-
Notifications
You must be signed in to change notification settings - Fork 1
/
mirror.yml
69 lines (59 loc) · 2.21 KB
/
mirror.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
# https://docs.openshift.com/container-platform/4.2/installing/installing_restricted_networks/installing-restricted-networks-preparations.html
---
- hosts: localhost
connection: local
gather_facts: false
vars:
product_repo: openshift-release-dev # Do not change
release_name: ocp-release # Do not change
ocp_release: 4.2.20-x86_64
local_registry: ocp4-registry.ocp.ltsai.com:5000
local_repository: ocp4/openshift
local_registry_insecure: true
#registry_auth:
# auths:
# my-registry:5000:
# auth: XXX
# registry.redhat.io:
# auth: XXX
# quay.io:
# auth: XXX
vars_files:
- vault.yml
tasks:
- name: Mirror OpenShift repository
block:
- name: Create a temporarily directory
tempfile:
state: directory
suffix: openshift
register: tempfile_1
- name: Save credential json file
copy:
content: "{{ registry_auth }}"
dest: "{{ tempfile_1.path }}/cred.json"
- name: "Mirror OpenShift {{ocp_release}} to {{local_registry}}/{{local_repository}}"
shell: >
oc adm -a {{ tempfile_1.path }}/cred.json release mirror
--from=quay.io/{{product_repo}}/{{release_name}}:{{ocp_release}}
--to={{local_registry}}/{{local_repository}}
--to-release-image={{local_registry}}/{{local_repository}}:{{ocp_release}}
--insecure={{local_registry_insecure| default(false) }} 2>&1
register: output
- name: Write out oc output to /tmp/oc.output.txt
copy:
content: "{{output.stdout}}"
dest: /tmp/oc.output.txt
- name: Extract openshift-install to /tmp/openshift-install
command: |
oc adm -a {{ tempfile_1.path }}/cred.json release extract
--command=openshift-install {{local_registry}}/{{local_repository}}:{{ocp_release}}
--insecure={{local_registry_insecure| default(false) }}
args:
chdir: /tmp
always:
- name: Clean up temporarily directory
file:
path: "{{ tempfile_1.path }}"
state: absent
when: tempfile_1 is defined