Initial commit

2025-07-28 15:41:22 -07:00 · 2020-03-09 09:11:07 +00:00 · 2020-03-09 09:11:07 +00:00 · aebc1b03fd
commit aebc1b03fd
4861 changed files with 812621 additions and 0 deletions
--- a/tests/integration/targets/setup_docker_registry/aliases
+++ b/tests/integration/targets/setup_docker_registry/aliases
@ -0,0 +1,2 @@
+needs/target/setup_docker
+needs/target/setup_openssl
--- a/tests/integration/targets/setup_docker_registry/files/nginx.conf
+++ b/tests/integration/targets/setup_docker_registry/files/nginx.conf
@ -0,0 +1,46 @@
+events {
+    worker_connections 16;
+}
+
+http {
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    error_log /dev/stdout info;
+    access_log /dev/stdout;
+
+    server {
+        listen *:5000 ssl;
+        server_name test-registry.ansible.com;
+        server_name_in_redirect on;
+
+        ssl_protocols TLSv1.2;
+        ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256';
+        ssl_ecdh_curve X25519:secp521r1:secp384r1;
+        ssl_prefer_server_ciphers on;
+        ssl_certificate /etc/nginx/cert.pem;
+        ssl_certificate_key /etc/nginx/cert.key;
+
+        location / {
+            return 401;
+        }
+
+        location /v2/ {
+            proxy_pass  http://real-registry:5000;
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+            proxy_set_header Host $http_host;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_set_header X-Forwarded-For $remote_addr;
+            proxy_set_header X-Forwarded-Port $server_port;
+            proxy_set_header X-Request-Start $msec;
+
+            client_max_body_size 0;
+            chunked_transfer_encoding on;
+
+            auth_basic "Ansible Test Docker Registry";
+            auth_basic_user_file /etc/nginx/nginx.htpasswd;
+        }
+    }
+}
--- a/tests/integration/targets/setup_docker_registry/files/nginx.htpasswd
+++ b/tests/integration/targets/setup_docker_registry/files/nginx.htpasswd
@ -0,0 +1 @@
+testuser:{PLAIN}hunter2
--- a/tests/integration/targets/setup_docker_registry/handlers/cleanup.yml
+++ b/tests/integration/targets/setup_docker_registry/handlers/cleanup.yml
@ -0,0 +1,31 @@
+- name: "Make sure all images are removed"
+  docker_image:
+    name: "{{ item }}"
+    state: absent
+  with_items: "{{ inames }}"
+- name: "Get registry logs"
+  command: "docker logs {{ registry_name }}"
+  register: registry_logs
+  no_log: yes
+- name: "Printing registry logs"
+  debug: var=registry_logs.stdout_lines
+- name: "Get nginx logs"
+  command: "docker logs {{ nginx_name }}"
+  register: nginx_logs
+  no_log: yes
+- name: "Printing nginx logs"
+  debug: var=nginx_logs.stdout_lines
+- name: "Make sure all containers are removed"
+  docker_container:
+    name: "{{ item }}"
+    state: absent
+    force_kill: yes
+  with_items: "{{ cnames }}"
+  register: result
+  retries: 3
+  delay: 3
+  until: result is success
+- name: "Make sure all volumes are removed"
+  command: "docker rm -f {{ item }}"
+  with_items: "{{ vnames }}"
+  ignore_errors: yes
--- a/tests/integration/targets/setup_docker_registry/handlers/main.yml
+++ b/tests/integration/targets/setup_docker_registry/handlers/main.yml
@ -0,0 +1,2 @@
+- name: Remove test registry
+  include_tasks: ../handlers/cleanup.yml
--- a/tests/integration/targets/setup_docker_registry/tasks/main.yml
+++ b/tests/integration/targets/setup_docker_registry/tasks/main.yml
@ -0,0 +1,3 @@
+- when: ansible_facts.distribution ~ ansible_facts.distribution_major_version not in ['CentOS6', 'RedHat6']
+  include_tasks:
+    file: setup.yml
--- a/tests/integration/targets/setup_docker_registry/tasks/setup.yml
+++ b/tests/integration/targets/setup_docker_registry/tasks/setup.yml
@ -0,0 +1,99 @@
+- name: Setup OpenSSL
+  include_role:
+    name: setup_openssl
+- name: Register registry cleanup
+  command: 'true'
+  notify: Remove test registry
+- name: Setup Docker
+  include_role:
+    name: setup_docker
+- name: Create random name prefix and test registry name
+  set_fact:
+    name_prefix: '{{ ''ansible-test-%0x'' % ((2**32) | random) }}'
+    registry_name: '{{ ''ansible-test-registry-%0x'' % ((2**32) | random) }}'
+    nginx_name: '{{ ''ansible-test-registry-frontend-%0x'' % ((2**32) | random) }}'
+- name: Create image and container list
+  set_fact:
+    inames: []
+    cnames:
+    - '{{ registry_name }}'
+    - '{{ nginx_name }}'
+    vnames:
+    - '{{ nginx_name }}'
+- debug:
+    msg: Using name prefix {{ name_prefix }} and test registry name {{ registry_name }}
+- block:
+  - name: Start test registry
+    docker_container:
+      name: '{{ registry_name }}'
+      image: registry:2.6.1
+      ports: 5000
+    register: registry_container
+  - name: Get registry URL
+    set_fact:
+      registry_address: localhost:{{ registry_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}
+  - name: Start nginx frontend for registry
+    docker_volume:
+      name: '{{ nginx_name }}'
+      state: present
+  - name: Create container for nginx frontend for registry
+    docker_container:
+      state: stopped
+      name: '{{ nginx_name }}'
+      image: nginx:alpine
+      ports: 5000
+      links:
+      - '{{ registry_name }}:real-registry'
+      volumes:
+      - '{{ nginx_name }}:/etc/nginx/'
+    register: nginx_container
+  - name: Copy static files into volume
+    command: docker cp {{ role_path }}/files/{{ item }} {{ nginx_name }}:/etc/nginx/{{ item }}
+    loop:
+    - nginx.conf
+    - nginx.htpasswd
+  - name: Create private key for frontend certificate
+    community.crypto.openssl_privatekey:
+      path: '{{ output_dir }}/cert.key'
+      type: ECC
+      curve: secp256r1
+  - name: Create CSR for frontend certificate
+    community.crypto.openssl_csr:
+      path: '{{ output_dir }}/cert.csr'
+      privatekey_path: '{{ output_dir }}/cert.key'
+      subject_alt_name:
+      - DNS:test-registry.ansible.com
+  - name: Create frontend certificate
+    community.crypto.openssl_certificate:
+      path: '{{ output_dir }}/cert.pem'
+      csr_path: '{{ output_dir }}/cert.csr'
+      privatekey_path: '{{ output_dir }}/cert.key'
+      provider: selfsigned
+  - name: Copy dynamic files into volume
+    command: docker cp {{ output_dir }}/{{ item }} {{ nginx_name }}:/etc/nginx/{{ item }}
+    loop:
+    - cert.pem
+    - cert.key
+  - name: Start nginx frontend for registry
+    docker_container:
+      name: '{{ nginx_name }}'
+      state: started
+    register: nginx_container
+  - debug: var=nginx_container.container.NetworkSettings
+  - name: Wait for registry frontend
+    uri:
+      url: https://{{ nginx_container.container.NetworkSettings.IPAddress }}:5000/v2/
+      url_username: testuser
+      url_password: hunter2
+      validate_certs: false
+    register: result
+    until: result is success
+    retries: 5
+    delay: 1
+  - name: Get registry URL
+    set_fact:
+      registry_frontend_address: localhost:{{ nginx_container.container.NetworkSettings.Ports['5000/tcp'].0.HostPort }}
+  - debug: msg="Registry available under {{ registry_address }}, NGINX frontend available under {{ registry_frontend_address }}"
+  when: docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')
+- fail: msg="Too old docker / docker-py version to run docker_image tests!"
+  when: not(docker_py_version is version('1.8.0', '>=') and docker_api_version is version('1.20', '>=')) and (ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6)