Skip to content

Commit 0037ae0

Browse files
MaysaMacedoMaysaMacedo
committed
Use mirror-registry tool
1 parent 4308b63 commit 0037ae0

File tree

1 file changed

+6
-16
lines changed

1 file changed

+6
-16
lines changed

ci-operator/step-registry/openstack/provision/mirror/openstack-provision-mirror-commands.sh

+6-16
Original file line numberDiff line numberDiff line change
@@ -99,10 +99,10 @@ if ! retry 60 5 ssh_via_proxy "uname -a"; then
9999
openstack console log show ${server_id}
100100
exit 1
101101
fi
102+
PASSWORD="$(< /var/run/bastionproxy/secret)"
103+
MIRROR_REGISTRY_CREDENTIALS="${CLUSTER_NAME}:${PASSWORD}"
102104

103105
MIRROR_REGISTRY_DNS_NAME="mirror-registry.${CLUSTER_NAME}.${BASE_DOMAIN}"
104-
MIRROR_REGISTRY_CREDENTIALS=$(<"/var/run/vault/mirror-registry/registry_creds")
105-
scp_via_proxy "/var/run/vault/mirror-registry/registry_creds_encrypted_htpasswd" $BASTION_USER@$mirror_ipv4:/tmp/htpasswd
106106

107107
echo "Deploying the mirror registry"
108108
>&2 cat << EOF > $WORK_DIR/deploy_mirror.sh
@@ -112,22 +112,12 @@ sudo mkfs.xfs /dev/vdc
112112
sudo mkdir -p /opt/registry/{auth,certs,data}
113113
sudo mount /dev/vdc /opt/registry/data
114114
sudo openssl req -newkey rsa:4096 -nodes -sha256 -keyout /opt/registry/certs/domain.key -x509 -days 1 -subj "/CN=mirror-$CLUSTER_NAME-${CONFIG_TYPE}" -addext "subjectAltName=DNS:$MIRROR_REGISTRY_DNS_NAME,DNS:mirror-$CLUSTER_NAME-${CONFIG_TYPE}" -out /opt/registry/certs/domain.crt
115-
sudo cp /opt/registry/certs/domain.crt /etc/pki/ca-trust/source/anchors/domain.crt
116-
sudo mv /tmp/htpasswd /opt/registry/auth/htpasswd
115+
sudo cp /opt/registry/certs/domain.crt /etc/pki/ca-trust/source/anchors/domain.crt
117116
sudo update-ca-trust
118117
sudo dnf install -y podman
119-
sudo podman create --name registry -p 5000:5000 --net host \
120-
-e "REGISTRY_AUTH=htpasswd" \
121-
-e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" \
122-
-e "REGISTRY_AUTH_HTPASSWD_REALM='Registry Realm'" \
123-
-v /opt/registry/auth:/auth:Z \
124-
-v /opt/registry/certs:/certs:Z \
125-
-v /opt/registry/data:/var/lib/registry:z \
126-
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt \
127-
-e REGISTRY_HTTP_TLS_KEY=/certs/domain.key \
128-
quay.io/libpod/registry:2.8.2
129-
sudo podman start registry
130-
curl -u "$MIRROR_REGISTRY_CREDENTIALS" --connect-timeout 5 --max-time 10 --retry 5 --retry-delay 0 --retry-max-time 40 https://mirror-$CLUSTER_NAME-${CONFIG_TYPE}:5000/v2/_catalog
118+
curl -L -o mirror-registry.tar.gz https://mirror.openshift.com/pub/cgw/mirror-registry/latest/mirror-registry-amd64.tar.gz --retry 12
119+
tar -xzvf mirror-registry.tar.gz
120+
./mirror-registry install --quayHostname ${MIRROR_REGISTRY_DNS_NAME} --initPassword ${PASSWORD} --initUser ${CLUSTER_NAME} -v
131121
EOF
132122

133123
scp_via_proxy $WORK_DIR/deploy_mirror.sh $BASTION_USER@$mirror_ipv4:/tmp

0 commit comments

Comments
 (0)