registry.pp
View Options

	# == Class: docker
	#
	# Module to configure private docker registries from which to pull Docker images
	# If the registry does not require authentication, this module is not required.
	#
	# === Parameters
	# [server]
	# The hostname and port of the private Docker registry. Ex: dockerreg:5000
	#
	# [ensure]
	# Whether or not you want to login or logout of a repository
	#
	# [username]
	# Username for authentication to private Docker registry.
	# auth is not required.
	#
	# [password]
	# Password for authentication to private Docker registry. Leave undef if
	# auth is not required.
	#
	# [pass_hash]
	# The hash to be used for receipt. If left as undef, a hash will be generated
	#
	# [email]
	# Email for registration to private Docker registry. Leave undef if
	# auth is not required.
	#
	# [local_user]
	# The local user to log in as. Docker will store credentials in this
	# users home directory
	#
	# [receipt]
	# Required to be true for idempotency
	#
	define docker::registry(
	Optional[String] $server = $title,
	Optional[Pattern[/^present$\|^absent$/]] $ensure = 'present',
	Optional[String] $username = undef,
	Optional[String] $password = undef,
	Optional[String] $pass_hash = undef,
	Optional[String] $email = undef,
	Optional[String] $local_user = 'root',
	Optional[String] $version = $docker::version,
	Optional[Boolean] $receipt = true,
	) {
	include docker::params

	$docker_command = $docker::params::docker_command

	if $::osfamily == 'windows' {
	$exec_environment = ["PATH=${::docker_program_files_path}/Docker/"]
	$exec_timeout = 3000
	$exec_path = ["${::docker_program_files_path}/Docker/"]
	$exec_provider = 'powershell'
	$password_env = '$env:password'
	$exec_user = undef
	} else {
	$exec_environment = []
	$exec_path = ['/bin', '/usr/bin']
	$exec_timeout = 0
	$exec_provider = undef
	$password_env = "\${password}"
	$exec_user = $local_user
	$local_user_home = $facts['docker_home_dirs'][$local_user]
	}

	if $ensure == 'present' {
	if $username != undef and $password != undef and $email != undef and $version != undef and $version =~ /1[.][1-9]0?/ {
	$auth_cmd = "${docker_command} login -u '${username}' -p \"${password_env}\" -e '${email}' ${server}"
	$auth_environment = "password=${password}"
	}
	elsif $username != undef and $password != undef {
	$auth_cmd = "${docker_command} login -u '${username}' -p \"${password_env}\" ${server}"
	$auth_environment = "password=${password}"
	}
	else {
	$auth_cmd = "${docker_command} login ${server}"
	$auth_environment = ''
	}
	}
	else {
	$auth_cmd = "${docker_command} logout ${server}"
	$auth_environment = ''
	}

	$docker_auth = "${title}${auth_environment}${auth_cmd}${local_user}"

	if $auth_environment != '' {
	$exec_env = concat($exec_environment, $auth_environment, "docker_auth=${docker_auth}")
	} else {
	$exec_env = concat($exec_environment, "docker_auth=${docker_auth}")
	}

	if $receipt {

	if $::osfamily != 'windows' {
	# server may be an URI, which can contain /
	$server_strip = regsubst($server, '/', '_', 'G')

	# no - with pw_hash
	$local_user_strip = regsubst($local_user, '[-_]', '', 'G')

	$_pass_hash = $pass_hash ? {
	Undef => pw_hash($docker_auth, 'SHA-512', $local_user_strip),
	default => $pass_hash
	}
	$_auth_command = "${auth_cmd} \|\| rm -f \"/${local_user_home}/registry-auth-puppet_receipt_${server_strip}_${local_user}\""

	file { "/${local_user_home}/registry-auth-puppet_receipt_${server_strip}_${local_user}":
	ensure => $ensure,
	content => $_pass_hash,
	owner => $local_user,
	group => $local_user,
	notify => Exec["${title} auth"],
	}
	} else {
	# server may be an URI, which can contain /
	$server_strip = regsubst($server, '[/:]', '_', 'G')
	$passfile = "${::docker_user_temp_path}/registry-auth-puppet_receipt_${server_strip}_${local_user}"
	# lint:ignore:140chars
	$_auth_command = "if (-not (${auth_cmd})) { Remove-Item -Path ${passfile} -Force -Recurse -EA SilentlyContinue; exit 0 } else { exit 0 }"
	# lint:endignore

	if $ensure == 'absent' {
	file { $passfile:
	ensure => $ensure,
	notify => Exec["${title} auth"],
	}
	} elsif $ensure == 'present' {
	exec { 'compute-hash':
	command => template('docker/windows/compute_hash.ps1.erb'),
	environment => $exec_env,
	provider => $exec_provider,
	logoutput => true,
	unless => template('docker/windows/check_hash.ps1.erb'),
	notify => Exec["${title} auth"],
	}
	}
	}
	}
	else {
	$_auth_command = $auth_cmd
	}

	exec { "${title} auth":
	environment => $exec_env,
	command => $_auth_command,
	user => $exec_user,
	path => $exec_path,
	timeout => $exec_timeout,
	provider => $exec_provider,
	refreshonly => $receipt,
	}
	}

File Metadata

Mime Type: text/plain
Expires: Wed, Jun 4, 7:14 PM (5 d, 19 h ago)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 3357415

registry.pp
No OneTemporary
Actions

registry.pp
View Options

File Metadata

Event Timeline

registry.ppNo OneTemporaryActions

registry.ppView Options

File Metadata

Event Timeline

registry.pp
No OneTemporary
Actions

registry.pp
View Options