summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-02-24 10:03:50 +0100
committerGitHub <noreply@github.com>2024-02-24 10:03:50 +0100
commit88911dbdf78ea1d82dde08eff19f9f3eed7448dd (patch)
tree49ce298230be3dfb53449cb65037b78ded92329a
parent9086748f7a3f83482f5c39ca2d611ec22b329296 (diff)
parentfcebadea51c1df88553e608a0866a6f2a1dcaa2b (diff)
downloadvyos-1x-88911dbdf78ea1d82dde08eff19f9f3eed7448dd.tar.gz
vyos-1x-88911dbdf78ea1d82dde08eff19f9f3eed7448dd.zip
Merge pull request #3045 from vyos/mergify/bp/sagitta/pr-3044
container: T5909: move registry login to op-mode (backport #3044)
-rwxr-xr-xsrc/conf_mode/container.py23
-rwxr-xr-xsrc/op_mode/container.py28
2 files changed, 28 insertions, 23 deletions
diff --git a/src/conf_mode/container.py b/src/conf_mode/container.py
index 321d00abf..e967bee71 100755
--- a/src/conf_mode/container.py
+++ b/src/conf_mode/container.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2021-2023 VyOS maintainers and contributors
+# Copyright (C) 2021-2024 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -32,7 +32,6 @@ from vyos.utils.file import write_file
from vyos.utils.process import call
from vyos.utils.process import cmd
from vyos.utils.process import run
-from vyos.utils.process import rc_cmd
from vyos.template import bracketize_ipv6
from vyos.template import inc_ip
from vyos.template import is_ipv4
@@ -251,7 +250,7 @@ def verify(container):
if 'authentication' not in registry_config:
continue
if not {'username', 'password'} <= set(registry_config['authentication']):
- raise ConfigError('If registry username or or password is defined, so must be the other!')
+ raise ConfigError('Container registry requires both username and password to be set!')
return None
@@ -401,24 +400,6 @@ def generate(container):
write_file(f'/etc/containers/networks/{network}.json', json_write(tmp, indent=2))
- if 'registry' in container:
- cmd = f'podman logout --all'
- rc, out = rc_cmd(cmd)
- if rc != 0:
- raise ConfigError(out)
-
- for registry, registry_config in container['registry'].items():
- if 'disable' in registry_config:
- continue
- if 'authentication' in registry_config:
- if {'username', 'password'} <= set(registry_config['authentication']):
- username = registry_config['authentication']['username']
- password = registry_config['authentication']['password']
- cmd = f'podman login --username {username} --password {password} {registry}'
- rc, out = rc_cmd(cmd)
- if rc != 0:
- raise ConfigError(out)
-
render(config_containers, 'container/containers.conf.j2', container)
render(config_registry, 'container/registries.conf.j2', container)
render(config_storage, 'container/storage.conf.j2', container)
diff --git a/src/op_mode/container.py b/src/op_mode/container.py
index 5a022d0c0..385843b37 100755
--- a/src/op_mode/container.py
+++ b/src/op_mode/container.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2022 VyOS maintainers and contributors
+# Copyright (C) 2022-2024 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -20,6 +20,8 @@ import sys
from sys import exit
from vyos.utils.process import cmd
+from vyos.utils.process import call
+from vyos.utils.process import rc_cmd
import vyos.opmode
@@ -36,12 +38,34 @@ def _get_raw_data(command: str) -> list:
return data
def add_image(name: str):
- from vyos.utils.process import rc_cmd
+ """ Pull image from container registry. If registry authentication
+ is defined within VyOS CLI, credentials are used to login befroe pull """
+ from vyos.configquery import ConfigTreeQuery
+
+ conf = ConfigTreeQuery()
+ container = conf.get_config_dict(['container', 'registry'])
+
+ do_logout = False
+ if 'registry' in container:
+ for registry, registry_config in container['registry'].items():
+ if 'disable' in registry_config:
+ continue
+ if 'authentication' in registry_config:
+ do_logout = True
+ if {'username', 'password'} <= set(registry_config['authentication']):
+ username = registry_config['authentication']['username']
+ password = registry_config['authentication']['password']
+ cmd = f'podman login --username {username} --password {password} {registry}'
+ rc, out = rc_cmd(cmd)
+ if rc != 0: raise vyos.opmode.InternalError(out)
rc, output = rc_cmd(f'podman image pull {name}')
if rc != 0:
raise vyos.opmode.InternalError(output)
+ if do_logout:
+ rc_cmd('podman logout --all')
+
def delete_image(name: str):
from vyos.utils.process import rc_cmd