Add role to use buildset registry
Change-Id: Ieacbd033c49afd0bac11cdb17891386c9e1d6a4b
This commit is contained in:
James E. Blair
parent
2292ce9aed
commit
0f6796d12b
30
roles/use-buildset-registry/README.rst
Normal file
30
roles/use-buildset-registry/README.rst
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
Adds a buildset registry to the docker configuration.
|
||||||
|
|
||||||
|
Use this role on any host which should use the buildset registry.
|
||||||
|
|
||||||
|
**Role Variables**
|
||||||
|
|
||||||
|
.. zuul:rolevar:: buildset_registry
|
||||||
|
|
||||||
|
Information about the registry, as returned by
|
||||||
|
:zuul:role:`run-buildset-registry`.
|
||||||
|
|
||||||
|
.. zuul:rolevar:: host
|
||||||
|
|
||||||
|
The host (IP address) of the registry.
|
||||||
|
|
||||||
|
.. zuul:rolevar:: port
|
||||||
|
|
||||||
|
The port on which the registry is listening.
|
||||||
|
|
||||||
|
.. zuul:rolevar:: username
|
||||||
|
|
||||||
|
The username used to access the registry via HTTP basic auth.
|
||||||
|
|
||||||
|
.. zuul:rolevar:: password
|
||||||
|
|
||||||
|
The password used to access the registry via HTTP basic auth.
|
||||||
|
|
||||||
|
.. zuul:rolevar:: cert
|
||||||
|
|
||||||
|
The (self-signed) certificate used by the registry.
|
||||||
39
roles/use-buildset-registry/tasks/main.yaml
Normal file
39
roles/use-buildset-registry/tasks/main.yaml
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
- name: Ensure registry cert directory exists
|
||||||
|
become: true
|
||||||
|
file:
|
||||||
|
path: "/etc/docker/certs.d/{{ buildset_registry.host }}:{{ buildset_registry.port }}/"
|
||||||
|
state: directory
|
||||||
|
- name: Write registry TLS certificate
|
||||||
|
become: true
|
||||||
|
copy:
|
||||||
|
content: "{{ buildset_registry.cert }}"
|
||||||
|
dest: "/etc/docker/certs.d/{{ buildset_registry.host }}:{{ buildset_registry.port }}/ca.crt"
|
||||||
|
- name: Load docker daemon configuration
|
||||||
|
slurp:
|
||||||
|
path: /etc/docker/daemon.json
|
||||||
|
register: docker_config
|
||||||
|
- name: Parse docker daemon configuration
|
||||||
|
set_fact:
|
||||||
|
docker_config: "{{ docker_config.content | b64decode | from_json }}"
|
||||||
|
- name: Add registry to docker daemon configuration
|
||||||
|
vars:
|
||||||
|
new_config:
|
||||||
|
registry-mirrors: "['https://{{ buildset_registry.host }}:{{ buildset_registry.port}}/'] + {{ docker_config['registry-mirrors'] }}"
|
||||||
|
set_fact:
|
||||||
|
docker_config: "{{ docker_config | combine(new_config) }}"
|
||||||
|
- name: Save docker daemon configuration
|
||||||
|
copy:
|
||||||
|
content: "{{ docker_config | to_nice_json }}"
|
||||||
|
dest: /etc/docker/daemon.json
|
||||||
|
become: true
|
||||||
|
- name: Restart docker daemon
|
||||||
|
service:
|
||||||
|
name: docker
|
||||||
|
state: restarted
|
||||||
|
become: true
|
||||||
|
- name: Log in to registry
|
||||||
|
command: "docker login -u {{ buildset_registry.username }} -p {{ buildset_registry.password }} https://{{ buildset_registry.host }}:{{ buildset_registry.port}}/"
|
||||||
|
register: result
|
||||||
|
until: result.rc ==0
|
||||||
|
delay: 1
|
||||||
|
retries: 120
|
||||||
Loading…
Reference in New Issue
Block a user