diff options
author | Michael Gugino <mgugino@redhat.com> | 2017-10-17 11:50:21 -0400 |
---|---|---|
committer | Michael Gugino <mgugino@redhat.com> | 2017-10-17 15:15:14 -0400 |
commit | 23b37a72ef60e7d7830321ba65c5e98bf9563232 (patch) | |
tree | 0ab5f53d14206889dfc9a20f99b26562962604d6 /roles/openshift_health_checker/openshift_checks/docker_image_availability.py | |
parent | 1d75eb325c0dbfd4614ab6e6535d07a2ea3ecbc3 (diff) | |
download | openshift-23b37a72ef60e7d7830321ba65c5e98bf9563232.tar.gz openshift-23b37a72ef60e7d7830321ba65c5e98bf9563232.tar.bz2 openshift-23b37a72ef60e7d7830321ba65c5e98bf9563232.tar.xz openshift-23b37a72ef60e7d7830321ba65c5e98bf9563232.zip |
Ensure proper variable templating for skopeo auth credentials
Currently, docker_image_availability.py plugin check is
using the raw strings for variables from task_vars.
This results in any variables that utilized within the
plugin to be un-templated. For instance, if variable
"x" is set to "{{ y }}" and y is set to "2", one
would expect that x == 2 inside the plugin. Currently,
the plugin will use the string "{{ y }}" for the value
of x instead of templating the variable.
This commit ensures skopeo registry auth credentials
are templated properly.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1500698
Diffstat (limited to 'roles/openshift_health_checker/openshift_checks/docker_image_availability.py')
-rw-r--r-- | roles/openshift_health_checker/openshift_checks/docker_image_availability.py | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py index 7c8ac78fe..5beb20503 100644 --- a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py +++ b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py @@ -61,10 +61,15 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck): # for the oreg_url registry there may be credentials specified components = self.get_var("oreg_url", default="").split('/') self.registries["oreg"] = "" if len(components) < 3 else components[0] + + # Retrieve and template registry credentials, if provided self.skopeo_command_creds = "" oreg_auth_user = self.get_var('oreg_auth_user', default='') oreg_auth_password = self.get_var('oreg_auth_password', default='') if oreg_auth_user != '' and oreg_auth_password != '': + if self._templar is not None: + oreg_auth_user = self._templar.template(oreg_auth_user) + oreg_auth_password = self._templar.template(oreg_auth_password) self.skopeo_command_creds = "--creds={}:{}".format(quote(oreg_auth_user), quote(oreg_auth_password)) # record whether we could reach a registry or not (and remember results) |