Inicio Explorar Axuda
Rexistro Iniciar sesión
shixiong
/
okd
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: 3045d2d7ae
Ramas Etiquetas
okd
/
roles
/
openshift_hosted
/
tasks
/
registry
/
storage
/
s3.yml

s3.yml 2.2 KB
Histórico Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647 
  1. ---
    2. 

  2. - fail:
    3. 

  3.     msg: >
    4. 

  4.       openshift_hosted_registry_storage_s3_accesskey and
    5. 

  5.       openshift_hosted_registry_storage_s3_secretkey are required
    6. 

  6.   when: openshift.hosted.registry.storage.s3.accesskey | default(none) is none or openshift.hosted.registry.storage.s3.secretkey | default(none) is none
    7. 

  7. 

  8. - fail:
    9. 

  9.     msg: >
    10. 

  10.       openshift_hosted_registry_storage_s3_bucket and
    11. 

  11.       openshift_hosted_registry_storage_s3_region are required
    12. 

  12.   when: openshift.hosted.registry.storage.s3.bucket | default(none) is none or openshift.hosted.registry.storage.s3.region | default(none) is none
    13. 

  13. 

  14. # If cloudfront is being used, fail if we don't have all the required variables
    15. 

  15. - assert:
    16. 

  16.     that:
    17. 

  17.       - "openshift_hosted_registry_storage_s3_cloudfront_baseurl is not defined or openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile | default(none) is not none"
    18. 

  18.       - "openshift_hosted_registry_storage_s3_cloudfront_baseurl is not defined or openshift_hosted_registry_storage_s3_cloudfront_keypairid | default(none) is not none"
    19. 

  19.     msg: >
    20. 

  20.       When openshift_hosted_registry_storage_s3_cloudfront_baseurl is provided
    21. 

  21.       openshift_hosted_registry_storage_s3_cloudfront_keypairid and
    22. 

  22.       openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile are required
    23. 

  23. 

  24. 

  25. # Inject the cloudfront private key as a secret when required
    26. 

  26. - block:
    27. 

  27. 

  28.     - name: Create registry secret for cloudfront
    29. 

  29.       oc_secret:
    30. 

  30.         state: present
    31. 

  31.         namespace: "{{ openshift.hosted.registry.namespace | default('default') }}"
    32. 

  32.         name: docker-registry-s3-cloudfront
    33. 

  33.         contents:
    34. 

  34.           path: cloudfront.pem
    35. 

  35.           data: "{{ lookup('file', openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile) }}"
    36. 

  36. 

  37.     - name: Add cloudfront secret to the registry deployment config
    38. 

  38.       command: >
    39. 

  39.         oc volume dc/docker-registry --add --name=cloudfront-vol
    40. 

  40.         --namespace="{{ openshift.hosted.registry.namespace | default('default') }}"
    41. 

  41.         -m /etc/origin --type=secret --secret-name=docker-registry-s3-cloudfront
    42. 

  42.       register: cloudfront_vol_attach
    43. 

  43.       failed_when:
    44. 

  44.         - "'already exists' not in cloudfront_vol_attach.stderr"
    45. 

  45.         - "cloudfront_vol_attach.rc != 0"
    46. 

  46. 

  47.   when: openshift_hosted_registry_storage_s3_cloudfront_baseurl | default(none) is not none
    48.