diff options
| author | Michael Gugino <mgugino@redhat.com> | 2017-10-16 13:40:21 -0400 |
|---|---|---|
| committer | Michael Gugino <mgugino@redhat.com> | 2017-10-16 14:15:58 -0400 |
| commit | b61146ccfd57ef264702d55e65e6dd4db7e53fd7 (patch) | |
| tree | 8200a0c11982342bb9229fcac7be4ce5d94e4ec7 /roles/docker/tasks | |
| parent | 27321df000f4789fa3876fdb43e4b083fe55bdcb (diff) | |
| download | openshift-b61146ccfd57ef264702d55e65e6dd4db7e53fd7.tar.gz openshift-b61146ccfd57ef264702d55e65e6dd4db7e53fd7.tar.bz2 openshift-b61146ccfd57ef264702d55e65e6dd4db7e53fd7.tar.xz openshift-b61146ccfd57ef264702d55e65e6dd4db7e53fd7.zip | |
Fix missing docker option signature-verification
Currently, docker 1.12 can be configured to use the
run-time parameter of 'signature-verification'
By default, rpm installation of docker results in
'--signature-verification=false' being added to
OPTIONS in /etc/sysconfig/docker
Currently, openshift-ansible does not preserve that
value. This can cause docker to be unable to pull
images from a previously working source due to a
change in configuration.
This commit adds the option with the default
as provided by the rpm installation.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1502560
Diffstat (limited to 'roles/docker/tasks')
| -rw-r--r-- | roles/docker/tasks/package_docker.yml | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/roles/docker/tasks/package_docker.yml b/roles/docker/tasks/package_docker.yml index 888ae40e7..7ccab37a5 100644 --- a/roles/docker/tasks/package_docker.yml +++ b/roles/docker/tasks/package_docker.yml @@ -115,11 +115,12 @@ dest: /etc/sysconfig/docker regexp: '^OPTIONS=.*$' line: "OPTIONS='\ - {% if ansible_selinux.status | default(None) == 'enabled' and docker_selinux_enabled | default(true) | bool %} --selinux-enabled {% endif %}\ - {% if docker_log_driver is defined %} --log-driver {{ docker_log_driver }}{% endif %}\ - {% if docker_log_options is defined %} {{ docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %}\ - {% if docker_options is defined %} {{ docker_options }}{% endif %}\ - {% if docker_disable_push_dockerhub is defined %} --confirm-def-push={{ docker_disable_push_dockerhub | bool }}{% endif %}'" + {% if ansible_selinux.status | default(None) == 'enabled' and docker_selinux_enabled | default(true) | bool %} --selinux-enabled {% endif %} \ + {% if docker_log_driver is defined %} --log-driver {{ docker_log_driver }}{% endif %} \ + {% if docker_log_options is defined %} {{ docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %} \ + {% if docker_options is defined %} {{ docker_options }}{% endif %} \ + {% if docker_disable_push_dockerhub is defined %} --confirm-def-push={{ docker_disable_push_dockerhub | bool }}{% endif %} \ + --signature-verification={{ openshift_docker_signature_verification | bool }}'" when: docker_check.stat.isreg is defined and docker_check.stat.isreg notify: - restart docker |