Make buildah login optional

Buildah login is not needed always, it's needed
when pushing to container registeries, so make it
optional by role var tripleo_podman_buildah_login set
to false by default.

Related-Bug: #1886555
Change-Id: Ibb91dfa9684b481dea34607fc47c0d531d56ee45
This commit is contained in:
yatinkarel 2020-07-15 18:19:26 +05:30
parent 4e0293e4c9
commit 0d9effda37
6 changed files with 49 additions and 16 deletions

View File

@ -19,6 +19,7 @@
tripleo_podman_hide_sensitive_logs: "{{ hide_sensitive_logs | default(true) }}" tripleo_podman_hide_sensitive_logs: "{{ hide_sensitive_logs | default(true) }}"
tripleo_podman_debug: "{{ ((ansible_verbosity | int) >= 2) | bool }}" tripleo_podman_debug: "{{ ((ansible_verbosity | int) >= 2) | bool }}"
tripleo_podman_buildah_login: false
tripleo_container_registry_insecure_registries: [] tripleo_container_registry_insecure_registries: []
tripleo_container_registry_login: false tripleo_container_registry_login: false
tripleo_container_registry_logins: {} tripleo_container_registry_logins: {}

View File

@ -18,6 +18,7 @@
- name: Converge - name: Converge
hosts: all hosts: all
vars: vars:
tripleo_podman_buildah_login: true
tripleo_podman_tls_verify: false tripleo_podman_tls_verify: false
tripleo_container_registry_logins: tripleo_container_registry_logins:
localhost:5000: localhost:5000:
@ -26,3 +27,6 @@
- include_role: - include_role:
name: tripleo_podman name: tripleo_podman
tasks_from: tripleo_podman_login.yml tasks_from: tripleo_podman_login.yml
- include_role:
name: tripleo_podman
tasks_from: tripleo_podman_buildah_login.yml

View File

@ -52,3 +52,10 @@
when: when:
- tripleo_container_registry_login | bool - tripleo_container_registry_login | bool
- tripleo_container_registry_logins - tripleo_container_registry_logins
- name: Buildah setup
import_tasks: tripleo_podman_buildah_login.yml
when:
- tripleo_podman_buildah_login | bool
- tripleo_container_registry_login | bool
- tripleo_container_registry_logins

View File

@ -0,0 +1,37 @@
---
# Copyright 2019 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
- name: ensure buildah is installed
become: true
package:
name: "buildah"
state: latest
- name: Perform container registry login(s) with buildah
become: true
shell: |-
buildah login --username=$REGISTRY_USERNAME \
--password=$REGISTRY_PASSWORD \
--tls-verify={{ tripleo_podman_tls_verify }} \
$REGISTRY
environment:
REGISTRY_USERNAME: "{{ lookup('dict', item.value).key }}"
REGISTRY_PASSWORD: "{{ lookup('dict', item.value).value }}"
REGISTRY: "{{ item.key }}"
no_log: "{{ tripleo_podman_hide_sensitive_logs | bool }}"
loop: "{{ query('dict', tripleo_container_registry_logins) }}"
register: registry_login_buildah

View File

@ -29,18 +29,3 @@
no_log: "{{ tripleo_podman_hide_sensitive_logs | bool }}" no_log: "{{ tripleo_podman_hide_sensitive_logs | bool }}"
loop: "{{ query('dict', tripleo_container_registry_logins) }}" loop: "{{ query('dict', tripleo_container_registry_logins) }}"
register: registry_login_podman register: registry_login_podman
- name: Perform container registry login(s) with buildah
become: true
shell: |-
buildah login --username=$REGISTRY_USERNAME \
--password=$REGISTRY_PASSWORD \
--tls-verify={{ tripleo_podman_tls_verify }} \
$REGISTRY
environment:
REGISTRY_USERNAME: "{{ lookup('dict', item.value).key }}"
REGISTRY_PASSWORD: "{{ lookup('dict', item.value).value }}"
REGISTRY: "{{ item.key }}"
no_log: "{{ tripleo_podman_hide_sensitive_logs | bool }}"
loop: "{{ query('dict', tripleo_container_registry_logins) }}"
register: registry_login_buildah

View File

@ -17,7 +17,6 @@
_tripleo_podman_packages: _tripleo_podman_packages:
- podman - podman
- buildah
_tripleo_podman_purge_packages: _tripleo_podman_purge_packages:
- docker - docker