blob: 416a0303c451b0926fc83d4f5f23a55d86a89780 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
---
- name: Setup OpenSSL
include_role:
name: setup_openssl
- name: Register registry cleanup
command: 'true'
# this must be registered before setup_docker is included
# otherwise setup_docker's own cleanup handler will run before registry cleanup, which will cause registry cleanup to fail
notify: Remove test registry
- name: Setup Docker
include_role:
name: setup_docker
- name: Create random name prefix and test registry name
set_fact:
name_prefix: "{{ 'ansible-test-%0x' % ((2**32) | random) }}"
registry_name: "{{ 'ansible-test-registry-%0x' % ((2**32) | random) }}"
nginx_name: "{{ 'ansible-test-registry-frontend-%0x' % ((2**32) | random) }}"
- name: Create image and container list
set_fact:
inames: []
cnames:
- "{{ registry_name }}"
- "{{ nginx_name }}"
vnames:
- "{{ nginx_name }}"
- debug:
msg: "Using name prefix {{ name_prefix }} and test registry name {{ registry_name }}"
- block:
- name: Start test registry
docker_container:
name: "{{ registry_name }}"
image: registry:2.6.1
ports: 5000
register: registry_container
- name: Get registry URL
set_fact:
registry_address: "localhost:{{ registry_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}"
- name: Start nginx frontend for registry
docker_volume:
name: "{{ nginx_name }}"
state: present
- name: Create container for nginx frontend for registry
docker_container:
state: stopped
name: "{{ nginx_name }}"
image: nginx:alpine
ports: 5000
links:
- "{{ registry_name }}:real-registry"
volumes:
- "{{ nginx_name }}:/etc/nginx/"
register: nginx_container
- name: Copy static files into volume
command: docker cp {{ role_path }}/files/{{ item }} {{ nginx_name }}:/etc/nginx/{{ item }}
loop:
- "nginx.conf"
- "nginx.htpasswd"
- name: Create private key for frontend certificate
openssl_privatekey:
path: "{{ output_dir }}/cert.key"
type: ECC
curve: secp256r1
- name: Create CSR for frontend certificate
openssl_csr:
path: "{{ output_dir }}/cert.csr"
privatekey_path: "{{ output_dir }}/cert.key"
subject_alt_name:
- "DNS:test-registry.ansible.com"
- name: Create frontend certificate
openssl_certificate:
path: "{{ output_dir }}/cert.pem"
csr_path: "{{ output_dir }}/cert.csr"
privatekey_path: "{{ output_dir }}/cert.key"
provider: selfsigned
- name: Copy dynamic files into volume
command: docker cp {{ output_dir }}/{{ item }} {{ nginx_name }}:/etc/nginx/{{ item }}
loop:
- "cert.pem"
- "cert.key"
- name: Start nginx frontend for registry
docker_container:
name: "{{ nginx_name }}"
state: started
register: nginx_container
- debug: var=nginx_container.container.NetworkSettings
- name: Wait for registry frontend
uri:
url: "https://{{ nginx_container.container.NetworkSettings.IPAddress }}:5000/v2/"
url_username: testuser
url_password: hunter2
validate_certs: no
register: result
until: result is success
retries: 5
delay: 1
- name: Get registry URL
set_fact:
registry_frontend_address: "localhost:{{ nginx_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}"
- debug: msg="Registry available under {{ registry_address }}, NGINX frontend available under {{ registry_frontend_address }}"
when: docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')
- fail: msg="Too old docker / docker-py version to run docker_image tests!"
when: not(docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')) and (ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6)
|