Browse Source

Login with buildah too to allow registry access with buildah

buildah login and podman login with root do not share same
authfile, buildah uses /run/containers/0/auth.json while
podman uses /run/user/0/containers/auth.json resulted from
$XDG_RUNTIME_DIR.

To ensure both podman and buildah can access the configured
registry, run login command with both.

It's mainly needed as container images are being pushed
with tripleoclient using sudo buildah push and buildah creds
are not setup.

Related-Bug: #1886555
Change-Id: I3d38d406e9f63008f7060f31cc9ff378e97120bb
(cherry picked from commit 067a315df9)
changes/69/739869/3
yatinkarel 1 month ago
parent
commit
d0fbe8b844
2 changed files with 17 additions and 1 deletions
  1. +16
    -1
      tripleo_ansible/roles/tripleo-podman/tasks/tripleo_podman_login.yml
  2. +1
    -0
      tripleo_ansible/roles/tripleo-podman/vars/redhat.yml

+ 16
- 1
tripleo_ansible/roles/tripleo-podman/tasks/tripleo_podman_login.yml View File

@@ -15,7 +15,7 @@
# under the License.


- name: Perform container registry login(s)
- name: Perform container registry login(s) with podman
become: true
shell: |-
podman login --username=$REGISTRY_USERNAME \
@@ -29,3 +29,18 @@
no_log: "{{ not tripleo_podman_debug|bool }}"
loop: "{{ query('dict', tripleo_container_registry_logins) }}"
register: registry_login_podman

- name: Perform container registry login(s) with buildah
become: true
shell: |-
buildah login --username=$REGISTRY_USERNAME \
--password=$REGISTRY_PASSWORD \
--tls-verify={{ tripleo_podman_tls_verify }} \
$REGISTRY
environment:
REGISTRY_USERNAME: "{{ lookup('dict', item.value).key }}"
REGISTRY_PASSWORD: "{{ lookup('dict', item.value).value }}"
REGISTRY: "{{ item.key }}"
no_log: "{{ not tripleo_podman_debug|bool }}"
loop: "{{ query('dict', tripleo_container_registry_logins) }}"
register: registry_login_buildah

+ 1
- 0
tripleo_ansible/roles/tripleo-podman/vars/redhat.yml View File

@@ -17,6 +17,7 @@

_tripleo_podman_packages:
- podman
- buildah

_tripleo_podman_purge_packages:
- docker


Loading…
Cancel
Save