summaryrefslogtreecommitdiffstats
path: root/roles/openshift_health_checker
diff options
context:
space:
mode:
authorScott Dodson <sdodson@redhat.com>2017-10-23 16:44:03 -0400
committerGitHub <noreply@github.com>2017-10-23 16:44:03 -0400
commit5c5aa53c0c9e7c12169f9c7e2565a6166f0baf63 (patch)
treec34deec242e847aeec4470042715e3738aa4ab95 /roles/openshift_health_checker
parent9d62027ef74197cfe0dd52ed2ca9bd9b0319a496 (diff)
parent23b37a72ef60e7d7830321ba65c5e98bf9563232 (diff)
downloadopenshift-5c5aa53c0c9e7c12169f9c7e2565a6166f0baf63.tar.gz
openshift-5c5aa53c0c9e7c12169f9c7e2565a6166f0baf63.tar.bz2
openshift-5c5aa53c0c9e7c12169f9c7e2565a6166f0baf63.tar.xz
openshift-5c5aa53c0c9e7c12169f9c7e2565a6166f0baf63.zip
Merge pull request #5781 from mgugino-upstream-stage/fix-reg-auth-templating
Ensure proper variable templating for skopeo auth credentials
Diffstat (limited to 'roles/openshift_health_checker')
-rw-r--r--roles/openshift_health_checker/action_plugins/openshift_health_check.py3
-rw-r--r--roles/openshift_health_checker/openshift_checks/__init__.py7
-rw-r--r--roles/openshift_health_checker/openshift_checks/docker_image_availability.py5
3 files changed, 12 insertions, 3 deletions
diff --git a/roles/openshift_health_checker/action_plugins/openshift_health_check.py b/roles/openshift_health_checker/action_plugins/openshift_health_check.py
index 326176273..3ee3b132c 100644
--- a/roles/openshift_health_checker/action_plugins/openshift_health_check.py
+++ b/roles/openshift_health_checker/action_plugins/openshift_health_check.py
@@ -101,7 +101,8 @@ class ActionModule(ActionBase):
execute_module=self._execute_module,
tmp=tmp,
task_vars=task_vars,
- want_full_results=want_full_results
+ want_full_results=want_full_results,
+ templar=self._templar
)
return known_checks
diff --git a/roles/openshift_health_checker/openshift_checks/__init__.py b/roles/openshift_health_checker/openshift_checks/__init__.py
index ce05b44a4..b7b16e0ea 100644
--- a/roles/openshift_health_checker/openshift_checks/__init__.py
+++ b/roles/openshift_health_checker/openshift_checks/__init__.py
@@ -65,12 +65,15 @@ class OpenShiftCheck(object):
If the check can gather logs, tarballs, etc., do so when True; but no need to spend
the time if they're not wanted (won't be written to output directory).
"""
-
- def __init__(self, execute_module=None, task_vars=None, tmp=None, want_full_results=False):
+ # pylint: disable=too-many-arguments
+ def __init__(self, execute_module=None, task_vars=None, tmp=None, want_full_results=False,
+ templar=None):
# store a method for executing ansible modules from the check
self._execute_module = execute_module
# the task variables and tmpdir passed into the health checker task
self.task_vars = task_vars or {}
+ # We may need to template some task_vars
+ self._templar = templar
self.tmp = tmp
# a boolean for disabling the gathering of results (files, computations) that won't
# actually be recorded/used
diff --git a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
index 7c8ac78fe..5beb20503 100644
--- a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
+++ b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
@@ -61,10 +61,15 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck):
# for the oreg_url registry there may be credentials specified
components = self.get_var("oreg_url", default="").split('/')
self.registries["oreg"] = "" if len(components) < 3 else components[0]
+
+ # Retrieve and template registry credentials, if provided
self.skopeo_command_creds = ""
oreg_auth_user = self.get_var('oreg_auth_user', default='')
oreg_auth_password = self.get_var('oreg_auth_password', default='')
if oreg_auth_user != '' and oreg_auth_password != '':
+ if self._templar is not None:
+ oreg_auth_user = self._templar.template(oreg_auth_user)
+ oreg_auth_password = self._templar.template(oreg_auth_password)
self.skopeo_command_creds = "--creds={}:{}".format(quote(oreg_auth_user), quote(oreg_auth_password))
# record whether we could reach a registry or not (and remember results)