2020-10-21 08:18:05 +02:00
---
2020-03-09 10:11:07 +01:00
- name : Register registry cleanup
command : 'true'
notify : Remove test registry
- name : Setup Docker
2020-10-21 08:18:05 +02:00
# Please note that we do setup_docker here and not via meta/main.yml to avoid the problem that
# our cleanup is called **after** setup_docker's cleanup has been called!
2020-03-09 10:11:07 +01:00
include_role :
name : setup_docker
- name : Create random name prefix and test registry name
set_fact :
2020-10-21 08:18:05 +02:00
docker_registry_container_name_registry : '{{ ' 'ansible-test-registry-%0x' ' % ((2**32) | random) }}'
docker_registry_container_name_nginx : '{{ ' 'ansible-test-registry-frontend-%0x' ' % ((2**32) | random) }}'
docker_registry_container_name_nginx2 : '{{ ' 'ansible-test-registry-frontend2-%0x' ' % ((2**32) | random) }}'
2020-03-09 10:11:07 +01:00
- name : Create image and container list
set_fact :
2020-10-21 08:18:05 +02:00
docker_registry_setup_inames : [ ]
docker_registry_setup_cnames :
- '{{ docker_registry_container_name_registry }}'
- '{{ docker_registry_container_name_nginx }}'
- '{{ docker_registry_container_name_nginx2 }}'
docker_registry_setup_vnames :
- '{{ docker_registry_container_name_nginx }}'
- '{{ docker_registry_container_name_nginx2 }}'
2020-03-09 10:11:07 +01:00
- debug :
2020-10-21 08:18:05 +02:00
msg : Using test registry name {{ docker_registry_container_name_registry }} and nginx frontend name {{ docker_registry_container_name_nginx }}
2020-03-09 10:11:07 +01:00
- block :
2020-10-21 08:18:05 +02:00
# Set up registry container
2020-03-09 10:11:07 +01:00
- name : Start test registry
docker_container :
2020-10-21 08:18:05 +02:00
name : '{{ docker_registry_container_name_registry }}'
2020-03-09 10:11:07 +01:00
image : registry:2.6.1
ports : 5000
register : registry_container
- name : Get registry URL
set_fact :
registry_address : localhost:{{ registry_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}
2020-10-21 08:18:05 +02:00
# Set up first nginx frontend for registry
2020-03-09 10:11:07 +01:00
- name : Start nginx frontend for registry
docker_volume :
2020-10-21 08:18:05 +02:00
name : '{{ docker_registry_container_name_nginx }}'
2020-03-09 10:11:07 +01:00
state : present
- name : Create container for nginx frontend for registry
docker_container :
state : stopped
2020-10-21 08:18:05 +02:00
name : '{{ docker_registry_container_name_nginx }}'
2020-03-09 10:11:07 +01:00
image : nginx:alpine
ports : 5000
links :
2020-10-21 08:18:05 +02:00
- '{{ docker_registry_container_name_registry }}:real-registry'
2020-03-09 10:11:07 +01:00
volumes :
2020-10-21 08:18:05 +02:00
- '{{ docker_registry_container_name_nginx }}:/etc/nginx/'
2020-03-09 10:11:07 +01:00
register : nginx_container
- name : Copy static files into volume
2020-10-21 08:18:05 +02:00
command : docker cp {{ role_path }}/files/{{ item }} {{ docker_registry_container_name_nginx }}:/etc/nginx/{{ item }}
2020-03-09 10:11:07 +01:00
loop :
- nginx.conf
- nginx.htpasswd
2020-05-20 08:40:04 +02:00
register : can_copy_files
ignore_errors : yes
- block :
- name : Create private key for frontend certificate
community.crypto.openssl_privatekey :
path : '{{ output_dir }}/cert.key'
type : ECC
curve : secp256r1
- name : Create CSR for frontend certificate
community.crypto.openssl_csr :
path : '{{ output_dir }}/cert.csr'
privatekey_path : '{{ output_dir }}/cert.key'
subject_alt_name :
- DNS:test-registry.ansible.com
- name : Create frontend certificate
community.crypto.openssl_certificate :
path : '{{ output_dir }}/cert.pem'
csr_path : '{{ output_dir }}/cert.csr'
privatekey_path : '{{ output_dir }}/cert.key'
provider : selfsigned
- name : Copy dynamic files into volume
2020-10-21 08:18:05 +02:00
command : docker cp {{ output_dir }}/{{ item }} {{ docker_registry_container_name_nginx }}:/etc/nginx/{{ item }}
2020-05-20 08:40:04 +02:00
loop :
- cert.pem
- cert.key
- name : Start nginx frontend for registry
docker_container :
2020-10-21 08:18:05 +02:00
name : '{{ docker_registry_container_name_nginx }}'
2020-05-20 08:40:04 +02:00
state : started
register : nginx_container
- debug : var=nginx_container.container.NetworkSettings
- name : Wait for registry frontend
uri :
url : https://{{ nginx_container.container.NetworkSettings.IPAddress }}:5000/v2/
url_username : testuser
url_password : hunter2
validate_certs : false
register : result
until : result is success
retries : 5
delay : 1
- name : Get registry URL
set_fact :
registry_frontend_address : localhost:{{ nginx_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}
when : can_copy_files is not failed
- set_fact :
registry_frontend_address : 'n/a'
when : can_copy_files is failed
2020-10-21 08:18:05 +02:00
# Set up second nginx frontend for registry
- name : Start nginx frontend for registry
docker_volume :
name : '{{ docker_registry_container_name_nginx2 }}'
state : present
- name : Create container for nginx frontend for registry
docker_container :
state : stopped
name : '{{ docker_registry_container_name_nginx2 }}'
image : nginx:alpine
ports : 5000
links :
- '{{ docker_registry_container_name_registry }}:real-registry'
volumes :
- '{{ docker_registry_container_name_nginx2 }}:/etc/nginx/'
register : nginx_container
- name : Copy static files into volume
command : docker cp {{ role_path }}/files/{{ item }} {{ docker_registry_container_name_nginx2 }}:/etc/nginx/{{ item }}
loop :
- nginx.conf
- nginx.htpasswd
register : can_copy_files
ignore_errors : yes
- block :
- name : Create private key for frontend certificate
community.crypto.openssl_privatekey :
path : '{{ output_dir }}/cert.key'
type : ECC
curve : secp256r1
- name : Create CSR for frontend certificate
community.crypto.openssl_csr :
path : '{{ output_dir }}/cert.csr'
privatekey_path : '{{ output_dir }}/cert.key'
subject_alt_name :
- DNS:test-registry.ansible.com
- name : Create frontend certificate
community.crypto.openssl_certificate :
path : '{{ output_dir }}/cert.pem'
csr_path : '{{ output_dir }}/cert.csr'
privatekey_path : '{{ output_dir }}/cert.key'
provider : selfsigned
- name : Copy dynamic files into volume
command : docker cp {{ output_dir }}/{{ item }} {{ docker_registry_container_name_nginx2 }}:/etc/nginx/{{ item }}
loop :
- cert.pem
- cert.key
- name : Start nginx frontend for registry
docker_container :
name : '{{ docker_registry_container_name_nginx2 }}'
state : started
register : nginx_container
- debug : var=nginx_container.container.NetworkSettings
- name : Wait for registry frontend
uri :
url : https://{{ nginx_container.container.NetworkSettings.IPAddress }}:5000/v2/
url_username : testuser
url_password : hunter2
validate_certs : false
register : result
until : result is success
retries : 5
delay : 1
- name : Get registry URL
set_fact :
registry_frontend2_address : localhost:{{ nginx_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}
when : can_copy_files is not failed
- set_fact :
registry_frontend2_address : 'n/a'
when : can_copy_files is failed
- debug : msg="Registry available under {{ registry_address }}, NGINX frontends available under {{ registry_frontend_address }} and {{ registry_frontend2_address }}"
2020-03-09 10:11:07 +01:00
when : docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')
- fail : msg="Too old docker / docker-py version to run docker_image tests!"
when : not(docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')) and (ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6)
