-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
prefer podman authentication file locations #37726
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -35,16 +35,19 @@ GITHUB_TOKEN=$(cat "$GITHUB_TOKEN_FILE") | |
# Setup registry credentials | ||
REGISTRY_TOKEN_FILE="$SECRETS_PATH/$REGISTRY_SECRET/$REGISTRY_SECRET_FILE" | ||
echo "## Setting up registry credentials." | ||
mkdir -p "$HOME/.docker" | ||
config_file="$HOME/.docker/config.json" | ||
export HOME="${HOME:-/tmp/home}" | ||
export XDG_RUNTIME_DIR="${HOME}/run" | ||
export REGISTRY_AUTH_PREFERENCE=podman # TODO: remove later, used for migrating oc from docker to podman | ||
mkdir -p "${XDG_RUNTIME_DIR}/containers" | ||
config_file="${XDG_RUNTIME_DIR}/containers/auth.json" | ||
cat "$REGISTRY_TOKEN_FILE" > "$config_file" || { | ||
echo "ERROR Could not read registry secret file" | ||
echo " From: $REGISTRY_TOKEN_FILE" | ||
echo " To : $config_file" | ||
} | ||
if [[ ! -r "$REGISTRY_TOKEN_FILE" ]]; then | ||
echo "ERROR Registry config file not found: $REGISTRY_TOKEN_FILE" | ||
echo " Is the docker/config.json in a different location?" | ||
echo "ERROR Registry authentication file not found: $REGISTRY_TOKEN_FILE" | ||
echo " Is the auth.json in a different location?" | ||
exit 1 | ||
fi | ||
oc registry login | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. this PR changes only places that depend on There are still many mention of |
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -18,6 +18,10 @@ fi | |
MIRROR_REGISTRY_HOST=`head -n 1 "${SHARED_DIR}/mirror_registry_url"` | ||
echo "MIRROR_REGISTRY_HOST: $MIRROR_REGISTRY_HOST" | ||
|
||
export HOME="${HOME:-/tmp/home}" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I am not sure if HOME variable is always exposed in all of these so I am adding it to make sure we always have it. |
||
export XDG_RUNTIME_DIR="${HOME}/run" | ||
export REGISTRY_AUTH_PREFERENCE=podman # TODO: remove later, used for migrating oc from docker to podman | ||
mkdir -p "${XDG_RUNTIME_DIR}" | ||
|
||
oc registry login | ||
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -167,6 +167,8 @@ objects: | |
value: /tmp/artifacts | ||
- name: HOME | ||
value: /tmp/home | ||
- name: XDG_RUNTIME_DIR | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. these changes should be identical to changes here openshift/ci-tools#3345 |
||
value: /tmp/home/run | ||
- name: IMAGE_FORMAT | ||
value: ${IMAGE_FORMAT} | ||
- name: KUBECONFIG | ||
|
@@ -228,7 +230,7 @@ objects: | |
done | ||
} | ||
|
||
mkdir -p "${HOME}" | ||
mkdir -p "${HOME}" "${XDG_RUNTIME_DIR}" | ||
|
||
# wait for the API to come up | ||
while true; do | ||
|
@@ -390,6 +392,8 @@ objects: | |
value: test | ||
- name: HOME | ||
value: /tmp | ||
- name: XDG_RUNTIME_DIR | ||
value: /tmp/run | ||
- name: INSTALL_INITIAL_RELEASE | ||
- name: RELEASE_IMAGE_INITIAL | ||
command: | ||
|
@@ -422,14 +426,15 @@ objects: | |
|
||
cp "$(command -v openshift-install)" /tmp/shared | ||
mkdir ${ARTIFACT_DIR}/installer | ||
mkdir -p "${XDG_RUNTIME_DIR}" | ||
|
||
if [[ -n "${INSTALL_INITIAL_RELEASE}" && -n "${RELEASE_IMAGE_INITIAL}" ]]; then | ||
echo "Installing from initial release ${RELEASE_IMAGE_INITIAL}" | ||
OPENSHIFT_INSTALL_RELEASE_IMAGE_OVERRIDE="${RELEASE_IMAGE_INITIAL}" | ||
elif [[ "${CLUSTER_VARIANT}" =~ "mirror" ]]; then | ||
# mirror the release image and override the release image to point to the mirrored one | ||
mkdir /tmp/.docker && cp /etc/openshift-installer/pull-secret /tmp/.docker/config.json | ||
oc registry login | ||
oc registry login --to /tmp/.docker/config.json | ||
MIRROR_BASE=$( oc get is release -o 'jsonpath={.status.publicDockerImageRepository}' ) | ||
oc adm release new --from-release ${RELEASE_IMAGE_LATEST} --to-image ${MIRROR_BASE}-scratch:release --mirror ${MIRROR_BASE}-scratch || echo 'ignore: the release could not be reproduced from its inputs' | ||
oc adm release mirror --from ${MIRROR_BASE}-scratch:release --to ${MIRROR_BASE} --to-release-image ${MIRROR_BASE}:mirrored | ||
|
@@ -741,6 +746,8 @@ objects: | |
value: /etc/openshift-installer/osServicePrincipal.json | ||
- name: GOOGLE_CLOUD_KEYFILE_JSON | ||
value: /etc/openshift-installer/gce.json | ||
- name: XDG_RUNTIME_DIR | ||
value: /tmp/run | ||
- name: KUBECONFIG | ||
value: /tmp/artifacts/installer/auth/kubeconfig | ||
command: | ||
|
@@ -772,7 +779,7 @@ objects: | |
export PATH=$PATH:/tmp/shared | ||
|
||
echo "Gathering artifacts ..." | ||
mkdir -p ${ARTIFACT_DIR}/pods ${ARTIFACT_DIR}/nodes ${ARTIFACT_DIR}/metrics ${ARTIFACT_DIR}/bootstrap ${ARTIFACT_DIR}/network | ||
mkdir -p ${ARTIFACT_DIR}/pods ${ARTIFACT_DIR}/nodes ${ARTIFACT_DIR}/metrics ${ARTIFACT_DIR}/bootstrap ${ARTIFACT_DIR}/network "${XDG_RUNTIME_DIR}" | ||
|
||
oc --insecure-skip-tls-verify --request-timeout=5s get nodes -o jsonpath --template '{range .items[*]}{.metadata.name}{"\n"}{end}' > /tmp/nodes | ||
oc --insecure-skip-tls-verify --request-timeout=5s get pods --all-namespaces --template '{{ range .items }}{{ $name := .metadata.name }}{{ $ns := .metadata.namespace }}{{ range .spec.containers }}-n {{ $ns }} {{ $name }} -c {{ .name }}{{ "\n" }}{{ end }}{{ range .spec.initContainers }}-n {{ $ns }} {{ $name }} -c {{ .name }}{{ "\n" }}{{ end }}{{ end }}' > /tmp/containers | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
assisted-baremetal-images-publish
,assisted-baremetal-operator-publish
,opendatahub-io-ci-image-mirror
andred-hat-data-services-ci-image-mirror
seem to be used only up to 4.10 so these should be okay to change