d0e2016592
This adds a custom ansible-lint rule at .rules/ZuulJobsNamespaceLoopVar.py that enforces the loop var policy described at: https://zuul-ci.org/docs/zuul-jobs/policy.html#ansible-loops-in-roles It also updates existing roles to follow the policy. Change-Id: I92b2ff56a1c2702542fc07b316f1809087a4c92f
33 lines
961 B
YAML
33 lines
961 B
YAML
- name: Verify repository names
|
|
when: |
|
|
docker_credentials.repository is defined
|
|
and not zj_image.repository | regex_search(docker_credentials.repository)
|
|
loop: "{{ docker_images }}"
|
|
loop_control:
|
|
loop_var: zj_image
|
|
fail:
|
|
msg: "{{ zj_image.repository }} not permitted by {{ docker_credentials.repository }}"
|
|
# This is used by the delete tasks
|
|
- name: Get dockerhub JWT token
|
|
no_log: true
|
|
uri:
|
|
url: "https://hub.docker.com/v2/users/login/"
|
|
body_format: json
|
|
body:
|
|
username: "{{ docker_credentials.username }}"
|
|
password: "{{ docker_credentials.password }}"
|
|
register: jwt_token
|
|
delay: 5
|
|
retries: 3
|
|
until: jwt_token and jwt_token.status==200
|
|
- name: Promote image
|
|
loop: "{{ docker_images }}"
|
|
loop_control:
|
|
loop_var: zj_image
|
|
include_tasks: promote-retag.yaml
|
|
- name: Delete obsolete tags
|
|
loop: "{{ docker_images }}"
|
|
loop_control:
|
|
loop_var: zj_image
|
|
include_tasks: promote-cleanup.yaml
|