Merge "Allow using registry authentication to pull ceph related containers"
This commit is contained in:
commit
472f415bb3
@ -213,6 +213,17 @@ parameters:
|
|||||||
deployment not to fail. Used to catch deployment errors early.
|
deployment not to fail. Used to catch deployment errors early.
|
||||||
Set this value to 0 to disable this check.
|
Set this value to 0 to disable this check.
|
||||||
type: number
|
type: number
|
||||||
|
ContainerImageRegistryCredentials:
|
||||||
|
type: json
|
||||||
|
hidden: true
|
||||||
|
default: {}
|
||||||
|
description: |
|
||||||
|
Mapping of image registry hosts to login credentials. Must be in the following example format
|
||||||
|
|
||||||
|
docker.io:
|
||||||
|
username: pa55word
|
||||||
|
'192.0.2.1:8787':
|
||||||
|
registry_username: password
|
||||||
|
|
||||||
parameter_groups:
|
parameter_groups:
|
||||||
- label: deprecated
|
- label: deprecated
|
||||||
@ -239,6 +250,26 @@ conditions:
|
|||||||
yaql:
|
yaql:
|
||||||
data: {get_param: CephConfigOverrides}
|
data: {get_param: CephConfigOverrides}
|
||||||
expression: $.data.keys().any(predicate => $ in ['global', 'mon', 'mgr', 'osd', 'mds', 'client'])
|
expression: $.data.keys().any(predicate => $ in ['global', 'mon', 'mgr', 'osd', 'mds', 'client'])
|
||||||
|
ceph_authenticated_registry:
|
||||||
|
and:
|
||||||
|
- not:
|
||||||
|
yaql:
|
||||||
|
data:
|
||||||
|
cred: {get_param: ContainerImageRegistryCredentials}
|
||||||
|
ns:
|
||||||
|
yaql:
|
||||||
|
expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*?)/(.*)').split($location)[1]
|
||||||
|
data: {get_param: ContainerCephDaemonImage}
|
||||||
|
expression: let(c => $.data.cred) -> $c.get($.data.ns, {}).keys().last(default => "").isEmpty()
|
||||||
|
- not:
|
||||||
|
yaql:
|
||||||
|
data:
|
||||||
|
cred: {get_param: ContainerImageRegistryCredentials}
|
||||||
|
ns:
|
||||||
|
yaql:
|
||||||
|
expression: let(location => $.data.rightSplit(':', 1)[0]) -> regex('(?:https?://)?(.*?)/(.*)').split($location)[1]
|
||||||
|
data: {get_param: ContainerCephDaemonImage}
|
||||||
|
expression: let(c => $.data.cred) -> $c.get($.data.ns, {}).values().last(default => "").isEmpty()
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
ContainerImageUrlParts:
|
ContainerImageUrlParts:
|
||||||
@ -310,6 +341,23 @@ resources:
|
|||||||
ceph_docker_registry: {get_attr: [ContainerImageUrlParts, value, host]}
|
ceph_docker_registry: {get_attr: [ContainerImageUrlParts, value, host]}
|
||||||
ceph_docker_image: {get_attr: [ContainerImageUrlParts, value, image]}
|
ceph_docker_image: {get_attr: [ContainerImageUrlParts, value, image]}
|
||||||
ceph_docker_image_tag: {get_attr: [ContainerImageUrlParts, value, image_tag]}
|
ceph_docker_image_tag: {get_attr: [ContainerImageUrlParts, value, image_tag]}
|
||||||
|
ceph_docker_registry_auth:
|
||||||
|
if:
|
||||||
|
- ceph_authenticated_registry
|
||||||
|
- true
|
||||||
|
- false
|
||||||
|
ceph_docker_registry_username:
|
||||||
|
yaql:
|
||||||
|
data:
|
||||||
|
cred: {get_param: ContainerImageRegistryCredentials}
|
||||||
|
ns: {get_attr: [ContainerImageUrlParts, value, host]}
|
||||||
|
expression: let(c => $.data.cred) -> $c.get($.data.ns, {}).keys().last(default => "")
|
||||||
|
ceph_docker_registry_password:
|
||||||
|
yaql:
|
||||||
|
data:
|
||||||
|
cred: {get_param: ContainerImageRegistryCredentials}
|
||||||
|
ns: {get_attr: [ContainerImageUrlParts, value, host]}
|
||||||
|
expression: let(c => $.data.cred) -> $c.get($.data.ns, {}).values().last(default => "")
|
||||||
public_network:
|
public_network:
|
||||||
list_join:
|
list_join:
|
||||||
- ','
|
- ','
|
||||||
|
Loading…
Reference in New Issue
Block a user