Create upload-container-image role
This new role will be used to replace our upload-docker-image role in the future. Change-Id: I0e2b0cca6575255520aa6d4d48a12128ab5f46cc Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This commit is contained in:
parent
e53edc292b
commit
777230be59
@ -14,6 +14,7 @@ Container Roles
|
||||
.. zuul:autorole:: pull-from-intermediate-registry
|
||||
.. zuul:autorole:: push-to-intermediate-registry
|
||||
.. zuul:autorole:: run-buildset-registry
|
||||
.. zuul:autorole:: upload-container-image
|
||||
.. zuul:autorole:: upload-docker-image
|
||||
.. zuul:autorole:: use-buildset-registry
|
||||
.. zuul:autorole:: use-docker-mirror
|
||||
|
@ -30,6 +30,8 @@
|
||||
containerfile: "{{ zj_image.container_filename|default(container_filename)|default('') }}"
|
||||
|
||||
- name: Build a container image
|
||||
vars:
|
||||
tag_prefix: "{{ ('change_' + zuul.change) if (zuul.change is defined) else zuul.pipeline }}_"
|
||||
command: >-
|
||||
{{ container_command }} build {{ zj_image.path | default('.') }} {% if containerfile %}-f {{ containerfile }}{% endif %}
|
||||
{% if zj_image.target | default(false) -%}
|
||||
@ -42,8 +44,8 @@
|
||||
--build-arg "ZUUL_SIBLINGS={{ zj_image.siblings | join(' ') }}"
|
||||
{% endif -%}
|
||||
{% for tag in zj_image.tags | default(['latest']) -%}
|
||||
--tag {{ zj_image.repository }}:change_{{ zuul.change }}_{{ tag }}
|
||||
--tag {{ zj_image.repository }}:{{ tag }}
|
||||
--tag {{ zj_image.repository }}:{{ tag_prefix }}{{ tag }}
|
||||
--tag {{ zj_image.repository }}:{{ tag }}
|
||||
{% endfor -%}
|
||||
args:
|
||||
chdir: "{{ zuul_work_dir }}/{{ zj_image.context }}"
|
||||
|
13
roles/upload-container-image/README.rst
Normal file
13
roles/upload-container-image/README.rst
Normal file
@ -0,0 +1,13 @@
|
||||
Upload one or more container images.
|
||||
|
||||
.. include:: ../../roles/build-container-image/common.rst
|
||||
|
||||
.. zuul:rolevar:: upload_container_image_promote
|
||||
:type: bool
|
||||
:default: true
|
||||
|
||||
If ``true`` (the default), then this role will upload the image(s)
|
||||
to the container registry with special tags designed for use by the
|
||||
promote-container-image role. Set to ``false`` to use
|
||||
this role to directly upload images with the final tag (e.g., as
|
||||
part of an un-gated release job).
|
2
roles/upload-container-image/defaults/main.yaml
Normal file
2
roles/upload-container-image/defaults/main.yaml
Normal file
@ -0,0 +1,2 @@
|
||||
zuul_work_dir: "{{ zuul.project.src_dir }}"
|
||||
upload_container_image_promote: true
|
15
roles/upload-container-image/tasks/main.yaml
Normal file
15
roles/upload-container-image/tasks/main.yaml
Normal file
@ -0,0 +1,15 @@
|
||||
- name: Verify repository names
|
||||
when: |
|
||||
container_registry_credentials is defined
|
||||
and zj_image.registry not in container_registry_credentials
|
||||
loop: "{{ container_images }}"
|
||||
loop_control:
|
||||
loop_var: zj_image
|
||||
fail:
|
||||
msg: "{{ zj_image.registry }} credentials not found"
|
||||
|
||||
- name: Upload image to container registry
|
||||
loop: "{{ container_images }}"
|
||||
loop_control:
|
||||
loop_var: zj_image
|
||||
include_tasks: push.yaml
|
21
roles/upload-container-image/tasks/push.yaml
Normal file
21
roles/upload-container-image/tasks/push.yaml
Normal file
@ -0,0 +1,21 @@
|
||||
- name: Log in to registry
|
||||
command: "{{ container_command }} login -u {{ container_registry_credentials[zj_image.registry].username }} -p {{ container_registry_credentials[zj_image.registry].password }} {{ zj_image.registry }}"
|
||||
no_log: true
|
||||
|
||||
- name: Publish images
|
||||
block:
|
||||
- name: Upload tag to registry
|
||||
vars:
|
||||
promote_tag_prefix: "{{ ('change_' + zuul.change) if (zuul.change is defined) else zuul.pipeline }}_"
|
||||
command: "{{ container_command }} push {{ zj_image.repository }}:{{ upload_container_image_promote | ternary(promote_tag_prefix, '') }}{{ zj_image_tag }}"
|
||||
loop: "{{ zj_image.tags | default(['latest']) }}"
|
||||
loop_control:
|
||||
loop_var: zj_image_tag
|
||||
register: result
|
||||
until: result.rc == 0
|
||||
retries: 3
|
||||
delay: 30
|
||||
|
||||
always:
|
||||
- name: Log out of registry
|
||||
command: "{{ container_command }} logout {{ zj_image.registry }}"
|
@ -8,6 +8,34 @@
|
||||
username: zuul
|
||||
password: testpassword
|
||||
repository: testrepo
|
||||
container_registry_credentials:
|
||||
127.0.0.1:5200:
|
||||
username: zuul
|
||||
password: testpassword
|
||||
repository: testrepo
|
||||
|
||||
- name: Install container system
|
||||
include_role:
|
||||
name: "ensure-{{ container_command }}"
|
||||
|
||||
- name: Enable insecure registries
|
||||
block:
|
||||
- name: Create podman configration directory
|
||||
become: true
|
||||
file:
|
||||
state: directory
|
||||
path: /etc/containers
|
||||
mode: 0755
|
||||
|
||||
- name: Setup insecure registries
|
||||
become: true
|
||||
copy:
|
||||
dest: /etc/containers/registries.conf
|
||||
content: |
|
||||
[registries.insecure]
|
||||
registries = ['127.0.0.1:5200']
|
||||
mode: 0644
|
||||
when: container_command == 'podman'
|
||||
|
||||
- name: Set up a publication registry to stand in for Docker Hub
|
||||
import_tasks: ../../util-tasks/run-docker-registry.yaml
|
||||
|
@ -1,5 +1,6 @@
|
||||
- hosts: all
|
||||
vars:
|
||||
upload_container_image_promote: false
|
||||
upload_docker_image_promote: false
|
||||
_arch_docker_images:
|
||||
- context: test-playbooks/container/docker
|
||||
@ -12,7 +13,12 @@
|
||||
repository: "testrepo"
|
||||
# This is what the Zuul repo uses to tag its releases:
|
||||
tags: "{{ zuul.tag is defined | ternary([zuul.get('tag', '').split('.')[0], '.'.join(zuul.get('tag', '').split('.')[:2]), zuul.get('tag', '')], ['latest']) }}"
|
||||
container_images: "{{ docker_images }}"
|
||||
container_images:
|
||||
- context: test-playbooks/container/docker
|
||||
registry: 127.0.0.1:5200
|
||||
repository: 127.0.0.1:5200/testrepo
|
||||
# This is what the Zuul repo uses to tag its releases:
|
||||
tags: "{{ zuul.tag is defined | ternary([zuul.get('tag', '').split('.')[0], '.'.join(zuul.get('tag', '').split('.')[:2]), zuul.get('tag', '')], ['latest']) }}"
|
||||
tasks:
|
||||
- name: Save zuul variables
|
||||
set_fact:
|
||||
@ -40,3 +46,6 @@
|
||||
vars:
|
||||
zuul: "{{ new_zuul }}"
|
||||
docker_images: "{{ multiarch | ternary(_arch_docker_images, _normal_docker_images) }}"
|
||||
|
||||
- name: "Show local container images for debugging"
|
||||
command: "{{ container_command }} image ls"
|
||||
|
@ -71,6 +71,31 @@
|
||||
- name: ubuntu-focal-arm64
|
||||
label: ubuntu-focal-arm64
|
||||
|
||||
- job:
|
||||
name: zuul-jobs-test-build-container-image-release
|
||||
description: |
|
||||
Test building a container image in a release pipeline.
|
||||
|
||||
This job tests changes to the build-container-image role,
|
||||
simulating its use within a tag-based release pipeline. It is
|
||||
not meant to be used directly but rather run on changes to roles
|
||||
in the zuul-jobs repo.
|
||||
files:
|
||||
- roles/ensure-podman/.*
|
||||
- roles/ensure-package-repositories/.*
|
||||
- roles/build-container-image/.*
|
||||
- roles/upload-container-image/.*
|
||||
- test-playbooks/container/.*
|
||||
pre-run: test-playbooks/container/test-build-container-image-release-pre.yaml
|
||||
run: test-playbooks/container/test-build-container-image-release.yaml
|
||||
vars:
|
||||
container_command: podman
|
||||
multiarch: false
|
||||
nodeset:
|
||||
nodes:
|
||||
- name: builder
|
||||
label: ubuntu-bionic
|
||||
|
||||
- job:
|
||||
name: zuul-jobs-test-build-docker-image-release
|
||||
description: |
|
||||
@ -84,6 +109,7 @@
|
||||
- roles/ensure-docker/.*
|
||||
- roles/ensure-package-repositories/.*
|
||||
- roles/build-docker-image/.*
|
||||
- roles/upload-docker-image/.*
|
||||
- test-playbooks/container/.*
|
||||
pre-run: test-playbooks/container/test-build-container-image-release-pre.yaml
|
||||
run: test-playbooks/container/test-build-container-image-release.yaml
|
||||
@ -400,6 +426,7 @@
|
||||
- zuul-jobs-test-ensure-docker-ubuntu-xenial
|
||||
- zuul-jobs-test-ensure-docker-ubuntu-bionic-arm64
|
||||
- zuul-jobs-test-ensure-docker-ubuntu-focal-arm64
|
||||
- zuul-jobs-test-build-container-image-release
|
||||
- zuul-jobs-test-build-docker-image-release
|
||||
- zuul-jobs-test-build-docker-image-release-multiarch
|
||||
- zuul-jobs-test-registry-docker
|
||||
|
Loading…
Reference in New Issue
Block a user