Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
185 lines (167 sloc) 7.36 KB
---
# other than installing docker, need to install docker-python and ansible
# also need to start docker
# This playbook can be used to download the container images which
# passed CI and tag them back to rdoproject registry.
# It will also mirror the images to docker.io.
- name: Download and repush container images
hosts: localhost
become: yes
become_user: root
vars:
named_label: "{{ lookup('env', 'PROMOTE_NAME') }}"
full_hash: "{{ lookup('env', 'FULL_HASH')}}"
script_root: "{{ lookup('env', 'SCRIPT_ROOT') }}"
dockerhub_namespace: "tripleo{{ lookup('env','RELEASE') }}"
dockerhub_username: "{{ lookup('env','DOCKERHUB_USERNAME') }}"
dockerhub_password: "{{ lookup('env','DOCKERHUB_PASSWORD') }}"
rdoproject_namespace: "tripleo{{ lookup('env','RELEASE') }}"
rdoproject_username: "{{ lookup('env','RDOPROJECT_USERNAME') }}"
rdoproject_password: "{{ lookup('env','RDOPROJECT_PASSWORD') }}"
containers_file: "parsed_containers-{{ lookup('env','RELEASE') }}.txt"
registry_api: "https://trunk.registry.rdoproject.org:8443/oapi/v1/namespaces/tripleo{{ lookup('env', 'RELEASE') }}/imagestreamtags"
image_tag: tripleo-ci-testing
tasks:
- name: Construct dlrn_dir from full_hash (turn xxyyz* into xx/yy/xxyyz*)
set_fact:
dlrn_dir: "{{ full_hash | regex_replace('^(?P<first>.{2})(?P<second>.{2})(?P<third>.+)$', '\\g<first>/\\g<second>/\\g<first>\\g<second>\\g<third>') }}"
- name: Construct the DLRN URL for the promoted hash
set_fact:
dlrn_url: "https://trunk.rdoproject.org/centos7-{{ lookup('env','RELEASE') }}/{{ dlrn_dir }}/versions.csv"
- name: Get the tripleo-common commit in the promoted hash
shell: >
curl {{ dlrn_url }} | grep ',openstack-tripleo-common-[0-9]' | cut -f3 -d','
register: local_release
- name: Set the release_url
set_fact:
release_url: "https://git.openstack.org/cgit/openstack/tripleo-common/plain/container-images/overcloud_containers.yaml.j2?id={{ local_release.stdout }}"
- name: Generate list of containers to push
shell: |
echo -n > {{ containers_file }};
for image in $(curl -fk {{ release_url }} 2>/dev/null | grep -o -P '(?<=name_prefix).*(?=name_suffix)' | sed "s/[{}]//g"); do
echo -n "Checking {{ registry_api }}/centos-binary-$image:{{ image_tag }} ... ";
if curl -fk "{{ registry_api }}/centos-binary-$image:{{ image_tag }}" &>/dev/null; then
echo $image >> {{ containers_file }};
echo "OK";
else
echo "FAIL";
echo "ERROR ========== centos-binary-$image IS NOT BUILT! FIX THIS ASAP! ==========";
fi
done
# fail the script and exit with error if the container list is empty
if [ ! -s {{ containers_file }} ]; then
echo "FAIL";
echo "ERROR =========== container list is empty THIS IS A CRITICAL BUG in the container push playbook";
exit 1
fi
echo "base" >> {{ containers_file }}
echo "openstack-base" >> {{ containers_file }}
- name: run container tagging and always cleanup at the end
block:
- name: Retrieve list of built images
shell: >
cat {{containers_file }}
register: built_images
tags:
- rdoproject_pull
- rdoproject_push
- dockerhub_push
- remove_local_containers
- name: Pull the images from rdoproject registry
docker_image:
name: "trunk.registry.rdoproject.org/{{ rdoproject_namespace }}/centos-binary-{{ item }}"
tag: "{{ full_hash }}"
with_items: "{{ built_images.stdout_lines }}"
retries: 3
tags:
- rdoproject_pull
- name: Login to rdoproject registry
docker_login:
registry_url: "trunk.registry.rdoproject.org"
username: "{{ rdoproject_username }}"
password: "{{ rdoproject_password }}"
reauthorize: "yes"
no_log: "yes"
tags:
- rdoproject_push
- name: Tag images to rdoproject registry with named label
shell: >
docker tag
trunk.registry.rdoproject.org/{{ rdoproject_namespace }}/centos-binary-{{ item }}:{{ full_hash }}
trunk.registry.rdoproject.org/{{ rdoproject_namespace }}/centos-binary-{{ item }}:{{ named_label }}
with_items: "{{ built_images.stdout_lines }}"
tags:
- rdoproject_push
- name: Push images to rdoproject registry with named label
shell: >
docker push trunk.registry.rdoproject.org/{{ rdoproject_namespace }}/centos-binary-{{ item }}:{{ named_label }}
with_items: "{{ built_images.stdout_lines }}"
retries: 3
tags:
- rdoproject_push
- name: Login to dockerhub
docker_login:
registry_url: "docker.io"
username: "{{ dockerhub_username }}"
password: "{{ dockerhub_password }}"
reauthorize: "yes"
no_log: "yes"
tags:
- dockerhub_push
# Nested loop order here is on purpose, so we push first all the images with the full hash, then we tag with the named label.
- name: Tag and push images to docker hub
docker_image:
name: "trunk.registry.rdoproject.org/{{ rdoproject_namespace }}/centos-binary-{{ item[1] }}"
tag: "{{ item[0] }}"
repository: "docker.io/{{ dockerhub_namespace}}/centos-binary-{{ item[1] }}"
push: yes
with_nested:
- ["{{ full_hash }}", "{{ named_label }}"]
- "{{ built_images.stdout_lines }}"
retries: 3
tags:
- dockerhub_push
- name: Check if dockerhub has all images
shell: |
tag={{ full_hash }}
for image in $(cat {{containers_file }})
do
if curl --silent -fk -lSL "https://index.docker.io/v1/repositories/{{ dockerhub_namespace}}/centos-binary-${image}/tags/${tag}" 1>/dev/null;
then
echo "$image OK";
else
echo "$image ERROR";
fi
done
register: command_result
failed_when: "'ERROR' in command_result.stdout or command_result.rc != 0"
retries: 1
tags:
- dockerhub_push
always:
- name: Delete the local images from rdoproject registry
docker_image:
name: "trunk.registry.rdoproject.org/{{ rdoproject_namespace }}/centos-binary-{{ item[0] }}"
tag: "{{ item[1] }}"
state: absent
force: yes
with_nested:
- "{{ built_images.stdout_lines }}"
- ["{{ full_hash }}", "{{ named_label }}"]
retries: 3
ignore_errors: yes
tags:
- remove_local_containers
- name: Delete the local images from docker hub
docker_image:
name: "docker.io/{{ dockerhub_namespace }}/centos-binary-{{ item[0] }}"
tag: "{{ item[1] }}"
state: absent
force: yes
with_nested:
- "{{ built_images.stdout_lines }}"
- ["{{ full_hash }}", "{{ named_label }}"]
retries: 3
ignore_errors: yes
tags:
- remove_local_containers