Merge pull request #6094 from mgugino-upstream-stage/syscontainers-docker-login-module

Automatic merge from submit-queue.

Alternative method to create docker registry auth creds

Currently, the command 'docker login' is run when using
oreg with authentication.

On some hosts, such as hosts configured to use system containers,
the docker service is not running.  'docker login' will fail
without the docker service running.

This commit adds a module to idempotently add credentials
to the registry credentials file without the use of
'docker login'

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1511374

1 files changed, 16 insertions, 0 deletions

diff --git a/roles/docker/tasks/registry_auth.yml b/roles/docker/tasks/registry_auth.yml
index d05b7f2b8..2c7bc5711 100644
--- a/roles/docker/tasks/registry_auth.yml
+++ b/roles/docker/tasks/registry_auth.yml
@@ -12,5 +12,21 @@
   delay: 5
   until: openshift_docker_credentials_create_res.rc == 0
   when:
+  - not openshift_docker_alternative_creds | bool
+  - oreg_auth_user is defined
+  - (not docker_cli_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool
+
+# docker_creds is a custom module from lib_utils
+# 'docker login' requires a docker.service running on the local host, this is an
+# alternative implementation for non-docker hosts.  This implementation does not
+# check the registry to determine whether or not the credentials will work.
+- name: Create credentials for docker cli registry auth (alternative)
+  docker_creds:
+    path: "{{ docker_cli_auth_config_path }}"
+    registry: "{{ oreg_host }}"
+    username: "{{ oreg_auth_user }}"
+    password: "{{ oreg_auth_password }}"
+  when:
+  - openshift_docker_alternative_creds | bool
   - oreg_auth_user is defined
   - (not docker_cli_auth_credentials_stat.stat.exists or oreg_auth_credentials_replace) | bool