Rename manage-container-images and document it.

This commit renames the manage-container-images role
to push-container-registry. It also adds some doc
to describe what the role is used for.

Signed-off-by: Clement Verna <cverna@tutanota.com>

playbooks/groups/bodhi-backend.yml

@@ -64,7 +64,7 @@
     service: bodhi
     host: "bodhi.stg.fedoraproject.org"
     when: env == "staging"
-  - role: manage-container-images
+  - role: push-container-registry
     cert_dest_dir: "/etc/docker/certs.d/registry{{ env_suffix }}.fedoraproject.org"
     cert_src: "{{private}}/files/docker-registry/{{env}}/pki/issued/containerstable.crt"
     key_src: "{{private}}/files/docker-registry/{{env}}/pki/private/containerstable.key"

playbooks/groups/osbs-cluster.yml

@@ -295,13 +295,6 @@
         candidate_registry_osbs_password: "{{candidate_registry_osbs_prod_password}}",
       when: env == "production"
     }
-    - {
-      role: "manage-container-images",
-        cert_dest_dir: "/etc/docker/certs.d/candidate-registry{{ env_suffix }}.fedoraproject.org",
-        cert_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.pem",
-        key_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.key",
-      when: env == "staging"
-    }
 
 
   handlers:

playbooks/groups/releng-compose.yml

@@ -54,14 +54,14 @@
     tags:
     - releng
   - {
-    role: "manage-container-images",
+    role: "push-container-registry",
       cert_dest_dir: "/etc/docker/certs.d/registry.stg.fedoraproject.org",
       cert_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.pem",
       key_src: "{{private}}/files/docker-registry/{{env}}/docker-registry-internal.key",
     when: env == "staging"
   }
   - {
-    role: "manage-container-images",
+    role: "push-container-registry",
       cert_dest_dir: "/etc/docker/certs.d/registry.fedoraproject.org",
       cert_src: "{{private}}/files/docker-registry/{{env}}/pki/issued/containerstable.crt",
       key_src: "{{private}}/files/docker-registry/{{env}}/pki/private/containerstable.key",

roles/manage-container-images/defaults/main.yml

@@ -1,5 +0,0 @@
----
-# defaults file for manage-container-images
-#
-
-certs_group: "releng-team"

roles/push-container-registry/defaults/main.yml

@@ -0,0 +1,5 @@
+---
+# defaults file for push-container-registry role
+#
+
+certs_group: "releng-team"

roles/push-container-registry/tasks/main.yml

@@ -1,6 +1,10 @@
 ---
-# tasks file for push-docker
+# tasks file for push-container-registry
-#
+# This role install skopeo and the certificates
+# needed to push container images to our production registry.
+# Note : push to the candidate-registry is done using docker login
+# see the push-docker role.
+
 - name: install necessary packages
   package:
     name: "{{item}}"
@@ -8,16 +12,16 @@
   with_items:
     - skopeo
   tags:
-  - manage-container-images
+  - push-container-registry
 
 - name: ensure cert dir exists
   file:
     path: "{{cert_dest_dir}}"
     state: directory
   tags:
-  - manage-container-images
+  - push-container-registry
 
-- name: install docker client cert for registry
+- name: install client cert for registry
   copy:
     src: "{{cert_src}}"
     dest: "{{cert_dest_dir}}/client.cert"
@@ -25,13 +29,13 @@
     group: "{{ certs_group }}"
     mode: 0640
   tags:
-  - manage-container-images
+  - push-container-registry
 
-- name: install docker client key for registry
+- name: install client key for registry
   copy:
     src: "{{key_src}}"
     dest: "{{cert_dest_dir}}/client.key"
     group: "{{ certs_group }}"
     mode: 0640
   tags:
-  - manage-container-images
+  - push-container-registry