blob: 318969885032493207664c3c216b4d1ba1ce8513 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
---
- name: Assert that S3 variables are provided for registry_config template
assert:
that:
- openshift.hosted.registry.storage.s3.bucket | default(none) is not none
- openshift.hosted.registry.storage.s3.region | default(none) is not none
msg: |
When using S3 storage, the following variables are required:
openshift_hosted_registry_storage_s3_bucket
openshift_hosted_registry_storage_s3_region
- name: If cloudfront is being used, assert that we have all the required variables
assert:
that:
- "openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile | default(none) is not none"
- "openshift_hosted_registry_storage_s3_cloudfront_keypairid | default(none) is not none"
msg: |
When openshift_hosted_registry_storage_s3_cloudfront_baseurl is provided
openshift_hosted_registry_storage_s3_cloudfront_keypairid and
openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile are required
when: openshift_hosted_registry_storage_s3_cloudfront_baseurl is defined
# Inject the cloudfront private key as a secret when required
- block:
- name: Create registry secret for cloudfront
oc_secret:
state: present
namespace: "{{ openshift_hosted_registry_namespace }}"
name: docker-registry-s3-cloudfront
contents:
- path: cloudfront.pem
data: "{{ lookup('file', openshift_hosted_registry_storage_s3_cloudfront_privatekeyfile) }}"
- name: Append cloudfront secret registry volume to openshift_hosted_registry_volumes
set_fact:
openshift_hosted_registry_volumes: "{{ openshift_hosted_registry_volumes | union(s3_volume_mount) }}"
vars:
s3_volume_mount:
- name: cloudfront-vol
path: /etc/origin
type: secret
secret_name: docker-registry-s3-cloudfront
when: openshift_hosted_registry_storage_s3_cloudfront_baseurl | default(none) is not none
|