71b7cb0ae5
* In the build-image role, push to the buildset registry if it is defined. * In the intermediate registry push and pull roles, ensure that the buildset registry TLS cert is in place. This is a self-signed cert, and so needs to be written for each run. This happens inside bubblewrap where we have permission to write to /etc, which is an ephemeral volume. Change-Id: I47781d8a7adb93817dfe9266e2f4ad5fd829385c
29 lines
1.1 KiB
YAML
29 lines
1.1 KiB
YAML
# This can be removed if we add this functionality to Zuul directly
|
|
- name: Load information from zuul_return
|
|
when: buildset_registry is not defined
|
|
set_fact:
|
|
buildset_registry: "{{ (lookup('file', zuul.executor.work_root + '/results.json') | from_json)['buildset_registry'] }}"
|
|
ignore_errors: true
|
|
- name: Build a docker image
|
|
command: >-
|
|
docker build {{ item.path | default('.') }} -f {{ item.dockerfile | default(docker_dockerfile) }}
|
|
{% if item.target | default(false) -%}
|
|
--target {{ item.target }}
|
|
{% endif -%}
|
|
{% for build_arg in item.build_args | default([]) -%}
|
|
--build-arg {{ build_arg }}
|
|
{% endfor -%}
|
|
--tag {{ item.repository }}:change_{{ zuul.change }}
|
|
{% for tag in item.tags | default(['latest']) -%}
|
|
--tag {{ item.repository }}:{{ tag }}
|
|
{% endfor -%}
|
|
args:
|
|
chdir: "{{ zuul_work_dir }}/{{ item.context }}"
|
|
loop: "{{ docker_images }}"
|
|
- name: Push image to buildset registry
|
|
when: buildset_registry is defined
|
|
include_tasks: push.yaml
|
|
loop: "{{ docker_images }}"
|
|
loop_control:
|
|
loop_var: image
|