Add manage-container-images role to bodhi backend for container updates

Signed-off-by: Clement Verna <cverna@tutanota.com>
2018-07-05 15:14:27 +02:00 · 2018-07-05 15:14:27 +02:00 · 295d60b87c
commit 295d60b87c
parent e135cd7183
3 changed files with 12 additions and 2 deletions
--- a/playbooks/groups/bodhi-backend.yml
+++ b/playbooks/groups/bodhi-backend.yml
@ -68,6 +68,11 @@
    service: bodhi
    host: "bodhi.stg.fedoraproject.org"
    when: env == "staging"
+  - role: manage-container-images
+    cert_dest_dir: "/etc/docker/certs.d/registry{{ env_suffix }}.fedoraproject.org"
+    cert_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.pem"
+    key_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.key"
+    certs_group: apache


  tasks:
--- a/roles/manage-container-images/defaults/main.yml
+++ b/roles/manage-container-images/defaults/main.yml
@ -0,0 +1,5 @@
+---
+# defaults file for manage-container-images
+#
+
+certs_group: "releng-team"
--- a/roles/manage-container-images/tasks/main.yml
+++ b/roles/manage-container-images/tasks/main.yml
@ -18,12 +18,12 @@
    src: "{{cert_src}}"
    dest: "{{cert_dest_dir}}/client.cert"
    owner: root
-    group: "releng-team"
+    group: "{{ certs_group }}"
    mode: 0640

 - name: install docker client key for registry
  copy:
    src: "{{key_src}}"
    dest: "{{cert_dest_dir}}/client.key"
-    group: "releng-team"
+    group: "{{ certs_group }}"
    mode: 0640