ansible/test/integration/targets/setup_docker_registry/tasks/setup.yml

---
- name: Setup OpenSSL
  include_role:
    name: setup_openssl

- name: Register registry cleanup
  command: 'true'
  # this must be registered before setup_docker is included
  # otherwise setup_docker's own cleanup handler will run before registry cleanup, which will cause registry cleanup to fail
  notify: Remove test registry

- name: Setup Docker
  include_role:
    name: setup_docker

- name: Create random name prefix and test registry name
  set_fact:
    name_prefix: "{{ 'ansible-test-%0x' % ((2**32) | random) }}"
    registry_name: "{{ 'ansible-test-registry-%0x' % ((2**32) | random) }}"
    nginx_name: "{{ 'ansible-test-registry-frontend-%0x' % ((2**32) | random) }}"
- name: Create image and container list
  set_fact:
    inames: []
    cnames:
    - "{{ registry_name }}"
    - "{{ nginx_name }}"
    vnames:
    - "{{ nginx_name }}"

- debug:
    msg: "Using name prefix {{ name_prefix }} and test registry name {{ registry_name }}"

- block:
  - name: Start test registry
    docker_container:
      name: "{{ registry_name }}"
      image: registry:2.6.1
      ports: 5000
    register: registry_container

  - name: Get registry URL
    set_fact:
      registry_address: "localhost:{{ registry_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}"

  - name: Start nginx frontend for registry
    docker_volume:
      name: "{{ nginx_name }}"
      state: present

  - name: Create container for nginx frontend for registry
    docker_container:
      state: stopped
      name: "{{ nginx_name }}"
      image: nginx:alpine
      ports: 5000
      links:
        - "{{ registry_name }}:real-registry"
      volumes:
        - "{{ nginx_name }}:/etc/nginx/"
    register: nginx_container

  - name: Copy static files into volume
    command: docker cp {{ role_path }}/files/{{ item }} {{ nginx_name }}:/etc/nginx/{{ item }}
    loop:
      - "nginx.conf"
      - "nginx.htpasswd"

  - name: Create private key for frontend certificate
    openssl_privatekey:
      path: "{{ output_dir }}/cert.key"
      type: ECC
      curve: secp256r1
  - name: Create CSR for frontend certificate
    openssl_csr:
      path: "{{ output_dir }}/cert.csr"
      privatekey_path: "{{ output_dir }}/cert.key"
      subject_alt_name:
        - "DNS:test-registry.ansible.com"
  - name: Create frontend certificate
    openssl_certificate:
      path: "{{ output_dir }}/cert.pem"
      csr_path: "{{ output_dir }}/cert.csr"
      privatekey_path: "{{ output_dir }}/cert.key"
      provider: selfsigned

  - name: Copy dynamic files into volume
    command: docker cp {{ output_dir }}/{{ item }} {{ nginx_name }}:/etc/nginx/{{ item }}
    loop:
      - "cert.pem"
      - "cert.key"

  - name: Start nginx frontend for registry
    docker_container:
      name: "{{ nginx_name }}"
      state: started
    register: nginx_container

  - debug: var=nginx_container.container.NetworkSettings

  - name: Wait for registry frontend
    uri:
      url: "https://{{ nginx_container.container.NetworkSettings.IPAddress }}:5000/v2/"
      url_username: testuser
      url_password: hunter2
      validate_certs: no
    register: result
    until: result is success
    retries: 5
    delay: 1

  - name: Get registry URL
    set_fact:
      registry_frontend_address: "localhost:{{ nginx_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}"

  - debug: msg="Registry available under {{ registry_address }}, NGINX frontend available under {{ registry_frontend_address }}"

  when: docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')

- fail: msg="Too old docker / docker-py version to run docker_image tests!"
  when: not(docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')) and (ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6)
docker_image and docker_login: move tests needing a registry into own target, add tests for docker_login (#62721) * Move tests with docker registry into own target. * Add docker_login tests. * Add step which makes sure hello-world:latest is around. * Make work inside docker container. * Add dependency. * Use plaintext password. * Forgot check_mode. * Add no_log to avoid double log output in verbose mode. 2019-09-30 06:09:00 +02:00			`---`
Split up docker-registry test target. (#65211) * Copy relevant docker-registry files: docker-registry/files/nginx.conf -> setup_docker_registry/files/nginx.conf docker-registry/files/nginx.htpasswd -> setup_docker_registry/files/nginx.htpasswd docker-registry/meta/main.yml -> setup_docker_registry/meta/main.yml docker-registry/tasks/main.yml -> setup_docker_registry/tasks/main.yml docker-registry/tasks/main.yml -> setup_docker_registry/handlers/cleanup.yml * Remove non-cleanup code from handlers/cleanup.yml. * Remove tests and cleanup from tasks/main.yml. * Register cleanup handler. * Use setup_docker_registry in docker-registry test. * Fix handler execution order. * Split out docker_login integration test. * Move remaining tests into docker_image test. * Cleanup before running docker_image options test. * Improve reliability of test cleanup. * Move files for conditional inclusion. * Set proper conditions on tests. * Rename tasks file for conditional inclusion. * Conditionally include tasks. 2019-12-04 23:14:43 +01:00			`- name: Setup OpenSSL`
			`include_role:`
			`name: setup_openssl`

			`- name: Register registry cleanup`
			`command: 'true'`
			`# this must be registered before setup_docker is included`
			`# otherwise setup_docker's own cleanup handler will run before registry cleanup, which will cause registry cleanup to fail`
			`notify: Remove test registry`

			`- name: Setup Docker`
			`include_role:`
			`name: setup_docker`

docker_image and docker_login: move tests needing a registry into own target, add tests for docker_login (#62721) * Move tests with docker registry into own target. * Add docker_login tests. * Add step which makes sure hello-world:latest is around. * Make work inside docker container. * Add dependency. * Use plaintext password. * Forgot check_mode. * Add no_log to avoid double log output in verbose mode. 2019-09-30 06:09:00 +02:00			`- name: Create random name prefix and test registry name`
			`set_fact:`
			`name_prefix: "{{ 'ansible-test-%0x' % ((2**32) \| random) }}"`
			`registry_name: "{{ 'ansible-test-registry-%0x' % ((2**32) \| random) }}"`
			`nginx_name: "{{ 'ansible-test-registry-frontend-%0x' % ((2**32) \| random) }}"`
			`- name: Create image and container list`
			`set_fact:`
			`inames: []`
			`cnames:`
			`- "{{ registry_name }}"`
			`- "{{ nginx_name }}"`
			`vnames:`
			`- "{{ nginx_name }}"`

			`- debug:`
			`msg: "Using name prefix {{ name_prefix }} and test registry name {{ registry_name }}"`

			`- block:`
			`- name: Start test registry`
			`docker_container:`
			`name: "{{ registry_name }}"`
			`image: registry:2.6.1`
			`ports: 5000`
			`register: registry_container`

			`- name: Get registry URL`
			`set_fact:`
			`registry_address: "localhost:{{ registry_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}"`

			`- name: Start nginx frontend for registry`
			`docker_volume:`
			`name: "{{ nginx_name }}"`
			`state: present`

			`- name: Create container for nginx frontend for registry`
			`docker_container:`
			`state: stopped`
			`name: "{{ nginx_name }}"`
			`image: nginx:alpine`
			`ports: 5000`
			`links:`
			`- "{{ registry_name }}:real-registry"`
			`volumes:`
			`- "{{ nginx_name }}:/etc/nginx/"`
			`register: nginx_container`

			`- name: Copy static files into volume`
			`command: docker cp {{ role_path }}/files/{{ item }} {{ nginx_name }}:/etc/nginx/{{ item }}`
			`loop:`
			`- "nginx.conf"`
			`- "nginx.htpasswd"`

			`- name: Create private key for frontend certificate`
			`openssl_privatekey:`
			`path: "{{ output_dir }}/cert.key"`
			`type: ECC`
			`curve: secp256r1`
			`- name: Create CSR for frontend certificate`
			`openssl_csr:`
			`path: "{{ output_dir }}/cert.csr"`
			`privatekey_path: "{{ output_dir }}/cert.key"`
			`subject_alt_name:`
			`- "DNS:test-registry.ansible.com"`
			`- name: Create frontend certificate`
			`openssl_certificate:`
			`path: "{{ output_dir }}/cert.pem"`
			`csr_path: "{{ output_dir }}/cert.csr"`
			`privatekey_path: "{{ output_dir }}/cert.key"`
			`provider: selfsigned`

			`- name: Copy dynamic files into volume`
			`command: docker cp {{ output_dir }}/{{ item }} {{ nginx_name }}:/etc/nginx/{{ item }}`
			`loop:`
			`- "cert.pem"`
			`- "cert.key"`

			`- name: Start nginx frontend for registry`
			`docker_container:`
			`name: "{{ nginx_name }}"`
			`state: started`
			`register: nginx_container`

			`- debug: var=nginx_container.container.NetworkSettings`

			`- name: Wait for registry frontend`
			`uri:`
			`url: "https://{{ nginx_container.container.NetworkSettings.IPAddress }}:5000/v2/"`
			`url_username: testuser`
			`url_password: hunter2`
			`validate_certs: no`
			`register: result`
			`until: result is success`
			`retries: 5`
			`delay: 1`

			`- name: Get registry URL`
			`set_fact:`
			`registry_frontend_address: "localhost:{{ nginx_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}"`

			`- debug: msg="Registry available under {{ registry_address }}, NGINX frontend available under {{ registry_frontend_address }}"`

			`when: docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')`

			`- fail: msg="Too old docker / docker-py version to run docker_image tests!"`
			`when: not(docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')) and (ansible_distribution != 'CentOS' or ansible_distribution_major_version\|int > 6)`