[WIP] Add image publishing on quay.io
Added comtainer image publishing on quay.io repository. Change-Id: I45f6703c78fd890ce303915fc95f72e03a485e88
This commit is contained in:
parent
67372bade2
commit
1ec7f56fe2
44
.zuul.yaml
44
.zuul.yaml
|
@ -15,3 +15,47 @@
|
|||
- docs-on-readthedocs
|
||||
vars:
|
||||
rtd_webhook_id: '47941'
|
||||
check:
|
||||
jobs:
|
||||
- airship-berth-docker-build-gate
|
||||
gate:
|
||||
jobs:
|
||||
- airship-berth-docker-build-gate
|
||||
post:
|
||||
jobs:
|
||||
- airship-berth-docker-publish
|
||||
|
||||
- job:
|
||||
name: airship-berth-docker-build-gate
|
||||
timeout: 1800
|
||||
run: tools/gate/playbooks/docker-image-build.yaml
|
||||
nodeset: airship-armada-single-node
|
||||
vars:
|
||||
publish: false
|
||||
tags:
|
||||
dynamic:
|
||||
patch_set: true
|
||||
|
||||
- job:
|
||||
name: airship-berth-docker-publish
|
||||
timeout: 1800
|
||||
run: tools/gate/playbooks/docker-image-build.yaml
|
||||
nodeset: airship-armada-single-node
|
||||
secrets:
|
||||
- airship_berth_quay_creds
|
||||
vars:
|
||||
publish: true
|
||||
tags:
|
||||
dynamic:
|
||||
branch: true
|
||||
commit: true
|
||||
static:
|
||||
- latest
|
||||
|
||||
- secret:
|
||||
name: airship_berth_quay_creds
|
||||
data:
|
||||
username: !encrypted/pkcs1-oaep
|
||||
- CHANGEME=
|
||||
password: !encrypted/pkcs1-oaep
|
||||
- CHANGEME=
|
||||
|
|
|
@ -0,0 +1,126 @@
|
|||
#!/bin/python
|
||||
# Copyright 2018 AT&T Intellectual Property. All other rights reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
import json
|
||||
import logging
|
||||
import os
|
||||
import sys
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
LOG_FORMAT = '%(asctime)s %(levelname)-8s %(name)s:%(funcName)s [%(lineno)3d] %(message)s' # noqa
|
||||
|
||||
|
||||
class TagGenExeception(Exception):
|
||||
pass
|
||||
|
||||
|
||||
def read_config(stream, env):
|
||||
config = {}
|
||||
try:
|
||||
config['tags'] = json.load(stream)
|
||||
except ValueError:
|
||||
LOG.exception('Failed to decode JSON from input stream')
|
||||
config['tags'] = {}
|
||||
|
||||
LOG.debug('Configuration after reading stream: %s', config)
|
||||
|
||||
config['context'] = {
|
||||
'branch': env.get('BRANCH'),
|
||||
'change': env.get('CHANGE'),
|
||||
'commit': env.get('COMMIT'),
|
||||
'ps': env.get('PATCHSET'),
|
||||
}
|
||||
|
||||
LOG.info('Final configuration: %s', config)
|
||||
|
||||
return config
|
||||
|
||||
|
||||
def build_tags(config):
|
||||
tags = config.get('tags', {}).get('static', [])
|
||||
LOG.debug('Dynamic tags: %s', tags)
|
||||
tags.extend(build_dynamic_tags(config))
|
||||
LOG.info('All tags: %s', tags)
|
||||
return tags
|
||||
|
||||
|
||||
def build_dynamic_tags(config):
|
||||
dynamic_tags = []
|
||||
|
||||
dynamic_tags.extend(_build_branch_tag(config))
|
||||
dynamic_tags.extend(_build_commit_tag(config))
|
||||
dynamic_tags.extend(_build_ps_tag(config))
|
||||
|
||||
return dynamic_tags
|
||||
|
||||
|
||||
def _build_branch_tag(config):
|
||||
if _valid_dg(config, 'branch'):
|
||||
return [config['context']['branch']]
|
||||
else:
|
||||
return []
|
||||
|
||||
|
||||
def _build_commit_tag(config):
|
||||
if _valid_dg(config, 'commit'):
|
||||
return [config['context']['commit']]
|
||||
else:
|
||||
return []
|
||||
|
||||
|
||||
def _build_ps_tag(config):
|
||||
if _valid_dg(config, 'patch_set', 'change') and _valid_dg(
|
||||
config, 'patch_set', 'ps'):
|
||||
return [
|
||||
'%s-%s' % (config['context']['change'], config['context']['ps'])
|
||||
]
|
||||
else:
|
||||
return []
|
||||
|
||||
|
||||
def _valid_dg(config, dynamic_tag, context_name=None):
|
||||
if context_name is None:
|
||||
context_name = dynamic_tag
|
||||
|
||||
if config.get('tags', {}).get('dynamic', {}).get(dynamic_tag):
|
||||
if config.get('context', {}).get(context_name):
|
||||
return True
|
||||
else:
|
||||
raise TagGenExeception('Dynamic tag "%s" requested, but "%s"'
|
||||
' not found in context' % (dynamic_tag,
|
||||
context_name))
|
||||
else:
|
||||
return False
|
||||
|
||||
|
||||
def main():
|
||||
config = read_config(sys.stdin, os.environ)
|
||||
tags = build_tags(config)
|
||||
|
||||
for tag in tags:
|
||||
print(tag)
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
logging.basicConfig(format=LOG_FORMAT, level=logging.WARNING)
|
||||
try:
|
||||
main()
|
||||
except TagGenExeception:
|
||||
LOG.exception('Failed to generate tags')
|
||||
sys.exit(1)
|
||||
except Exception:
|
||||
LOG.exception('Unexpected exception')
|
||||
sys.exit(2)
|
|
@ -0,0 +1,129 @@
|
|||
# Copyright 2018 AT&T Intellectual Property. All other rights reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: primary
|
||||
tasks:
|
||||
- include_vars: vars.yaml
|
||||
|
||||
- name: Debug tag generation inputs
|
||||
block:
|
||||
- debug:
|
||||
var: publish
|
||||
- debug:
|
||||
var: tags
|
||||
- debug:
|
||||
var: zuul
|
||||
- debug:
|
||||
msg: "{{ tags | to_json }}"
|
||||
|
||||
- name: Determine tags
|
||||
shell: echo '{{ tags | to_json }}' | python {{ zuul.project.src_dir }}/tools/image_tags.py
|
||||
environment:
|
||||
BRANCH: "{{ zuul.branch }}"
|
||||
CHANGE: "{{ zuul.change }}"
|
||||
COMMIT: "{{ zuul.newrev }}"
|
||||
PATCHSET: "{{ zuul.patchset }}"
|
||||
register: image_tags
|
||||
|
||||
- name: Debug computed tags
|
||||
debug:
|
||||
var: image_tags
|
||||
|
||||
- name: Install Docker (Debian)
|
||||
when: ansible_os_family == 'Debian'
|
||||
block:
|
||||
- file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
with_items:
|
||||
- /etc/docker/
|
||||
- /etc/systemd/system/docker.service.d/
|
||||
- /var/lib/docker/
|
||||
- mount:
|
||||
path: /var/lib/docker/
|
||||
src: tmpfs
|
||||
fstype: tmpfs
|
||||
opts: size=25g
|
||||
state: mounted
|
||||
- copy: "{{ item }}"
|
||||
with_items:
|
||||
- content: "{{ docker_daemon | to_json }}"
|
||||
dest: /etc/docker/daemon.json
|
||||
- src: files/docker-systemd.conf
|
||||
dest: /etc/systemd/system/docker.service.d/
|
||||
- apt_key:
|
||||
url: https://download.docker.com/linux/ubuntu/gpg
|
||||
- apt_repository:
|
||||
repo: deb http://{{ zuul_site_mirror_fqdn }}/deb-docker xenial stable
|
||||
- apt:
|
||||
name: "{{ item }}"
|
||||
allow_unauthenticated: True
|
||||
with_items:
|
||||
- docker-ce
|
||||
- python-pip
|
||||
- pip:
|
||||
name: docker
|
||||
version: 2.7.0
|
||||
# NOTE(SamYaple): Allow all connections from containers to host so the
|
||||
# containers can access the http server for git and wheels
|
||||
- iptables:
|
||||
action: insert
|
||||
chain: INPUT
|
||||
in_interface: docker0
|
||||
jump: ACCEPT
|
||||
become: True
|
||||
|
||||
- name: Make images
|
||||
when: not publish
|
||||
block:
|
||||
- make:
|
||||
chdir: "{{ zuul.project.src_dir }}"
|
||||
target: images
|
||||
params:
|
||||
IMAGE_TAG: "{{ item }}"
|
||||
with_items: "{{ image_tags.stdout_lines }}"
|
||||
|
||||
- shell: "docker images"
|
||||
register: docker_images
|
||||
|
||||
- debug:
|
||||
var: docker_images
|
||||
become: True
|
||||
|
||||
- name: Publish images
|
||||
block:
|
||||
- docker_login:
|
||||
username: "{{ airship_berth_quay_creds.username }}"
|
||||
password: "{{ airship_berth_quay_creds.password }}"
|
||||
registry_url: "https://quay.io/api/v1/"
|
||||
|
||||
- make:
|
||||
chdir: "{{ zuul.project.src_dir }}"
|
||||
target: images
|
||||
params:
|
||||
DOCKER_REGISTRY: "quay.io"
|
||||
IMAGE_PREFIX: "airshipit"
|
||||
IMAGE_TAG: "{{ item }}"
|
||||
COMMIT: "{{ zuul.newrev }}"
|
||||
PUSH_IMAGE: "true"
|
||||
with_items: "{{ image_tags.stdout_lines }}"
|
||||
|
||||
- shell: "docker images"
|
||||
register: docker_images
|
||||
|
||||
- debug:
|
||||
var: docker_images
|
||||
|
||||
when: publish
|
||||
become: True
|
|
@ -0,0 +1,19 @@
|
|||
# Copyright 2017 The Openstack-Helm Authors.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
docker_daemon:
|
||||
group: zuul
|
||||
registry-mirrors:
|
||||
- "http://{{ zuul_site_mirror_fqdn }}:8082/"
|
||||
storage-driver: overlay2
|
Loading…
Reference in New Issue