Revert registry.zuul-ci.org
This project didn't proceed past the test phase, let's clean it up. Revert "Add a functional test for registry.zuul-ci.org" This reverts commite701fdd3ca
. Revert "Add testinfra for registry.zuul-ci.org" This reverts commite00f4e59b3
. Revert "Add static site for registry.zuul-ci.org" This reverts commit31b505d3ba
. Revert "Add SSL cert for registry.zuul-ci.org" This reverts commitd0a8473d42
. Change-Id: I1d39306187c7b2d7a908389f88d1a60e1b29ffe3
This commit is contained in:
parent
d45a9c833f
commit
3d5c2a810e
@ -47,8 +47,6 @@ letsencrypt_certs:
|
||||
- meetings.opendev.org
|
||||
static-planet-openstack-org:
|
||||
- planet.openstack.org
|
||||
static-registry-zuul-ci-org:
|
||||
- registry.zuul-ci.org
|
||||
static-service-types-openstack-org:
|
||||
- service-types.openstack.org
|
||||
static-security-openstack-org:
|
||||
|
@ -115,9 +115,6 @@
|
||||
- name: letsencrypt updated static-planet-openstack-org
|
||||
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
||||
|
||||
- name: letsencrypt updated static-registry-zuul-ci-org
|
||||
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
||||
|
||||
- name: letsencrypt updated static-service-types-openstack-org
|
||||
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
|
||||
|
||||
|
@ -1,44 +0,0 @@
|
||||
<VirtualHost *:80>
|
||||
ServerName registry.zuul-ci.org
|
||||
|
||||
RewriteEngine on
|
||||
RewriteRule ^/(.*) https://registry.zuul-ci.org/$1 [last,redirect=permanent]
|
||||
|
||||
ErrorLog /var/log/apache2/registry.zuul-ci.org_error.log
|
||||
LogLevel warn
|
||||
CustomLog /var/log/apache2/registry.zuul-ci.org_access.log combined
|
||||
ServerSignature Off
|
||||
</VirtualHost>
|
||||
|
||||
<IfModule mod_ssl.c>
|
||||
<VirtualHost *:443>
|
||||
ServerName registry.zuul-ci.org
|
||||
|
||||
RewriteEngine on
|
||||
|
||||
SSLEngine on
|
||||
SSLProtocol All -SSLv2 -SSLv3
|
||||
# Once the machine is using something to terminate TLS that supports ECDHE
|
||||
# then this should be edited to remove the RSA+AESGCM:RSA+AES so that PFS
|
||||
# only is guarenteed.
|
||||
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP
|
||||
SSLHonorCipherOrder on
|
||||
SSLCertificateFile /etc/letsencrypt-certs/registry.zuul-ci.org/registry.zuul-ci.org.cer
|
||||
SSLCertificateKeyFile /etc/letsencrypt-certs/registry.zuul-ci.org/registry.zuul-ci.org.key
|
||||
SSLCertificateChainFile /etc/letsencrypt-certs/registry.zuul-ci.org/ca.cer
|
||||
|
||||
DocumentRoot /var/www/registry
|
||||
<Directory /var/www/registry>
|
||||
Options Indexes FollowSymLinks MultiViews
|
||||
Require all granted
|
||||
AllowOverride None
|
||||
</Directory>
|
||||
|
||||
RewriteRule ^/v2/(.+)$ https://quay.io/v2/corvus/$1 [R=302,L]
|
||||
|
||||
ErrorLog /var/log/apache2/registry.zuul-ci.org_error.log
|
||||
LogLevel warn
|
||||
CustomLog /var/log/apache2/registry.zuul-ci.org_access.log combined
|
||||
ServerSignature Off
|
||||
</VirtualHost>
|
||||
</IfModule>
|
@ -123,7 +123,6 @@
|
||||
- 50-meetings.opendev.org
|
||||
- 50-nova.openstack.org
|
||||
- 50-planet.openstack.org
|
||||
- 50-registry.zuul-ci.org
|
||||
- 50-security.openstack.org
|
||||
- 50-service-types.openstack.org
|
||||
- 50-specs.openstack.org
|
||||
|
@ -1,32 +0,0 @@
|
||||
- hosts: "prod_bastion[0]"
|
||||
tasks:
|
||||
|
||||
# Do a test pull through the HTTP redirect registry site running
|
||||
# on the static host.
|
||||
|
||||
- name: Add registry redirect hosts
|
||||
lineinfile:
|
||||
dest: /etc/hosts
|
||||
regexp: '.*{{ item.registry }}$'
|
||||
line: '{{ hostvars[item.host].ansible_host }} {{ item.registry }}'
|
||||
state: present
|
||||
loop:
|
||||
- { 'host' : 'static99.opendev.org',
|
||||
'registry': 'registry.zuul-ci.org' }
|
||||
|
||||
- name: Do a test docker pull through redirect
|
||||
command: docker pull registry.zuul-ci.org/zuul:8.2.0
|
||||
register: _docker_pull
|
||||
|
||||
- name: Check output
|
||||
assert:
|
||||
that: '"Digest: sha256:4a54086c286a7f12434d3d0fb620081c5d967c5fe335229a239155913662f4a1" in _docker_pull.stdout'
|
||||
|
||||
- name: Install podman
|
||||
package:
|
||||
name: podman
|
||||
state: present
|
||||
|
||||
- name: Do a test podman pull through redirect
|
||||
command: podman --log-level=debug pull registry.zuul-ci.org/zuul:8.2.0
|
||||
register: _podman_pull
|
@ -236,27 +236,3 @@ def test_ci_openstack_org(host, path, target):
|
||||
' https://ci.openstack.org%s' % path)
|
||||
assert '301 Moved Permanently' in cmd.stdout
|
||||
assert target in cmd.stdout
|
||||
|
||||
def test_registry_zuul_ci_org(host):
|
||||
# The functional test does an actual pull; here we just check some
|
||||
# specific URLs work. In particular, we want to make sure that we
|
||||
# don't proxy /v2/.
|
||||
|
||||
cmd = host.run('curl --resolve registry.zuul-ci.org:443:127.0.0.1'
|
||||
' https://registry.zuul-ci.org/v2/')
|
||||
assert '301 Moved Permanently' not in cmd.stdout
|
||||
assert '302 Found' not in cmd.stdout
|
||||
assert cmd.stdout.strip() == ""
|
||||
|
||||
cmd = host.run('curl --resolve registry.zuul-ci.org:443:127.0.0.1'
|
||||
' -I https://registry.zuul-ci.org/v2/zuul/manifests/8.2.0')
|
||||
assert '302 Found' in cmd.stdout
|
||||
assert 'Location: https://quay.io/v2/corvus/zuul/manifests/8.2.0' in cmd.stdout
|
||||
|
||||
cmd = host.run('curl --resolve registry.zuul-ci.org:443:127.0.0.1'
|
||||
' https://registry.zuul-ci.org/v2/zuul/blobs/'
|
||||
'sha256:5dda314a937ad03f8beac81c714da74e459b6174301368e0903ef586a68ae150')
|
||||
assert '302 Found' in cmd.stdout
|
||||
assert ('https://quay.io/v2/corvus/zuul/blobs/'
|
||||
'sha256:5dda314a937ad03f8beac81c714da74e459b6174301368e0903ef586a68ae150'
|
||||
in cmd.stdout)
|
||||
|
@ -1124,7 +1124,6 @@
|
||||
run_playbooks:
|
||||
- playbooks/letsencrypt.yaml
|
||||
- playbooks/service-static.yaml
|
||||
run_test_playbook: playbooks/test-static.yaml
|
||||
files:
|
||||
- playbooks/bootstrap-bridge.yaml
|
||||
- playbooks/roles/apache-ua-filter/
|
||||
@ -1132,7 +1131,6 @@
|
||||
- playbooks/roles/letsencrypt
|
||||
- playbooks/letsencrypt.yaml
|
||||
- playbooks/service-static.yaml
|
||||
- playbooks/test-static.yaml
|
||||
- testinfra/test_static.py
|
||||
host-vars:
|
||||
static99.opendev.org:
|
||||
|
Loading…
Reference in New Issue
Block a user