Update run-buildset-registry for readability
This adds new lines between tasks, to make it a little easier to read. Change-Id: I78ac55027fec58eabd95f097ff9946fa6b2cff9d Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This commit is contained in:
parent
5f0e6d12fb
commit
9b7c1d0f73
|
@ -6,6 +6,7 @@
|
||||||
- socat
|
- socat
|
||||||
state: present
|
state: present
|
||||||
when: ansible_python_version is version('3', '<')
|
when: ansible_python_version is version('3', '<')
|
||||||
|
|
||||||
- name: Install packages
|
- name: Install packages
|
||||||
become: yes
|
become: yes
|
||||||
package:
|
package:
|
||||||
|
@ -14,6 +15,7 @@
|
||||||
- socat
|
- socat
|
||||||
state: present
|
state: present
|
||||||
when: ansible_python_version is version('3', '>=')
|
when: ansible_python_version is version('3', '>=')
|
||||||
|
|
||||||
- name: Ensure registry volume directories exists
|
- name: Ensure registry volume directories exists
|
||||||
file:
|
file:
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -24,24 +26,30 @@
|
||||||
- conf
|
- conf
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: zj_dir
|
loop_var: zj_dir
|
||||||
|
|
||||||
- name: Generate registry secrets
|
- name: Generate registry secrets
|
||||||
set_fact:
|
set_fact:
|
||||||
registry_password: "{{ lookup('password', '/dev/null') }}"
|
registry_password: "{{ lookup('password', '/dev/null') }}"
|
||||||
registry_secret: "{{ lookup('password', '/dev/null') }}"
|
registry_secret: "{{ lookup('password', '/dev/null') }}"
|
||||||
|
|
||||||
- name: Write registry config
|
- name: Write registry config
|
||||||
template:
|
template:
|
||||||
src: registry.yaml.j2
|
src: registry.yaml.j2
|
||||||
dest: "{{ buildset_registry_root }}/conf/registry.yaml"
|
dest: "{{ buildset_registry_root }}/conf/registry.yaml"
|
||||||
mode: 0600
|
mode: 0600
|
||||||
|
|
||||||
- name: Generate a TLS key for the registry
|
- name: Generate a TLS key for the registry
|
||||||
command: "openssl req -x509 -newkey rsa:2048 -keyout {{ buildset_registry_root }}/tls/cert.key -out {{ buildset_registry_root }}/tls/cert.pem -days 365 -nodes -subj '/C=US/ST=California/L=Oakland/O=Company Name/OU=Org/CN={{ ansible_host }}' -addext 'subjectAltName = DNS:zuul-jobs.buildset-registry,DNS:{{ ansible_host }},IP:{{ ansible_host }},IP:127.0.0.1'"
|
command: "openssl req -x509 -newkey rsa:2048 -keyout {{ buildset_registry_root }}/tls/cert.key -out {{ buildset_registry_root }}/tls/cert.pem -days 365 -nodes -subj '/C=US/ST=California/L=Oakland/O=Company Name/OU=Org/CN={{ ansible_host }}' -addext 'subjectAltName = DNS:zuul-jobs.buildset-registry,DNS:{{ ansible_host }},IP:{{ ansible_host }},IP:127.0.0.1'"
|
||||||
|
|
||||||
- name: Read TLS certificate
|
- name: Read TLS certificate
|
||||||
slurp:
|
slurp:
|
||||||
src: "{{ buildset_registry_root }}/tls/cert.pem"
|
src: "{{ buildset_registry_root }}/tls/cert.pem"
|
||||||
register: certificate
|
register: certificate
|
||||||
|
|
||||||
- name: Decode TLS certificate
|
- name: Decode TLS certificate
|
||||||
set_fact:
|
set_fact:
|
||||||
certificate: "{{ certificate.content | b64decode }}"
|
certificate: "{{ certificate.content | b64decode }}"
|
||||||
|
|
||||||
- name: Start the buildset registry
|
- name: Start the buildset registry
|
||||||
command: >-
|
command: >-
|
||||||
{{ container_command }} run -d
|
{{ container_command }} run -d
|
||||||
|
@ -66,6 +74,7 @@
|
||||||
username: zuul
|
username: zuul
|
||||||
password: "{{ registry_password }}"
|
password: "{{ registry_password }}"
|
||||||
cert: "{{ certificate }}"
|
cert: "{{ certificate }}"
|
||||||
|
|
||||||
- name: Return registry information to Zuul
|
- name: Return registry information to Zuul
|
||||||
zuul_return:
|
zuul_return:
|
||||||
data:
|
data:
|
||||||
|
|
Loading…
Reference in New Issue