From 345c839db64f6ee1566fda07b6a706ee8ff7f0d9 Mon Sep 17 00:00:00 2001 From: Paul Belanger Date: Mon, 16 Nov 2020 20:46:01 -0500 Subject: [PATCH] Use --password-stdin for upload-container-image This allows us to drop the no_log field, and expose more info to the user. Change-Id: Ib5de193ec285d2a9715d01ca3c7a39da741f03d3 Signed-off-by: Paul Belanger --- roles/upload-container-image/tasks/push.yaml | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/roles/upload-container-image/tasks/push.yaml b/roles/upload-container-image/tasks/push.yaml index fb3156ddc..f63eb069f 100644 --- a/roles/upload-container-image/tasks/push.yaml +++ b/roles/upload-container-image/tasks/push.yaml @@ -1,6 +1,22 @@ +- name: Create tempfile for password + tempfile: + state: file + register: _password_tmp + +- name: Populate tempfile + copy: + content: "{{ container_registry_credentials[zj_image.registry].password }}" + dest: "{{ _password_tmp.path }}" + mode: 0600 + - name: Log in to registry - command: "{{ container_command }} login -u {{ container_registry_credentials[zj_image.registry].username }} -p {{ container_registry_credentials[zj_image.registry].password }} {{ zj_image.registry }}" - no_log: true + block: + - name: Log in to registry + shell: "cat {{ _password_tmp.path }} | {{ container_command }} login -u {{ container_registry_credentials[zj_image.registry].username }} --password-stdin {{ zj_image.registry }}" + + always: + - name: Remove password from disk + command: "shred {{ _password_tmp.path }}" - name: Publish images block: