Rocky: enable container auth support
Squash of adding container enginene support and the subsequent fix 1) Add container engine authentication support See I98a527f363056767fea45ab4828ae61c01de20ca. This is only the docker support as podman was added in Stein 2) Convert the heat json format to a py dict This change converts a heat json format option to a py dict within a jinja expresion. Closes-Bug: #1835657 Related-Bug: #1833584 Change-Id: I4b44214cd7007dc31ad5f4e0a0d7a3a531a9f20e Signed-off-by: Kevin Carter <kecarter@redhat.com> (cherry picked from commit6e07f2a767
) (cherry picked from commitd6bd20d5b4
)
This commit is contained in:
parent
6311584c5a
commit
59e4b8140a
|
@ -74,6 +74,23 @@ parameters:
|
|||
description: Flag to disable docker reconfiguration during stack update.
|
||||
tags:
|
||||
- role_specific
|
||||
ContainerImageRegistryLogin:
|
||||
type: boolean
|
||||
default: false
|
||||
description: Flag to enable container registry login actions during the deployment.
|
||||
Setting this to true will cause login calls to be performed during the
|
||||
deployment.
|
||||
ContainerImageRegistryCredentials:
|
||||
type: json
|
||||
hidden: true
|
||||
default: {}
|
||||
description: |
|
||||
Mapping of image registry hosts to login credentials. Must be in the following example format
|
||||
|
||||
docker.io:
|
||||
username: pa55word
|
||||
'192.0.2.1:8787':
|
||||
registry_username: password
|
||||
|
||||
resources:
|
||||
# Merging role-specific parameters (RoleParameters) with the default parameters.
|
||||
|
@ -122,9 +139,23 @@ outputs:
|
|||
container_registry_mirror: {get_param: DockerRegistryMirror}
|
||||
container_registry_network_options: {get_param: DockerNetworkOptions}
|
||||
container_registry_skip_reconfiguration: {get_attr: [RoleParametersValue, value, DockerSkipUpdateReconfiguration]}
|
||||
container_registry_login: {get_param: ContainerImageRegistryLogin}
|
||||
# default that is overwritten by the heat -> dict conversion
|
||||
container_registry_logins: {}
|
||||
container_registry_logins_json: {get_param: ContainerImageRegistryCredentials}
|
||||
- name: Convert logins json to dict
|
||||
set_fact:
|
||||
container_registry_logins: "{{ container_registry_logins_json | from_json }}"
|
||||
when:
|
||||
- container_registry_login | bool
|
||||
- (container_registry_logins_json | length) > 0
|
||||
- include_role:
|
||||
name: container-registry
|
||||
tasks_from: docker
|
||||
- include_role:
|
||||
name: container-registry
|
||||
tasks_from: docker-login
|
||||
when: container_registry_login|bool
|
||||
service_config_settings:
|
||||
neutron_l3:
|
||||
docker_additional_sockets: {get_param: DockerAdditionalSockets}
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
`ContainerImageRegistryLogin` has been added to indicate if login calls
|
||||
should be issued by the container engine on deployment. The default is
|
||||
set to `false`.
|
||||
- |
|
||||
Values specified in `ContainerImageRegistryCredentials` will now be used to
|
||||
issue a login call when deploying the container engine on the hosts if
|
||||
`ContainerImageRegistryLogin` is set to `true`
|
Loading…
Reference in New Issue