Skip to content

Commit

Permalink
Merge pull request #2517 from amazeeio/openshift_private_registry_fix
Browse files Browse the repository at this point in the history
Backporting private docker registry fixes from #2516 to master branch
  • Loading branch information
Toby Bellwood authored Feb 23, 2021
2 parents 35140c2 + 28b9fef commit 3055c6c
Show file tree
Hide file tree
Showing 2 changed files with 45 additions and 1 deletion.
37 changes: 36 additions & 1 deletion images/kubectl-build-deploy-dind/build-deploy-docker-compose.sh
Original file line number Diff line number Diff line change
Expand Up @@ -1442,7 +1442,42 @@ elif [ "$BUILD_TYPE" == "pullrequest" ] || [ "$BUILD_TYPE" == "branch" ]; then
for IMAGE_NAME in "${!IMAGES_PULL[@]}"
do
PULL_IMAGE="${IMAGES_PULL[${IMAGE_NAME}]}"
. /kubectl-build-deploy/scripts/exec-kubernetes-copy-to-registry.sh
# Try to handle private registries first
if [ $PRIVATE_REGISTRY_COUNTER -gt 0]; then
if [ $PRIVATE_EXTERNAL_REGISTRY ]; then
EXTERNAL_REGISTRY=0
for EXTERNAL_REGISTRY_URL in "${PRIVATE_REGISTRY_URLS[@]}"
do
# strip off "http://" or "https://" from registry url if present
bare_url = "${EXTERNAL_REGISTRY_URL#http://}"
bare_url = "${EXTERNAL_REGISTRY_URL#https://}"

# Test registry to see if image is from an external registry or just private docker hub
case $bare_url in
"$PULL_IMAGE"*)
EXTERNAL_REGISTRY=1
;;
esac
done

# If this image is hosted in an external registry, pull it from there
if [ $EXTERNAL_REGISTRY -eq 1 ]; then
skopeo copy --dest-tls-verify=false docker://${PULL_IMAGE} docker://${REGISTRY}/${PROJECT}/${ENVIRONMENT}/${IMAGE_NAME}:${IMAGE_TAG:-latest}
# If this image is not from an external registry, but docker hub creds were supplied, pull it straight from Docker Hub
elif [ $PRIVATE_DOCKER_HUB_REGISTRY -eq 1 ]; then
skopeo copy --dest-tls-verify=false docker://${PULL_IMAGE} docker://${REGISTRY}/${PROJECT}/${ENVIRONMENT}/${IMAGE_NAME}:${IMAGE_TAG:-latest}
# If image not from an external registry and no docker hub creds were supplied, pull image from the imagecache
else
skopeo copy --dest-tls-verify=false docker://${IMAGECACHE_REGISTRY}/${PULL_IMAGE} docker://${REGISTRY}/${PROJECT}/${ENVIRONMENT}/${IMAGE_NAME}:${IMAGE_TAG:-latest}
fi
# If the private registry counter is 1 and no external registry was listed, we know a private docker hub was specified
else
skopeo copy --dest-tls-verify=false docker://${PULL_IMAGE} docker://${REGISTRY}/${PROJECT}/${ENVIRONMENT}/${IMAGE_NAME}:${IMAGE_TAG:-latest}
fi
# If no private registries, use the imagecache
else
skopeo copy --dest-tls-verify=false docker://${IMAGECACHE_REGISTRY}/${PULL_IMAGE} docker://${REGISTRY}/${PROJECT}/${ENVIRONMENT}/${IMAGE_NAME}:${IMAGE_TAG:-latest}
fi

IMAGE_HASHES[${IMAGE_NAME}]=$(skopeo inspect docker://${REGISTRY}/${PROJECT}/${ENVIRONMENT}/${IMAGE_NAME}:${IMAGE_TAG:-latest} --tls-verify=false | jq ".Name + \"@\" + .Digest" -r)
done
Expand Down
9 changes: 9 additions & 0 deletions images/kubectl-build-deploy-dind/build-deploy.sh
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,11 @@ fi

REGISTRY_SECRETS=()
PRIVATE_REGISTRY_COUNTER=0
PRIVATE_REGISTRY_URLS=()
PRIVATE_REGISTRY_USERNAMES=()
PRIVATE_REGISTRY_PASSWORDS=()
PRIVATE_DOCKER_HUB_REGISTRY=0
PRIVATE_EXTERNAL_REGISTRY=0

set +x

Expand Down Expand Up @@ -115,12 +120,16 @@ do
docker login --username $PRIVATE_CONTAINER_REGISTRY_USERNAME --password $PRIVATE_REGISTRY_CREDENTIAL $PRIVATE_CONTAINER_REGISTRY_URL
kubectl create secret docker-registry "lagoon-private-registry-${PRIVATE_REGISTRY_COUNTER}-secret" --docker-server=$PRIVATE_CONTAINER_REGISTRY_URL --docker-username=$PRIVATE_CONTAINER_REGISTRY_USERNAME --docker-password=$PRIVATE_REGISTRY_CREDENTIAL --dry-run -o yaml | kubectl apply -f -
REGISTRY_SECRETS+=("lagoon-private-registry-${PRIVATE_REGISTRY_COUNTER}-secret")
PRIVATE_REGISTRY_URLS+=($PRIVATE_CONTAINER_REGISTRY_URL)
PRIVATE_EXTERNAL_REGISTRY=1
let ++PRIVATE_REGISTRY_COUNTER
else
echo "Attempting to log in to docker hub with user $PRIVATE_CONTAINER_REGISTRY_USERNAME - $PRIVATE_CONTAINER_REGISTRY_PASSWORD"
docker login --username $PRIVATE_CONTAINER_REGISTRY_USERNAME --password $PRIVATE_REGISTRY_CREDENTIAL
kubectl create secret docker-registry "lagoon-private-registry-${PRIVATE_REGISTRY_COUNTER}-secret" --docker-server="https://index.docker.io/v1/" --docker-username=$PRIVATE_CONTAINER_REGISTRY_USERNAME --docker-password=$PRIVATE_REGISTRY_CREDENTIAL --dry-run -o yaml | kubectl apply -f -
REGISTRY_SECRETS+=("lagoon-private-registry-${PRIVATE_REGISTRY_COUNTER}-secret")
PRIVATE_REGISTRY_URLS+=("")
PRIVATE_DOCKER_HUB_REGISTRY=1
let ++PRIVATE_REGISTRY_COUNTER
fi
fi
Expand Down

0 comments on commit 3055c6c

Please sign in to comment.