From faebc9aa12377d45ff1427cf44864951ad042a3a Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Sun, 6 Dec 2020 13:35:42 +0100 Subject: [PATCH] add options to enable dockerhub auth --- defaults/main.yml | 21 +++++++++++++++++++ molecule/centos7/converge.yml | 12 +++++++++++ molecule/requirements.yml | 3 +-- .../droneci_autoscaler_compose.yml.j2 | 8 ++++--- templates/services/userdata.yml.j2 | 14 ++++++++++++- vars/main.yml | 3 +++ 6 files changed, 55 insertions(+), 6 deletions(-) create mode 100644 vars/main.yml diff --git a/defaults/main.yml b/defaults/main.yml index e899edc..3773b2f 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -50,6 +50,18 @@ droneci_autoscaler_agent_architecture: amd64 droneci_autoscaler_agent_volumes: [] droneci_autoscaler_agent_package_upgrade: False +# @var droneci_autoscaler_docker_auth_config:description: Docker registries auth config file (config.json). +# @var droneci_autoscaler_docker_auth_config: > +# droneci_autoscaler_docker_auth_config: | +# { +# "auths": { +# "https://index.docker.io/v1/": { +# "auth": "abc...xy=" +# } +# } +# } +# @end + droneci_autoscaler_instances: [] # @var droneci_autoscaler_instances:example: > # droneci_autoscaler_instances: @@ -60,6 +72,14 @@ droneci_autoscaler_instances: [] # agent_architecture: amd64 # sshkey: "dummy" # api_host: "drone-amd64.example.com" +# docker_auth_config: | +# { +# "auths": { +# "https://index.docker.io/v1/": { +# "auth": "abc...xy=" +# } +# } +# } # provider_config: # - name: DRONE_HETZNERCLOUD_DATACENTER # value: fsn1-dc14 @@ -78,6 +98,7 @@ droneci_autoscaler_instances: [] droneci_autoscaler_runner_volumes: [] droneci_autoscaler_runner_privileged: [] +droneci_autoscaler_runner_env_file: /etc/drone.conf # @var droneci_autoscaler_volumes:description: > # Define required docker volumes. If you don't use sqlite you could remove the default volume. diff --git a/molecule/centos7/converge.yml b/molecule/centos7/converge.yml index 39f3b79..b8db6dd 100644 --- a/molecule/centos7/converge.yml +++ b/molecule/centos7/converge.yml @@ -11,6 +11,18 @@ dockerengine_networks: - name: droneci_default droneci_autoscaler_service_stopped: True + droneci_autoscaler_docker_auth_config: | + { + "auths": { + "https://index.docker.io/v1/": { + "auth": "abc...xy=" + } + } + } + droneci_autoscaler_agent_volumes: + - "/root/.docker/config.json:/root/.docker/config.json" + droneci_autoscaler_agent_environ: + - "DRONE_DOCKER_CONFIG=/root/.docker/config.json" droneci_autoscaler_instances: - name: scaler_amd64 pool_max: 50 diff --git a/molecule/requirements.yml b/molecule/requirements.yml index 7bb838c..dad353e 100644 --- a/molecule/requirements.yml +++ b/molecule/requirements.yml @@ -2,8 +2,7 @@ collections: - name: https://gitea.rknet.org/ansible/xoxys.general/releases/download/v1.2.0/xoxys-general-1.2.0.tar.gz - name: community.general - -roles: [] - name: community.crypto + - name: community.crypto roles: - src: https://gitea.rknet.org/ansible/xoxys.docker_engine.git diff --git a/templates/services/droneci_autoscaler_compose.yml.j2 b/templates/services/droneci_autoscaler_compose.yml.j2 index a59152b..191e05a 100644 --- a/templates/services/droneci_autoscaler_compose.yml.j2 +++ b/templates/services/droneci_autoscaler_compose.yml.j2 @@ -50,13 +50,15 @@ services: {% if inst.agent_volumes | default(droneci_autoscaler_agent_volumes) | default(False) %} - DRONE_AGENT_VOLUMES={{ inst.agent_volumes | default(droneci_autoscaler_agent_volumes) | join(",") }} {% endif %} + {% if inst.agent_environ | default(droneci_autoscaler_agent_environ) | default(False) %} + - DRONE_AGENT_ENVIRON={{ inst.agent_environ | default(droneci_autoscaler_agent_environ) | join(",") }} + {% endif %} {% if inst.api_host is defined %} - DRONE_HTTP_HOST={{ inst.api_host }} {% endif %} - {% if inst.runner_volumes | default(droneci_autoscaler_runner_volumes) | default(False) %} - - DRONE_RUNNER_VOLUMES={{ inst.runner_volumes | default(droneci_autoscaler_runner_volumes) | join(",") }} - {% endif %} + - DRONE_RUNNER_VOLUMES={{ (__droneci_autoscaler_runner_volumes + (inst.runner_volumes | default(droneci_autoscaler_runner_volumes))) | join(",") }} - DRONE_RUNNER_PRIVILEGED_IMAGES={{ inst.runner_privileged | default(droneci_autoscaler_runner_privileged) | join(",") }} + - DRONE_RUNNER_ENV_FILE={{ inst.runner_env_file | default(droneci_autoscaler_runner_env_file) }} - DRONE_GC_ENABLED={{ (inst.gc_enabled | default(droneci_autoscaler_gc_enabled)) | bool | lower }} - DRONE_GC_DEBUG=false - DRONE_REAPER_ENABLED=true diff --git a/templates/services/userdata.yml.j2 b/templates/services/userdata.yml.j2 index c0ac30f..e761719 100644 --- a/templates/services/userdata.yml.j2 +++ b/templates/services/userdata.yml.j2 @@ -8,7 +8,7 @@ package_upgrade: {{ droneci_autoscaler_agent_package_upgrade | bool | lower }} bootcmd: - [ dpkg, --add-architecture, armhf ] -{% endif %} +{%- endif %} apt: sources: @@ -47,6 +47,18 @@ write_files: "tlscert": "/etc/docker/server-cert.pem", "tlskey": "/etc/docker/server-key.pem" } + {% if inst.docker_auth_config | default(droneci_autoscaler_docker_auth_config) is defined %} + + - path: /root/.docker/config.json + content: | + {{ inst.docker_auth_config | default(droneci_autoscaler_docker_auth_config) | indent(width=6, indentfirst=False) }} + {%- endif %} + + - path: /etc/drone.conf + content: | + {% if inst.docker_auth_config | default(droneci_autoscaler_docker_auth_config) is defined %} + PLUGIN_CONFIG={{ inst.docker_auth_config | default(droneci_autoscaler_docker_auth_config) | regex_replace("\s+", " ") }} + {%- endif %} - path: /etc/docker/ca.pem encoding: b64 diff --git a/vars/main.yml b/vars/main.yml new file mode 100644 index 0000000..7829b50 --- /dev/null +++ b/vars/main.yml @@ -0,0 +1,3 @@ +--- +__droneci_autoscaler_runner_volumes: + - "/etc/drone.conf:/etc/drone.conf"