From 2d2390cb72380a25b00a928ce9ea5ffb27107081 Mon Sep 17 00:00:00 2001
From: Tetiana Lashchova <tlashchova@mirantis.com>
Date: Thu, 12 Nov 2015 13:05:05 +0200
Subject: [PATCH] Add Google Container Registry to DockerStandaloneHost

Allow access to Google Container Registry using json key as
a password for docker login. The key is scoped to a specific
Google Cloud Platform Console project and its resources.
Add new field for key.

Partially implements: blueprint k8s-google-registry-support

Change-Id: I904110522b482cce56a2fc14ae77eb50064b723f
---
 .../package/Classes/DockerStandaloneHost.yaml | 10 +++++++
 .../Resources/LoginToGoogleRegistry.template  | 30 +++++++++++++++++++
 .../scripts/loginToGoogleRegistry.sh          | 14 +++++++++
 DockerStandaloneHost/package/UI/ui.yaml       | 10 +++++++
 4 files changed, 64 insertions(+)
 create mode 100644 DockerStandaloneHost/package/Resources/LoginToGoogleRegistry.template
 create mode 100644 DockerStandaloneHost/package/Resources/scripts/loginToGoogleRegistry.sh

diff --git a/DockerStandaloneHost/package/Classes/DockerStandaloneHost.yaml b/DockerStandaloneHost/package/Classes/DockerStandaloneHost.yaml
index 2919642..2f65a70 100644
--- a/DockerStandaloneHost/package/Classes/DockerStandaloneHost.yaml
+++ b/DockerStandaloneHost/package/Classes/DockerStandaloneHost.yaml
@@ -34,6 +34,9 @@ Properties:
   dockerMirror:
     Contract: $.string()
 
+  gcloudKey:
+    Contract: $.string()
+
   applicationEndpoints:
     Contract:
       - port: $.int().notNull().check($ > 0)
@@ -77,6 +80,13 @@ Methods:
                     dockerMirror => $.dockerMirror
                   ))
               - $.instance.agent.call($template, $resources)
+          - If: $.gcloudKey != null and $.gcloudKey != ''
+            Then:
+              - $._environment.reporter.report($this, 'Authenticating to Google Container Registry')
+              - $template: $resources.yaml('LoginToGoogleRegistry.template').bind(dict(
+                    gcloudKey => $.gcloudKey
+                  ))
+              - $.instance.agent.call($template, $resources)
           - $._environment.reporter.report($this, 'Docker Server is up and running')
           - $.setAttr(deployed, true)
 
diff --git a/DockerStandaloneHost/package/Resources/LoginToGoogleRegistry.template b/DockerStandaloneHost/package/Resources/LoginToGoogleRegistry.template
new file mode 100644
index 0000000..8ae7859
--- /dev/null
+++ b/DockerStandaloneHost/package/Resources/LoginToGoogleRegistry.template
@@ -0,0 +1,30 @@
+#  Licensed under the Apache License, Version 2.0 (the "License"); you may
+#  not use this file except in compliance with the License. You may obtain
+#  a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#  License for the specific language governing permissions and limitations
+#  under the License.
+
+FormatVersion: 2.0.0
+Version: 1.0.0
+Name: Login to google registry
+
+Parameters:
+  gcloudKey: $gcloudKey
+
+Body: |
+  loginToGoogleRegistry("'{0}'".format(args.gcloudKey))
+
+Scripts:
+  loginToGoogleRegistry:
+    Type: Application
+    Version: 1.0.0
+    EntryPoint: loginToGoogleRegistry.sh
+    Options:
+      captureStdout: true
+      captureStderr: true
diff --git a/DockerStandaloneHost/package/Resources/scripts/loginToGoogleRegistry.sh b/DockerStandaloneHost/package/Resources/scripts/loginToGoogleRegistry.sh
new file mode 100644
index 0000000..1258056
--- /dev/null
+++ b/DockerStandaloneHost/package/Resources/scripts/loginToGoogleRegistry.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+#  Licensed under the Apache License, Version 2.0 (the "License"); you may
+#  not use this file except in compliance with the License. You may obtain
+#  a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#  License for the specific language governing permissions and limitations
+#  under the License.
+
+docker login -e unused@arg.com -u _json_key -p "$1" https://gcr.io
diff --git a/DockerStandaloneHost/package/UI/ui.yaml b/DockerStandaloneHost/package/UI/ui.yaml
index e3d1d84..1bfa92d 100644
--- a/DockerStandaloneHost/package/UI/ui.yaml
+++ b/DockerStandaloneHost/package/UI/ui.yaml
@@ -18,6 +18,7 @@ Application:
   name: $.appConfiguration.name
   dockerRegistry: $.appConfiguration.dockerRegistry
   dockerMirror: $.appConfiguration.dockerMirror
+  gcloudKey: $.appConfiguration.gcloudKey
   instance:
     ?:
       type: io.murano.resources.LinuxMuranoInstance
@@ -62,6 +63,15 @@ Forms:
           description: >-
             URL of Docker registry mirror to use. Leave empty to not use one
           required: false
+        - name: gcloudKey
+          type: string
+          label: Google registry key
+          regexpValidator: '^{(\s*"(\\(["\\\/bfnrt]|u[a-fA-F0-9]{4})|[^"\\\0-\x1F\x7F]+)*"\s*:\s*"(\\(["\\\/bfnrt]|u[a-fA-F0-9]{4})|[^"\\\0-\x1F\x7F]+)*"\s*(,|\s*}$))*$'
+          errorMessages:
+            invalid: Text should be a valid JSON.
+          description: >-
+            Contents of JSON key file. Used to authenticate to the Google Container Registry
+          required: false
 
   - instanceConfiguration:
       fields: