Page Menu
Home
Software Heritage
Search
Configure Global Search
Log In
Files
F8393541
registry.pp
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
5 KB
Subscribers
None
registry.pp
View Options
# == Class: docker
#
# Module to configure private docker registries from which to pull Docker images
# If the registry does not require authentication, this module is not required.
#
# === Parameters
# [*server*]
# The hostname and port of the private Docker registry. Ex: dockerreg:5000
#
# [*ensure*]
# Whether or not you want to login or logout of a repository
#
# [*username*]
# Username for authentication to private Docker registry.
# auth is not required.
#
# [*password*]
# Password for authentication to private Docker registry. Leave undef if
# auth is not required.
#
# [*pass_hash*]
# The hash to be used for receipt. If left as undef, a hash will be generated
#
# [*email*]
# Email for registration to private Docker registry. Leave undef if
# auth is not required.
#
# [*local_user*]
# The local user to log in as. Docker will store credentials in this
# users home directory
#
# [*receipt*]
# Required to be true for idempotency
#
define
docker
::
registry
(
Optional
[
String
]
$server
=
$title,
Optional
[
Pattern
[
/
^
present
$|^absent$/]]
$ensure
=
'present'
,
Optional
[
String
]
$username
=
undef
,
Optional
[
String
]
$password
=
undef
,
Optional
[
String
]
$pass_hash
=
undef
,
Optional
[
String
]
$email
=
undef
,
Optional
[
String
]
$local_user
=
'root'
,
Optional
[
String
]
$version
=
$docker::version,
Optional
[
Boolean
]
$receipt
=
true
,
)
{
include
docker
::
params
$docker_command
=
$docker::params::docker_command
if
$::osfamily
==
'windows'
{
$exec_environment
=
[
"PATH=${::docker_program_files_path}/Docker/"
]
$exec_timeout
=
3000
$exec_path
=
[
"${::docker_program_files_path}/Docker/"
]
$exec_provider
=
'powershell'
$password_env
=
'$env:password'
$exec_user
=
undef
}
else
{
$exec_environment
=
[]
$exec_path
=
[
'/bin'
,
'/usr/bin'
]
$exec_timeout
=
0
$exec_provider
=
undef
$password_env
=
"\${password}"
$exec_user
=
$local_user
$local_user_home
=
$facts['docker_home_dirs']
[
$local_user
]
}
if
$ensure
==
'present'
{
if
$username
!=
undef
and
$password
!=
undef
and
$email
!=
undef
and
$version
!=
undef
and
$version
=~
/
1
[
.
][
1
-
9
]
0
?/
{
$auth_cmd
=
"${docker_command} login -u '${username}' -p \"
${password_env}\"
-
e
'${email}'
${server}"
$auth_environment
=
"password=${password}"
}
elsif
$username
!=
undef
and
$password
!=
undef
{
$auth_cmd
=
"${docker_command} login -u '${username}' -p \"
${password_env}\"
${server}"
$auth_environment
=
"password=${password}"
}
else
{
$auth_cmd
=
"${docker_command} login ${server}"
$auth_environment
=
''
}
}
else
{
$auth_cmd
=
"${docker_command} logout ${server}"
$auth_environment
=
''
}
$docker_auth
=
"${title}${auth_environment}${auth_cmd}${local_user}"
if
$auth_environment
!=
''
{
$exec_env
=
concat
(
$exec_environment,
$auth_environment,
"docker_auth=${docker_auth}"
)
}
else
{
$exec_env
=
concat
(
$exec_environment,
"docker_auth=${docker_auth}"
)
}
if
$receipt
{
if
$::osfamily
!=
'windows'
{
# server may be an URI, which can contain /
$server_strip
=
regsubst
(
$server,
'/'
,
'_'
,
'G'
)
# no - with pw_hash
$local_user_strip
=
regsubst
(
$local_user,
'[-_]'
,
''
,
'G'
)
$_pass_hash
=
$pass_hash
?
{
Undef
=>
pw_hash
(
$docker_auth,
'SHA-512'
,
$local_user_strip),
default
=>
$pass_hash
}
$_auth_command
=
"${auth_cmd} || rm -f \"
/
${local_user_home}/registry-auth-puppet_receipt_${server_strip}_${local_user}\""
file
{
"/${local_user_home}/registry-auth-puppet_receipt_${server_strip}_${local_user}"
:
ensure
=>
$ensure,
content
=>
$_pass_hash,
owner
=>
$local_user,
group
=>
$local_user,
notify
=>
Exec
[
"${title} auth"
],
}
}
else
{
# server may be an URI, which can contain /
$server_strip
=
regsubst
(
$server,
'[/:]'
,
'_'
,
'G'
)
$passfile
=
"${::docker_user_temp_path}/registry-auth-puppet_receipt_${server_strip}_${local_user}"
# lint:ignore:140chars
$_auth_command
=
"if (-not (${auth_cmd})) { Remove-Item -Path ${passfile} -Force -Recurse -EA SilentlyContinue; exit 0 } else { exit 0 }"
# lint:endignore
if
$ensure
==
'absent'
{
file
{
$passfile:
ensure
=>
$ensure,
notify
=>
Exec
[
"${title} auth"
],
}
}
elsif
$ensure
==
'present'
{
exec
{
'compute-hash'
:
command
=>
template
(
'docker/windows/compute_hash.ps1.erb'
),
environment
=>
$exec_env,
provider
=>
$exec_provider,
logoutput
=>
true
,
unless
=>
template
(
'docker/windows/check_hash.ps1.erb'
),
notify
=>
Exec
[
"${title} auth"
],
}
}
}
}
else
{
$_auth_command
=
$auth_cmd
}
exec
{
"${title} auth"
:
environment
=>
$exec_env,
command
=>
$_auth_command,
user
=>
$exec_user,
path
=>
$exec_path,
timeout
=>
$exec_timeout,
provider
=>
$exec_provider,
refreshonly
=>
$receipt,
}
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Wed, Jun 4, 7:14 PM (5 d, 56 m ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3357415
Attached To
R205 puppet-puppetlabs-docker
Event Timeline
Log In to Comment