zuul/zuul-jobs
Code Issues Proposed changes
62fd612dc5
zuul-jobs/test-playbooks/container/test-build-container-image-release.yaml
Albin Vass 0f55195335 Add tests for upload-docker-image 
This also adds support for using a self hosted registry
with the docker roles.

Change-Id: I43caf46cfcc5d335ce14d72ad2abbef732b24645
2020-06-22 06:55:11 -07:00

101 lines
3.3 KiB
YAML
Raw Blame History

- hosts: all
vars:
docker_registry: localhost:5000
upload_docker_image_promote: false
docker_credentials:
username: zuul
password: testpassword
repository: testrepo
docker_images:
- context: test-playbooks/container/docker
repository: "testrepo"
# This is what the Zuul repo uses to tag its releases:
tags: "{{ zuul.tag is defined | ternary([zuul.get('tag', '').split('.')[0], '.'.join(zuul.get('tag', '').split('.')[:2]), zuul.get('tag', '')], ['latest']) }}"
container_images: "{{ docker_images }}"
pre_tasks:
- name: Save zuul variables
set_fact:
old_zuul: "{{ zuul }}"
- name: Set simulated zuul variables
set_fact:
new_zuul:
change_url: "{{ old_zuul.change_url }}"
executor: "{{ old_zuul.executor }}"
newrev: c12f3fe1defe8b61d59061363c9c04fb520dae18
project: "{{ old_zuul.project }}"
ref: refs/tags/3.19.0
tag: 3.19.0
- name: "Build a container image"
include_role:
name: "build-{{ (container_command == 'docker') | ternary('docker', 'container') }}-image"
vars:
zuul: "{{ new_zuul }}"
- name: Create temporary registry working directory
tempfile:
state: directory
register: registry_tempdir
- name: Create auth directory
file:
path: "{{ registry_tempdir.path }}/auth"
state: directory
- name: Install passlib for htpasswd
become: true
package:
name:
- python3-passlib
- python3-bcrypt
state: present
- name: Write htpasswd file
htpasswd:
create: true
crypt_scheme: bcrypt
path: "{{ registry_tempdir.path }}/auth/htpasswd"
name: "{{ docker_credentials.username }}"
password: "{{ docker_credentials.password }}"
- name: Create certs directory
file:
state: directory
path: "{{ registry_tempdir.path }}/certs"
- name: Create self signed certificates
command: >
openssl req
-newkey rsa:4096 -nodes -sha256 -keyout certs/localhost.key
-x509 -days 365 -out certs/localhost.crt
-subj '/CN=localhost'
args:
chdir: "{{ registry_tempdir.path }}"
- name: Create docker certs dir
file:
state: directory
path: /etc/docker/certs.d/localhost:5000/
become: true
- name: Configure docker to trust certificate
copy:
src: "{{ registry_tempdir.path }}/certs/localhost.crt"
dest: /etc/docker/certs.d/localhost:5000/ca.crt
remote_src: true
become: true
- name: Start registry with basic auth
command: >-
{{ container_command }} run -d \
-p 5000:5000 \
-v {{ registry_tempdir.path }}/auth:/auth \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
-v {{ registry_tempdir.path }}/certs:/certs \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/localhost.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/localhost.key \
registry:2
args:
chdir: "{{ registry_tempdir.path }}"
- include_role:
name: "upload-{{ (container_command == 'docker') | ternary('docker', 'container') }}-image"
vars:
zuul: "{{ new_zuul }}"
View Git Blame Copy Permalink