Add role to use buildset registry

Change-Id: Ieacbd033c49afd0bac11cdb17891386c9e1d6a4b
This commit is contained in:
James E. Blair 2019-01-31 15:27:23 -08:00
parent 2292ce9aed
commit 0f6796d12b
2 changed files with 69 additions and 0 deletions

View File

@ -0,0 +1,30 @@
Adds a buildset registry to the docker configuration.
Use this role on any host which should use the buildset registry.
**Role Variables**
.. zuul:rolevar:: buildset_registry
Information about the registry, as returned by
:zuul:role:`run-buildset-registry`.
.. zuul:rolevar:: host
The host (IP address) of the registry.
.. zuul:rolevar:: port
The port on which the registry is listening.
.. zuul:rolevar:: username
The username used to access the registry via HTTP basic auth.
.. zuul:rolevar:: password
The password used to access the registry via HTTP basic auth.
.. zuul:rolevar:: cert
The (self-signed) certificate used by the registry.

View File

@ -0,0 +1,39 @@
- name: Ensure registry cert directory exists
become: true
file:
path: "/etc/docker/certs.d/{{ buildset_registry.host }}:{{ buildset_registry.port }}/"
state: directory
- name: Write registry TLS certificate
become: true
copy:
content: "{{ buildset_registry.cert }}"
dest: "/etc/docker/certs.d/{{ buildset_registry.host }}:{{ buildset_registry.port }}/ca.crt"
- name: Load docker daemon configuration
slurp:
path: /etc/docker/daemon.json
register: docker_config
- name: Parse docker daemon configuration
set_fact:
docker_config: "{{ docker_config.content | b64decode | from_json }}"
- name: Add registry to docker daemon configuration
vars:
new_config:
registry-mirrors: "['https://{{ buildset_registry.host }}:{{ buildset_registry.port}}/'] + {{ docker_config['registry-mirrors'] }}"
set_fact:
docker_config: "{{ docker_config | combine(new_config) }}"
- name: Save docker daemon configuration
copy:
content: "{{ docker_config | to_nice_json }}"
dest: /etc/docker/daemon.json
become: true
- name: Restart docker daemon
service:
name: docker
state: restarted
become: true
- name: Log in to registry
command: "docker login -u {{ buildset_registry.username }} -p {{ buildset_registry.password }} https://{{ buildset_registry.host }}:{{ buildset_registry.port}}/"
register: result
until: result.rc ==0
delay: 1
retries: 120