zuul-jobs/roles/use-buildset-registry/README.rst
Jan Gutter 83bfd5b917
Update ensure-kubernetes with podman support
* This adds some extra options to the ensure-kubernetes role:
  * podman + cri-o can now be used for testing
  * This mode seems to be slightly more supported than the
    current profiles.
* The location for minikube install can be moved.
* The use-buildset-registry role needed slight updates in order
  to populate the kubernetes registry config early.

Change-Id: Ia578f1e00432eec5d81304f70db649e420786a02
2024-08-22 20:50:39 +01:00

65 lines
2.1 KiB
ReStructuredText

Adds a buildset registry to the docker configuration.
Use this role on any host which should use the buildset registry.
**Role Variables**
.. zuul:rolevar:: buildset_registry
Information about the registry, as returned by
:zuul:role:`run-buildset-registry`.
.. zuul:rolevar:: host
The host (IP address) of the registry.
.. zuul:rolevar:: port
The port on which the registry is listening.
.. zuul:rolevar:: username
The username used to access the registry via HTTP basic auth.
.. zuul:rolevar:: password
The password used to access the registry via HTTP basic auth.
.. zuul:rolevar:: cert
The (self-signed) certificate used by the registry.
.. zuul:rolevar:: buildset_registry_docker_user
:default: {{ ansible_user }}
The system user to configure to use the docker registry. The
docker configuration file for this user will be updated. By
default, the user Ansible is running as.
.. zuul:rolevar:: buildset_registry_namespaces
:default: [ ('docker.io', 'https://...'), ('quay.io', ...), ('gcr.io', ...)]
The namespaces that the buildset registry supports. Each entry
should be a tuple with the first elemnet being the registry host
(usually the internet domain name) and the second being the URL the
registry is hosted at.
The buildset registry will be consulted first for images in these
namespaces. Any others will be fetched only from their upstream
sources.
Add any local or third-party registries necessary here.
The default may change in the future as more general-purpose public
registries become known.
.. zuul:rolevar:: buildset_registry_unqualified_registries
:default: [ 'docker.io' ]
Some tools` like `podman` and `cri-o` are stricter when looking for
unqualified registries. This sets up `containerd` (and `cri-o`) with
a default unqualified search prefix, making it compatible with legacy
behaviour. More detail at `containers-registries.conf`_.
.. _containers-registries.conf: https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md