From 067a315df92248f83103e5b4b7ec8424c9b5d6a9 Mon Sep 17 00:00:00 2001
From: yatinkarel <ykarel@redhat.com>
Date: Mon, 6 Jul 2020 12:21:24 +0530
Subject: [PATCH] Login with buildah too to allow registry access with buildah

buildah login and podman login with root do not share same
authfile, buildah uses /run/containers/0/auth.json while
podman uses /run/user/0/containers/auth.json resulted from
$XDG_RUNTIME_DIR.

To ensure both podman and buildah can access the configured
registry, run login command with both.

It's mainly needed as container images are being pushed
with tripleoclient using sudo buildah push and buildah creds
are not setup.

Related-Bug: #1886555
Change-Id: I3d38d406e9f63008f7060f31cc9ff378e97120bb
---
 .../tasks/tripleo_podman_login.yml              | 17 ++++++++++++++++-
 .../roles/tripleo_podman/vars/redhat.yml        |  1 +
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/tripleo_ansible/roles/tripleo_podman/tasks/tripleo_podman_login.yml b/tripleo_ansible/roles/tripleo_podman/tasks/tripleo_podman_login.yml
index 8b149a59f..eed305970 100644
--- a/tripleo_ansible/roles/tripleo_podman/tasks/tripleo_podman_login.yml
+++ b/tripleo_ansible/roles/tripleo_podman/tasks/tripleo_podman_login.yml
@@ -15,7 +15,7 @@
 # under the License.
 
 
-- name: Perform container registry login(s)
+- name: Perform container registry login(s) with podman
   become: true
   shell: |-
     podman login --username=$REGISTRY_USERNAME \
@@ -29,3 +29,18 @@
   no_log: "{{ tripleo_podman_hide_sensitive_logs | bool }}"
   loop: "{{ query('dict', tripleo_container_registry_logins) }}"
   register: registry_login_podman
+
+- name: Perform container registry login(s) with buildah
+  become: true
+  shell: |-
+    buildah login --username=$REGISTRY_USERNAME \
+                  --password=$REGISTRY_PASSWORD \
+                  --tls-verify={{ tripleo_podman_tls_verify }} \
+                  $REGISTRY
+  environment:
+    REGISTRY_USERNAME: "{{ lookup('dict', item.value).key }}"
+    REGISTRY_PASSWORD: "{{ lookup('dict', item.value).value }}"
+    REGISTRY: "{{ item.key }}"
+  no_log: "{{ tripleo_podman_hide_sensitive_logs | bool }}"
+  loop: "{{ query('dict', tripleo_container_registry_logins) }}"
+  register: registry_login_buildah
diff --git a/tripleo_ansible/roles/tripleo_podman/vars/redhat.yml b/tripleo_ansible/roles/tripleo_podman/vars/redhat.yml
index e6aa4de8a..69f9d8525 100644
--- a/tripleo_ansible/roles/tripleo_podman/vars/redhat.yml
+++ b/tripleo_ansible/roles/tripleo_podman/vars/redhat.yml
@@ -17,6 +17,7 @@
 
 _tripleo_podman_packages:
   - podman
+  - buildah
 
 _tripleo_podman_purge_packages:
   - docker