From 04080eec1061696208caed00424ea6e8a5044c8d Mon Sep 17 00:00:00 2001 From: Samuel Warren Date: Wed, 24 Mar 2021 17:09:43 -0700 Subject: [PATCH] adds unsupported_operators role --- roles/unsupported_operators/README.md | 6 ++ roles/unsupported_operators/defaults/main.yml | 2 + .../tasks/machine_config.yml | 4 + roles/unsupported_operators/tasks/main.yml | 6 ++ .../unsupported_operators/tasks/registry.yml | 4 + .../templates/machine_config.j2 | 26 ++++++ .../templates/registry.conf.j2 | 82 +++++++++++++++++++ 7 files changed, 130 insertions(+) create mode 100644 roles/unsupported_operators/README.md create mode 100644 roles/unsupported_operators/defaults/main.yml create mode 100644 roles/unsupported_operators/tasks/machine_config.yml create mode 100644 roles/unsupported_operators/tasks/main.yml create mode 100644 roles/unsupported_operators/tasks/registry.yml create mode 100644 roles/unsupported_operators/templates/machine_config.j2 create mode 100644 roles/unsupported_operators/templates/registry.conf.j2 diff --git a/roles/unsupported_operators/README.md b/roles/unsupported_operators/README.md new file mode 100644 index 0000000..9eff64a --- /dev/null +++ b/roles/unsupported_operators/README.md @@ -0,0 +1,6 @@ +# roles/unsupported_operators + +## This role modifies registry.conf on machine config so that operators can be pulled by tag. + +> Before running this role: +#### `registry_fqdn:` in `defaults/main.yml` should be set to users' registry FQDN, EX: `registry_fqdn: registry.sparta.rht-set.com` diff --git a/roles/unsupported_operators/defaults/main.yml b/roles/unsupported_operators/defaults/main.yml new file mode 100644 index 0000000..5fd1da6 --- /dev/null +++ b/roles/unsupported_operators/defaults/main.yml @@ -0,0 +1,2 @@ +--- +registry_fqdn: diff --git a/roles/unsupported_operators/tasks/machine_config.yml b/roles/unsupported_operators/tasks/machine_config.yml new file mode 100644 index 0000000..2039fc5 --- /dev/null +++ b/roles/unsupported_operators/tasks/machine_config.yml @@ -0,0 +1,4 @@ +--- +- name: apply machine config + community.kubernetes.k8s: + definition: "{{ lookup('template', 'templates/machine_config.j2') | from_yaml }}" diff --git a/roles/unsupported_operators/tasks/main.yml b/roles/unsupported_operators/tasks/main.yml new file mode 100644 index 0000000..1f08ba3 --- /dev/null +++ b/roles/unsupported_operators/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: '{{ ansible_module | role:include_tasks | registry.yaml }}' + include_tasks: registry.yml + +- name: '{{ ansible_module | role:include_tasks | machine_config.yaml }}' + include_tasks: machine_config.yml diff --git a/roles/unsupported_operators/tasks/registry.yml b/roles/unsupported_operators/tasks/registry.yml new file mode 100644 index 0000000..3e8c261 --- /dev/null +++ b/roles/unsupported_operators/tasks/registry.yml @@ -0,0 +1,4 @@ +--- +- name: encode registry.conf + set_fact: + encoded_registry_conf: "{{ lookup('template', 'templates/registry.conf.j2') | b64encode }}" \ No newline at end of file diff --git a/roles/unsupported_operators/templates/machine_config.j2 b/roles/unsupported_operators/templates/machine_config.j2 new file mode 100644 index 0000000..68b358f --- /dev/null +++ b/roles/unsupported_operators/templates/machine_config.j2 @@ -0,0 +1,26 @@ +--- +apiVersion: machineconfiguration.openshift.io/v1 +kind: MachineConfig +metadata: + annotations: + labels: + machineconfiguration.openshift.io/role: worker + name: 99-zworker-container-registry-conf +spec: + config: + ignition: + version: 3.2.0 + storage: + files: + - contents: + source: data:text/plain;charset=utf-8;base64,{{ encoded_registry_conf }} + verification: {} + filesystem: root + mode: 420 + overwrite: true + path: /etc/containers/registries.conf + extensions: null + fips: false + kernelArguments: null + kernelType: "" + osImageURL: "" diff --git a/roles/unsupported_operators/templates/registry.conf.j2 b/roles/unsupported_operators/templates/registry.conf.j2 new file mode 100644 index 0000000..fe413d9 --- /dev/null +++ b/roles/unsupported_operators/templates/registry.conf.j2 @@ -0,0 +1,82 @@ +unqualified-search-registries = ["registry.access.redhat.com", "docker.io"] + +[[registry]] + prefix = "" + location = "quay.io/openshift-release-dev/ocp-release" + mirror-by-digest-only = false + + [[registry.mirror]] + location = "{{ registry_fqdn }}:5000/openshift-release-dev" + +[[registry]] + prefix = "" + location = "quay.io/openshift-release-dev/ocp-v4.0-art-dev" + mirror-by-digest-only = false + + [[registry.mirror]] + location = "{{ registry_fqdn }}:5000/openshift-release-dev" + +[[registry]] + prefix = "" + location = "registry.redhat.io" + mirror-by-digest-only = false + insecure = true + + [[registry.mirror]] + location = "{{ registry_fqdn }}:5000" + insecure = true + +[[registry]] + prefix = "" + location = "quay.io" + mirror-by-digest-only = false + insecure = true + + [[registry.mirror]] + location = "{{ registry_fqdn }}:5000" + insecure = true + +[[registry]] + prefix = "" + location = "docker.io" + mirror-by-digest-only = false + insecure = true + + [[registry.mirror]] + location = "{{ registry_fqdn }}:5000" + insecure = true + +[[registry]] + prefix = "" + location = "registry.connect.redhat.com" + mirror-by-digest-only = false + insecure = true + + [[registry.mirror]] + location = "{{ registry_fqdn }}:5000" + insecure = true + +[[registry]] + prefix = "" + location = "gcr.io" + mirror-by-digest-only = false + insecure = true + + [[registry.mirror]] + location = "{{ registry_fqdn }}:5000" + insecure = true + +[[registry]] + prefix = "" + location = "registry.access.redhat.com" + mirror-by-digest-only = false + insecure = true + + [[registry.mirror]] + location = "{{ registry_fqdn }}:5000" + insecure = true + +[[registry]] + prefix = "" + location = "{{ registry_fqdn }}:5000" + insecure = true