zuul-registry/playbooks/functional-test/podman-buildset.yaml
Ian Wienand 0601df0049 Fix and/or matching for image pre-conditions
These matches look like they should be "or" (if any of these images is
already there, fail), not "and".  This caused some confusion when the
image was being leaked (I722ba599fbc690d6cb967070c05215b98a73dcaf) as
this wasn't triggering.

Change-Id: Ic6dad7bbf9013e994eb80a54bc5191a96bd4be94
2022-03-04 06:45:21 +11:00

126 lines
3.7 KiB
YAML

# Test push and pull from the buildset registry
- name: Create new registries.conf
copy:
dest: /etc/containers/registries.conf
src: files/registries.conf
become: true
- name: Start the registry
shell:
cmd: docker-compose up -d
chdir: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry/playbooks/functional-test"
- name: Wait for registry to come up
uri:
url: https://localhost:9000/v2/
validate_certs: false
status_code: 401
register: result
until: result.status is defined and result.status == 401
delay: 1
retries: 120
- name: Create new docker user config
set_fact:
new_user_config: {}
- name: Write docker user configuration
copy:
content: "{{ new_user_config | to_nice_json }}"
dest: ~/.docker/config.json
- name: Write containers auth configuration
copy:
content: "{{ new_user_config | to_nice_json }}"
dest: "/run/user/{{ ansible_user_uid }}/auth.json"
- name: Copy the test image into the registry
command: >
skopeo copy --dest-creds testuser:testpass
docker-archive:{{ workspace }}/test.img
docker://localhost:9000/test/image:latest
- name: Copy the test image into the registry
command: >
skopeo copy --dest-creds testuser:testpass
docker-archive:{{ workspace }}/test.img
docker://localhost:9000/quay.io/test/quay-image:latest
- name: Print list of images
command: podman image ls --all --digests --no-trunc
register: image_list
failed_when: >
('test/image' in image_list.stdout) or
('test/quay-image' in image_list.stdout) or
('alpine' in image_list.stdout)
- name: Pull the shadowed docker image from the registry
command: podman pull test/image
- name: Print list of images
command: podman image ls --all --digests --no-trunc
register: image_list
# Pulling the short-name test/image should result in a pull of
# "docker.io/test/image" from the localhost:9000 mirror thanks to
# unqualified-serach-registries being set to "docker.io" in
# /etc/containers/registries.conf
- name: Show images
debug:
var: image_list.stdout
- name: Check for test image
fail:
msg: 'docker.io/test/image not found in podman image list'
when: "'docker.io/test/image' not in image_list.stdout"
- name: Remove the test image from the local cache
command: podman rmi docker.io/test/image
- name: Pull the shadowed quay image from the registry
command: podman pull quay.io/test/quay-image
- name: Print list of images
command: podman image ls --all --digests --no-trunc
register: image_list
failed_when: "'quay.io/test/quay-image' not in image_list.stdout"
- name: Remove the test image from the local cache
command: podman rmi quay.io/test/quay-image
- name: Try to pull an image that does not exist
command: podman pull test/dne
register: result
failed_when: result.rc != 125
- name: Pull an image from docker.io
command: podman pull alpine
- name: Print list of images
command: podman image ls --all --digests --no-trunc
register: image_list
failed_when: "'docker.io/library/alpine' not in image_list.stdout"
- name: Remove the test image from the local cache
command: podman rmi docker.io/library/alpine
- name: Pull an image from quay.io
command: podman pull quay.io/0xff/alpine-sshd
- name: Print list of images
command: podman image ls --all --digests --no-trunc
register: image_list
failed_when: "'quay.io/0xff/alpine-sshd' not in image_list.stdout"
- name: Remove the test image from the local cache
command: podman rmi quay.io/0xff/alpine-sshd
- name: Stop the registry
shell:
cmd: docker-compose down
chdir: "{{ ansible_user_dir }}/src/opendev.org/zuul/zuul-registry/playbooks/functional-test"
- name: Clean up docker volumes
command: docker volume prune -f