Make buildah login optional
Buildah login is not needed always, it's needed
when pushing to container registeries, so make it
optional by role var tripleo_podman_buildah_login set
to false by default.
Related-Bug: #1886555
Change-Id: Ibb91dfa9684b481dea34607fc47c0d531d56ee45
(cherry picked from commit 0d9effda37
)
This commit is contained in:
parent
ce2a0865b2
commit
c49c6ffbfc
|
@ -19,6 +19,7 @@
|
|||
tripleo_podman_hide_sensitive_logs: "{{ hide_sensitive_logs | default(true) }}"
|
||||
tripleo_podman_debug: "{{ ((ansible_verbosity | int) >= 2) | bool }}"
|
||||
|
||||
tripleo_podman_buildah_login: false
|
||||
tripleo_container_registry_insecure_registries: []
|
||||
tripleo_container_registry_login: false
|
||||
tripleo_container_registry_logins: {}
|
||||
|
|
|
@ -18,6 +18,7 @@
|
|||
- name: Converge
|
||||
hosts: all
|
||||
vars:
|
||||
tripleo_podman_buildah_login: true
|
||||
tripleo_podman_tls_verify: false
|
||||
tripleo_container_registry_logins:
|
||||
localhost:5000:
|
||||
|
@ -26,3 +27,6 @@
|
|||
- include_role:
|
||||
name: tripleo_podman
|
||||
tasks_from: tripleo_podman_login.yml
|
||||
- include_role:
|
||||
name: tripleo_podman
|
||||
tasks_from: tripleo_podman_buildah_login.yml
|
||||
|
|
|
@ -52,3 +52,10 @@
|
|||
when:
|
||||
- tripleo_container_registry_login | bool
|
||||
- tripleo_container_registry_logins
|
||||
|
||||
- name: Buildah setup
|
||||
import_tasks: tripleo_podman_buildah_login.yml
|
||||
when:
|
||||
- tripleo_podman_buildah_login | bool
|
||||
- tripleo_container_registry_login | bool
|
||||
- tripleo_container_registry_logins
|
||||
|
|
|
@ -0,0 +1,37 @@
|
|||
---
|
||||
# Copyright 2019 Red Hat, Inc.
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
|
||||
- name: ensure buildah is installed
|
||||
become: true
|
||||
package:
|
||||
name: "buildah"
|
||||
state: latest
|
||||
|
||||
- name: Perform container registry login(s) with buildah
|
||||
become: true
|
||||
shell: |-
|
||||
buildah login --username=$REGISTRY_USERNAME \
|
||||
--password=$REGISTRY_PASSWORD \
|
||||
--tls-verify={{ tripleo_podman_tls_verify }} \
|
||||
$REGISTRY
|
||||
environment:
|
||||
REGISTRY_USERNAME: "{{ lookup('dict', item.value).key }}"
|
||||
REGISTRY_PASSWORD: "{{ lookup('dict', item.value).value }}"
|
||||
REGISTRY: "{{ item.key }}"
|
||||
no_log: "{{ tripleo_podman_hide_sensitive_logs | bool }}"
|
||||
loop: "{{ query('dict', tripleo_container_registry_logins) }}"
|
||||
register: registry_login_buildah
|
|
@ -29,18 +29,3 @@
|
|||
no_log: "{{ tripleo_podman_hide_sensitive_logs | bool }}"
|
||||
loop: "{{ query('dict', tripleo_container_registry_logins) }}"
|
||||
register: registry_login_podman
|
||||
|
||||
- name: Perform container registry login(s) with buildah
|
||||
become: true
|
||||
shell: |-
|
||||
buildah login --username=$REGISTRY_USERNAME \
|
||||
--password=$REGISTRY_PASSWORD \
|
||||
--tls-verify={{ tripleo_podman_tls_verify }} \
|
||||
$REGISTRY
|
||||
environment:
|
||||
REGISTRY_USERNAME: "{{ lookup('dict', item.value).key }}"
|
||||
REGISTRY_PASSWORD: "{{ lookup('dict', item.value).value }}"
|
||||
REGISTRY: "{{ item.key }}"
|
||||
no_log: "{{ tripleo_podman_hide_sensitive_logs | bool }}"
|
||||
loop: "{{ query('dict', tripleo_container_registry_logins) }}"
|
||||
register: registry_login_buildah
|
||||
|
|
|
@ -17,7 +17,6 @@
|
|||
|
||||
_tripleo_podman_packages:
|
||||
- podman
|
||||
- buildah
|
||||
|
||||
_tripleo_podman_purge_packages:
|
||||
- docker
|
||||
|
|
Loading…
Reference in New Issue