Browse Source

Merge "Add role to use buildset registry"

changes/22/634622/1
Zuul 5 months ago
parent
commit
a9ae9ffb0c
2 changed files with 69 additions and 0 deletions
  1. 30
    0
      roles/use-buildset-registry/README.rst
  2. 39
    0
      roles/use-buildset-registry/tasks/main.yaml

+ 30
- 0
roles/use-buildset-registry/README.rst View File

@@ -0,0 +1,30 @@
1
+Adds a buildset registry to the docker configuration.
2
+
3
+Use this role on any host which should use the buildset registry.
4
+
5
+**Role Variables**
6
+
7
+.. zuul:rolevar:: buildset_registry
8
+
9
+   Information about the registry, as returned by
10
+   :zuul:role:`run-buildset-registry`.
11
+
12
+   .. zuul:rolevar:: host
13
+
14
+      The host (IP address) of the registry.
15
+
16
+   .. zuul:rolevar:: port
17
+
18
+      The port on which the registry is listening.
19
+
20
+   .. zuul:rolevar:: username
21
+
22
+      The username used to access the registry via HTTP basic auth.
23
+
24
+   .. zuul:rolevar:: password
25
+
26
+      The password used to access the registry via HTTP basic auth.
27
+
28
+   .. zuul:rolevar:: cert
29
+
30
+      The (self-signed) certificate used by the registry.

+ 39
- 0
roles/use-buildset-registry/tasks/main.yaml View File

@@ -0,0 +1,39 @@
1
+- name: Ensure registry cert directory exists
2
+  become: true
3
+  file:
4
+    path: "/etc/docker/certs.d/{{ buildset_registry.host }}:{{ buildset_registry.port }}/"
5
+    state: directory
6
+- name: Write registry TLS certificate
7
+  become: true
8
+  copy:
9
+    content: "{{ buildset_registry.cert }}"
10
+    dest: "/etc/docker/certs.d/{{ buildset_registry.host }}:{{ buildset_registry.port }}/ca.crt"
11
+- name: Load docker daemon configuration
12
+  slurp:
13
+    path: /etc/docker/daemon.json
14
+  register: docker_config
15
+- name: Parse docker daemon configuration
16
+  set_fact:
17
+    docker_config: "{{ docker_config.content | b64decode | from_json }}"
18
+- name: Add registry to docker daemon configuration
19
+  vars:
20
+    new_config:
21
+      registry-mirrors: "['https://{{ buildset_registry.host }}:{{ buildset_registry.port}}/'] + {{ docker_config['registry-mirrors'] }}"
22
+  set_fact:
23
+    docker_config: "{{ docker_config | combine(new_config) }}"
24
+- name: Save docker daemon configuration
25
+  copy:
26
+    content: "{{ docker_config | to_nice_json }}"
27
+    dest: /etc/docker/daemon.json
28
+  become: true
29
+- name: Restart docker daemon
30
+  service:
31
+    name: docker
32
+    state: restarted
33
+  become: true
34
+- name: Log in to registry
35
+  command: "docker login -u {{ buildset_registry.username }} -p {{ buildset_registry.password }} https://{{ buildset_registry.host }}:{{ buildset_registry.port}}/"
36
+  register: result
37
+  until: result.rc ==0
38
+  delay: 1
39
+  retries: 120

Loading…
Cancel
Save