diff --git a/ci-operator/step-registry/mirror-images/qe-test-images/mirror-images-qe-test-images-commands.sh b/ci-operator/step-registry/mirror-images/qe-test-images/mirror-images-qe-test-images-commands.sh index 1d29fd0c7d64..15e79366e8db 100755 --- a/ci-operator/step-registry/mirror-images/qe-test-images/mirror-images-qe-test-images-commands.sh +++ b/ci-operator/step-registry/mirror-images/qe-test-images/mirror-images-qe-test-images-commands.sh @@ -8,21 +8,22 @@ trap 'CHILDREN=$(jobs -p); if test -n "${CHILDREN}"; then kill ${CHILDREN} && wa new_pull_secret="${SHARED_DIR}/new_pull_secret" +if [ ! -f "${SHARED_DIR}/mirror_registry_url" ]; then + echo "File ${SHARED_DIR}/mirror_registry_url does not exist, skipping..." + exit 0 +fi # private mirror registry host # : MIRROR_REGISTRY_HOST=`head -n 1 "${SHARED_DIR}/mirror_registry_url"` -if [ ! -f "${SHARED_DIR}/mirror_registry_url" ]; then - echo "File ${SHARED_DIR}/mirror_registry_url does not exist." - exit 1 -fi echo "MIRROR_REGISTRY_HOST: $MIRROR_REGISTRY_HOST" # since ci-operator gives steps KUBECONFIG pointing to cluster under test under some circumstances, # unset KUBECONFIG to ensure this step always interact with the build farm. unset KUBECONFIG -# Create qe test image list -cat < "/tmp/mirror-images-list.yaml" +if [ "${QE_IMAGES}" == "true" ]; then + echo "Create qe test image list" + cat < "/tmp/mirror-images-list.yaml" quay.io/openshifttest/iperf3:latest=MIRROR_REGISTRY_PLACEHOLDER/openshifttest/iperf3:latest quay.io/openshifttest/hello-sdn:1.2.0=MIRROR_REGISTRY_PLACEHOLDER/openshifttest/hello-sdn:1.2.0 quay.io/openshifttest/hello-openshift-fedora:latest=MIRROR_REGISTRY_PLACEHOLDER/openshifttest/hello-openshift-fedora:latest @@ -98,6 +99,18 @@ quay.io/openshifttest/uiauto-operators-index:1.2.0=MIRROR_REGISTRY_PLACEHOLDER/o quay.io/openshifttest/ui-auto-operators:latest=MIRROR_REGISTRY_PLACEHOLDER/openshifttest/ui-auto-operators:latest quay.io/openshifttest/prometheus-example-app:multiarch=MIRROR_REGISTRY_PLACEHOLDER/openshifttest/prometheus-example-app:multiarch EOF + # Creating ICSP for quay.io/openshifttest is in enable-qe-catalogsource-disconnected step + # Set Node CA for Mirror Registry is in enable-qe-catalogsource-disconnected step + sed -i "s/MIRROR_REGISTRY_PLACEHOLDER/${MIRROR_REGISTRY_HOST}/g" "/tmp/mirror-images-list.yaml" +elif [ -f "${SHARED_DIR}/mirror-images-list.yaml" ]; then + echo "${SHARED_DIR}/mirror-images-list.yaml was found and will be used" + cp "${SHARED_DIR}/mirror-images-list.yaml" "/tmp/mirror-images-list.yaml" + # Format must be SRC=DEST + sed -i 's/ /=/g' "/tmp/mirror-images-list.yaml" +else + echo "No images to mirror." + exit 0 +fi # combine custom registry credential and default pull secret registry_cred=`head -n 1 "/var/run/vault/mirror-registry/registry_creds" | base64 -w 0` @@ -107,16 +120,23 @@ openshifttest_auth_password=$(cat "/var/run/vault/mirror-registry/registry_quay_ openshifttest_registry_auth=`echo -n "${openshifttest_auth_user}:${openshifttest_auth_password}" | base64 -w 0` jq --argjson a "{\"${MIRROR_REGISTRY_HOST}\": {\"auth\": \"$registry_cred\"},\"quay.io/openshifttest\": {\"auth\": \"${openshifttest_registry_auth}\"}}" '.auths |= . + $a' "${CLUSTER_PROFILE_DIR}/pull-secret" > "${new_pull_secret}" -# MIRROR IMAGES -# Creating ICSP for quay.io/openshifttest is in enable-qe-catalogsource-disconnected step -# Set Node CA for Mirror Registry is in enable-qe-catalogsource-disconnected step -sed -i "s/MIRROR_REGISTRY_PLACEHOLDER/${MIRROR_REGISTRY_HOST}/g" "/tmp/mirror-images-list.yaml" +# For disconnected or otherwise unreachable environments, we want to +# have steps use an HTTP(S) proxy to reach the API server. This proxy +# configuration file should export HTTP_PROXY, HTTPS_PROXY, and NO_PROXY +# environment variables, as well as their lowercase equivalents (note +# that libcurl doesn't recognize the uppercase variables). +if test -f "${SHARED_DIR}/proxy-conf.sh" +then + # shellcheck disable=SC1090 + source "${SHARED_DIR}/proxy-conf.sh" +fi -# To avoid 409 too many request error, mirroring image one by one -for image in `cat /tmp/mirror-images-list.yaml` -do - oc image mirror $image --insecure=true -a "${new_pull_secret}" \ - --skip-missing=true --skip-verification=true --keep-manifest-list=true --filter-by-os='.*' -done +# MIRROR IMAGES + # To avoid 409 too many request error, mirroring image one by one + for image in `cat /tmp/mirror-images-list.yaml` + do + oc image mirror $image --insecure=true -a "${new_pull_secret}" \ + --skip-missing=true --skip-verification=true --keep-manifest-list=true --filter-by-os='.*' --insecure=true + done rm -f "${new_pull_secret}" diff --git a/ci-operator/step-registry/mirror-images/qe-test-images/mirror-images-qe-test-images-ref.yaml b/ci-operator/step-registry/mirror-images/qe-test-images/mirror-images-qe-test-images-ref.yaml index 079179cba28d..232cdeb02e4f 100644 --- a/ci-operator/step-registry/mirror-images/qe-test-images/mirror-images-qe-test-images-ref.yaml +++ b/ci-operator/step-registry/mirror-images/qe-test-images/mirror-images-qe-test-images-ref.yaml @@ -8,6 +8,13 @@ ref: requests: cpu: 10m memory: 100Mi + env: + - name: QE_IMAGES + default: 'true' + documentation: |- + Whether or not mirror QE images. This can be disabled if someone wants + to pre-create "${SHARED_DIR}/mirror-images-list.yaml" and mirror + these images instead. credentials: - namespace: test-credentials name: openshift-custom-mirror-registry