker is very unhappy - - name: Check if there are XFS volumes with ftype=0 - shell: | - for dev in $(df -h | grep '/dev/' | grep -v 'tmp' | cut -d' ' -f1) - do - parseftype=$(xfs_info $dev | grep ftype=0); - if [[ ! -z "$parseftype" ]]; then - ftype="ftype=0"; - break; - fi - done - echo $ftype; - register: ftype - changed_when: false - - - name: Check ftype - fail: - msg: > - XFS volumes formatted using ftype=0 are incompatible - with the docker overlayfs driver. - when: - - not ansible_check_mode - - ftype.stdout == 'ftype=0' - - - include_tasks: install-engine.yml - - - name: manage /etc/systemd/system/docker.service.d - file: - path: /etc/systemd/system/docker.service.d - state: directory - mode: '0755' - when: ansible_facts['service_mgr'] == 'systemd' - - - name: unset mountflags - ini_file: - path: /etc/systemd/system/docker.service.d/99-unset-mountflags.conf - section: Service - option: MountFlags - value: '""' - create: yes - mode: '0644' - register: _cfg_flags - when: ansible_facts['service_mgr'] == 'systemd' - - - name: configure OPTIONS in /etc/sysconfig/docker - lineinfile: - path: /etc/sysconfig/docker - regexp: '^OPTIONS=' - line: "OPTIONS='{{ _full_docker_options }}'" - create: yes - mode: '0644' - register: _cfg_options - - - name: configure INSECURE_REGISTRY in /etc/sysconfig/docker - lineinfile: - path: /etc/sysconfig/docker - regexp: '^INSECURE_REGISTRY=' - line: "INSECURE_REGISTRY='{{ registry_flags }}'" - mode: '0644' - when: container_registry_insecure_registries | length > 0 - register: _cfg_insecure - vars: - registry_flags: --insecure-registry {{ container_registry_insecure_registries | join(' --insecure-registry ') }} - - - name: Create additional socket directories - file: - path: "{{ item | dirname }}" - state: directory - mode: '0755' - register: _cfg_sockets - with_items: "{{ container_registry_additional_sockets }}" - when: container_registry_additional_sockets | length > 0 - - - name: manage /etc/docker/daemon.json - template: - src: docker-daemon.json.j2 - dest: /etc/docker/daemon.json - mode: '0644' - register: _cfg_daemon - - - name: configure DOCKER_STORAGE_OPTIONS in /etc/sysconfig/docker-storage - lineinfile: - path: /etc/sysconfig/docker-storage - regexp: '^DOCKER_STORAGE_OPTIONS=' - line: "DOCKER_STORAGE_OPTIONS=' {{ container_registry_storage_options }}'" - create: yes - mode: '0644' - when: container_registry_storage_options | length > 0 - register: _cfg_storage - - - name: configure DOCKER_NETWORK_OPTIONS in /etc/sysconfig/docker-network - lineinfile: - path: /etc/sysconfig/docker-network - regexp: '^DOCKER_NETWORK_OPTIONS=' - line: "DOCKER_NETWORK_OPTIONS=' {{ container_registry_network_options }}'" - create: yes - mode: '0644' - when: container_registry_network_options | length > 0 - register: _cfg_network - - - name: ensure docker group exists - group: - name: docker - state: present - register: _cfg_group - - - name: add deployment user to docker group - user: - name: "{{ container_registry_deployment_user }}" - groups: docker - append: yes - register: _cfg_user - when: container_registry_deployment_user | length > 0 - - - name: reset ssh connection to pick up docker group - meta: reset_connection - when: _cfg_group is changed or _cfg_user is changed - - - name: Handle docker restart - when: - - (_cfg_flags is changed - or _cfg_options is changed - or _cfg_insecure is changed - or _cfg_sockets is changed - or _cfg_daemon is changed - or _cfg_storage is changed - or _cfg_network is changed - or _cfg_group is changed - or _cfg_user is changed) - block: - - name: Reload systemd - systemd: - daemon_reload: yes - become: true - when: - - ansible_facts['service_mgr'] == 'systemd' - - _cfg_flags is changed - - - name: Reload docker - service: - name: docker - enabled: true - state: restarted - become: true - - - name: Pause while Docker restarts - shell: sleep 10 - changed_when: false - - - name: Wait for docker - command: /usr/bin/docker images - register: docker_ready - retries: 10 - delay: 5 - until: docker_ready.rc == 0 - changed_when: false - - - name: mark docker configured - lineinfile: - path: /etc/sysconfig/docker - line: "# Configured by Ansible container registry role" - insertafter: "^# /etc/sysconfig/docker$" - create: yes - mode: '0644' diff --git a/tasks/install-engine.yml b/tasks/install-engine.yml deleted file mode 100644 index a9af516..0000000 --- a/tasks/install-engine.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -- name: Install and Start Docker - when: - - ansible_facts['distribution'] == "CentOS" - - ansible_facts['distribution_major_version']|int < 8 - become: true - block: - - - name: Install Docker - package: - name: docker - state: present - register: container_registry_docker_install - - # Workaround for https://bugs.launchpad.net/tripleo/+bug/1845166/ - - name: Disable docker iptables - when: container_registry_docker_disable_iptables - ini_file: - path: /etc/sysconfig/docker-network - section: null - option: DOCKER_NETWORK_OPTIONS - value: --iptables=false - no_extra_spaces: true - mode: '0644' - - - name: Start Docker daemon - service: - name: docker - enabled: true - state: started diff --git a/tasks/main.yml b/tasks/main.yml deleted file mode 100644 index 6ecd454..0000000 --- a/tasks/main.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- - -# tasks file for ansible-role-container-registry - -- include_tasks: docker.yml - when: container_registry_deploy_docker|bool - -- include_tasks: docker-distribution.yml - when: container_registry_deploy_docker_distribution|bool diff --git a/tasks/registry-login.yml b/tasks/registry-login.yml deleted file mode 100644 index e5269ff..0000000 --- a/tasks/registry-login.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# TODO(gcerami): The login process does not work with dockerhub, as dockerhub requires an -# auth API call to pass an email address (aven a fake one) - -- name: Fail if credentials are not defined or empty - fail: - msg: "Registry credentials are missing" - when: container_registry_logins|default({}) == {} - -- import_tasks: install-engine.yml - -- name: Try docker command line for authentication - block: - - name: Login via docker command - become: true - command: > - docker login "{{ item.key }}" - --username "{{ lookup('dict', item.value).key }}" - --password "{{ lookup('dict', item.value).value }}" - loop: "{{ query('dict', container_registry_logins | default({})) }}" - register: registry_login_docker - changed_when: false - rescue: - - name: Failed login - debug: - msg: "Warning: login failed for some credentials while using docker login" - -- import_tasks: cleanup-engine.yml - when: container_registry_cleanup_client - diff --git a/templates/docker-daemon.json.j2 b/templates/docker-daemon.json.j2 deleted file mode 100644 index 34d039a..0000000 --- a/templates/docker-daemon.json.j2 +++ /dev/null @@ -1,6 +0,0 @@ -{ -{% if container_registry_mirror != "" %} - "registry-mirrors": ["{{ container_registry_mirror }}"], -{% endif %} - "debug": {{ container_registry_debug|lower }} -} diff --git a/templates/docker-distribution-config.yml.j2 b/templates/docker-distribution-config.yml.j2 deleted file mode 100644 index 347984e..0000000 --- a/templates/docker-distribution-config.yml.j2 +++ /dev/null @@ -1,11 +0,0 @@ -version: 0.1 -log: - fields: - service: registry -storage: - cache: - layerinfo: inmemory - filesystem: - rootdirectory: /var/lib/registry -http: - addr: {{ container_registry_host }}:{{ container_registry_port }} diff --git a/test-requirements.txt b/test-requirements.txt deleted file mode 100644 index 42e1564..0000000 --- a/test-requirements.txt +++ /dev/null @@ -1,2 +0,0 @@ -hacking>=4.0.0,<4.1.0 # Apache-2.0 -pyflakes>=2.2.0 diff --git a/tests/inventory b/tests/inventory deleted file mode 100644 index 878877b..0000000 --- a/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/tests/test.yml b/tests/test.yml deleted file mode 100644 index c1806ae..0000000 --- a/tests/test.yml +++ /dev/null @@ -1,4 +0,0 @@ -- hosts: localhost - become: true - roles: - - container-registry diff --git a/tox.ini b/tox.ini deleted file mode 100644 index b8ae4fd..0000000 --- a/tox.ini +++ /dev/null @@ -1,64 +0,0 @@ -[tox] -minversion = 2.0 -envlist = docs, linters -skipsdist = True - -[testenv] -usedevelop = True -install_command = pip install -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master} {opts} {packages} -setenv = VIRTUAL_ENV={envdir} -deps = -r{toxinidir}/test-requirements.txt -whitelist_externals = bash - -[testenv:bindep] -basepython = python3 -# Do not install any requirements. We want this to be fast and work even if -# system dependencies are missing, since it's used to tell you what system -# dependencies are missing! This also means that bindep must be installed -# separately, outside of the requirements files. -deps = bindep -commands = bindep test - -[testenv:pep8] -basepython = python3 -commands = - # Run hacking/flake8 check for all python files - bash -c "git ls-files | grep -v releasenotes | xargs grep --binary-files=without-match \ - --files-with-match '^.!.*python$' \ - --exclude-dir .tox \ - --exclude-dir .git \ - --exclude-dir .eggs \ - --exclude-dir *.egg-info \ - --exclude-dir dist \ - --exclude-dir *lib/python* \ - --exclude-dir doc \ - | xargs flake8 --verbose" - -[testenv:ansible-lint] -basepython = python3 -commands = ansible-lint - -[testenv:linters] -basepython = python3 -deps = - -r{toxinidir}/test-requirements.txt - -r{toxinidir}/ansible-requirements.txt -commands = - {[testenv:pep8]commands} - {[testenv:ansible-lint]commands} - -[testenv:releasenotes] -basepython = python3 -whitelist_externals = bash -commands = bash -c ci-scripts/releasenotes_tox.sh - -[testenv:venv] -basepython = python3 -commands = {posargs} - -[flake8] -# E123, E125 skipped as they are invalid PEP-8. -# E265 deals withs paces inside of comments -show-source = True -ignore = E123,E125,E265 -builtins = _ diff --git a/vars/main.yml b/vars/main.yml deleted file mode 100644 index 529eaca..0000000 --- a/vars/main.yml +++ /dev/null @@ -1 +0,0 @@ -_full_docker_options: "{% if container_registry_selinux|bool %}--selinux-enabled {% endif %}{% if container_registry_additional_sockets | length > 0 %}-H unix:///run/docker.sock {% for soc in container_registry_additional_sockets %}-H unix://{{ soc }}{% if not loop.last %} {% endif %}{% endfor %}{% endif %} {{ container_registry_docker_options }}" diff --git a/zuul.d/layout.yaml b/zuul.d/layout.yaml deleted file mode 100644 index e192004..0000000 --- a/zuul.d/layout.yaml +++ /dev/null @@ -1,10 +0,0 @@ -- project: - check: - jobs: - - openstack-tox-linters - gate: - jobs: - - openstack-tox-linters - post: - jobs: - - publish-openstack-python-branch-tarball diff --git a/zuul.d/playbooks/pre.yml b/zuul.d/playbooks/pre.yml deleted file mode 100644 index f54bc1c..0000000 --- a/zuul.d/playbooks/pre.yml +++ /dev/null @@ -1,97 +0,0 @@ ---- - -- hosts: all - tasks: - - name: set basic user fact - fail: - msg: >- - The variable `ansible_user` set this option and try again. On the - CLI this can be defined with "-e ansible_user=${USER}" - when: - - ansible_user is undefined - - - name: set basic home fact - fail: - msg: >- - The variable `ansible_user_dir` set this option and try again. On - the CLI this can be defined with "-e ansible_user_dir=${HOME}" - when: - - ansible_user_dir is undefined - - - name: Set project path fact - set_fact: - container_registry_project_path: "{{ ansible_user_dir }}/{{ zuul.projects['opendev.org/openstack/ansible-role-container-registry'].src_dir }}" - - - name: Ensure the user has a .ssh directory - file: - path: "{{ ansible_user_dir }}/.ssh" - state: directory - owner: "{{ ansible_user }}" - group: "{{ ansible_user }}" - mode: "0700" - - - name: Create ssh key pair - user: - name: "{{ ansible_user }}" - generate_ssh_key: true - ssh_key_bits: 2048 - ssh_key_file: "{{ ansible_user_dir }}/.ssh/id_rsa" - - - name: Slurp pub key - slurp: - src: "{{ ansible_user_dir ~ '/.ssh/id_rsa.pub' }}" - register: pub_key - - - name: Ensure can ssh to can connect to localhost - authorized_key: - user: "{{ ansible_user }}" - key: "{{ pub_key['content'] | b64decode }}" - - - name: Ensure output dirs - file: - path: "{{ ansible_user_dir }}/zuul-output/logs" - state: directory - - - name: Get the zuul/zuul-jobs repo - git: - repo: https://opendev.org/zuul/zuul-jobs - dest: "{{ ansible_user_dir }}/zuul-jobs" - version: master - force: true - - - name: Ensure virtualenv is installed - include_role: - name: ensure-virtualenv - - - name: Set python_v fact to py2 or py3 - set_fact: - python_v: "{{ ansible_facts['distribution_major_version'] is version('8', '>=') | ternary('py3', 'py2') }}" - cacheable: true - - - name: Install python3-setuptools - package: - name: "python3-setuptools" - state: present - become: true - when: python_v == "py3" - - - name: Install python-setuptools - package: - name: "python-setuptools" - state: present - become: true - when: python_v == "py2" - - - name: Ensure pbr available - pip: - name: pbr - virtualenv: "{{ ansible_user_dir }}/test-python" - virtualenv_site_packages: true - - - name: Setup test-python - pip: - requirements: "{{ container_registry_project_path }}/molecule-requirements.txt" - virtualenv: "{{ ansible_user_dir }}/test-python" - virtualenv_site_packages: true - extra_args: >- - --constraint "{{ container_registry_project_path }}/ansible-requirements.txt" diff --git a/zuul.d/playbooks/run-local.yml b/zuul.d/playbooks/run-local.yml deleted file mode 100644 index 65d4d5e..0000000 --- a/zuul.d/playbooks/run-local.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- - -- hosts: all - tasks: - - name: set basic zuul fact - set_fact: - zuul: - project: - src_dir: "{{ tripleo_src }}" - ansible_connection: ssh - -- import_playbook: pre.yml - -- import_playbook: run.yml diff --git a/zuul.d/playbooks/run.yml b/zuul.d/playbooks/run.yml deleted file mode 100644 index 4fed9a5..0000000 --- a/zuul.d/playbooks/run.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- - -- hosts: all - environment: - ANSIBLE_LOG_PATH: "{{ ansible_user_dir }}/zuul-output/logs/ansible-execution.log" - tasks: - - name: Run role test job - shell: |- - . {{ ansible_user_dir }}/test-python/bin/activate - molecule test --all - changed_when: true - args: - chdir: "{{ ansible_user_dir }}/{{ zuul.project.src_dir }}" - executable: /bin/bash