a358f21736
When copying images from the intermediate registry to the buildset registry, use the new push endpoint of the dual-registry system. Also, use the push endpoint after a docker build to push the new image to the buildset registry. Change-Id: I3a11036bb9fb7cb3457a3d744fa83647c1b1b085
24 lines
1.2 KiB
YAML
24 lines
1.2 KiB
YAML
# This can be removed if we add this functionality to Zuul directly
|
|
- name: Load information from zuul_return
|
|
when: buildset_registry is not defined
|
|
set_fact:
|
|
buildset_registry: "{{ (lookup('file', zuul.executor.work_root + '/results.json') | from_json)['buildset_registry'] }}"
|
|
- name: Ensure registry cert directory exists
|
|
file:
|
|
path: "/etc/docker/certs.d/{{ buildset_registry.push_host }}:{{ buildset_registry.push_port }}/"
|
|
state: directory
|
|
- name: Write registry TLS certificate
|
|
copy:
|
|
content: "{{ buildset_registry.cert }}"
|
|
dest: "/etc/docker/certs.d/{{ buildset_registry.push_host }}:{{ buildset_registry.push_port }}/ca.crt"
|
|
- name: Pull artifact from intermediate registry
|
|
command: >-
|
|
skopeo --insecure-policy copy
|
|
--src-creds={{ intermediate_registry.username }}:{{ intermediate_registry.password }}
|
|
--dest-creds={{ buildset_registry.username }}:{{ buildset_registry.password }}
|
|
{{ item.url }}
|
|
docker://{{ buildset_registry.push_host }}:{{ buildset_registry.push_port }}/{{ item.metadata.repository }}:{{ item.metadata.tag }}
|
|
when: "item.metadata.type | default('') == 'container_image'"
|
|
loop: "{{ zuul.artifacts | default([]) }}"
|
|
# no_log: true TODO(corvus): replace
|