From 5815311c8fbad15fe23691e010ce7e4a132f6e7c Mon Sep 17 00:00:00 2001 From: Michael Gugino Date: Thu, 17 Aug 2017 22:45:05 -0400 Subject: Add independent registry auth support Added the ability to support authentication for independent / 3rd party registries. This commit will allow users to provide a `oreg_auth_user` and `oreg_auth_password` to dynmically generate a docker config.json file. The docker config.json file can be used by openshift to authenticate to independent / 3rd party registries. `oreg_host` must supply endpoint connection info in the form of 'hostname.com:port', with (optional) port 443 default. To update the config.json on a later run, the user can specify `oreg_auth_credentials_replace=False` to update the credentials. These settings must be used in tandem with `oreg_url` Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1316341 --- roles/openshift_master/tasks/main.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'roles/openshift_master/tasks') diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index b80941b48..ba56ac94e 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -232,6 +232,22 @@ - restart master controllers when: openshift_master_bootstrap_enabled | default(False) +- name: Check for credentials file for registry auth + stat: + path: "{{oreg_auth_credentials_path }}" + when: + - oreg_auth_user is defined + register: master_oreg_auth_credentials_stat + +- name: Create credentials for registry auth + command: "docker --config={{ oreg_auth_credentials_path }} login -u {{ oreg_auth_user }} -p {{ oreg_auth_password }} {{ oreg_host }}" + when: + - oreg_auth_user is defined + - (not master_oreg_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool + notify: + - restart master api + - restart master controllers + - include: set_loopback_context.yml when: - openshift.common.version_gte_3_2_or_1_2 -- cgit v1.2.3