fix: Configure Docker insecure registry and add GIT_BRANCH
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 52s
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 51s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 10s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 12s
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 52s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Some checks failed
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 52s
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 51s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 10s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 12s
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 52s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
- Add Docker daemon configuration to use HTTP for git.michaelschiemer.de:5000 registry - Configure insecure-registries in /etc/docker/daemon.json - Add GIT_BRANCH environment variable (staging for staging, main for production) - Set default GIT_REPOSITORY_URL if not provided - Fixes 'http: server gave HTTP response to HTTPS client' error - Fixes missing GIT_BRANCH variable warnings
This commit is contained in:
@@ -52,7 +52,13 @@
|
|||||||
minio_root_user: "{{ minio_root_user | default(vault_minio_root_user | default('minioadmin')) }}"
|
minio_root_user: "{{ minio_root_user | default(vault_minio_root_user | default('minioadmin')) }}"
|
||||||
minio_root_password: "{{ minio_root_password | default(vault_minio_root_password | default('')) }}"
|
minio_root_password: "{{ minio_root_password | default(vault_minio_root_password | default('')) }}"
|
||||||
secrets_dir: "{{ secrets_dir | default('./secrets') }}"
|
secrets_dir: "{{ secrets_dir | default('./secrets') }}"
|
||||||
git_repository_url: "{{ git_repository_url | default(vault_git_repository_url | default('')) }}"
|
git_repository_url: "{{ git_repository_url | default(vault_git_repository_url | default('https://git.michaelschiemer.de/michael/michaelschiemer.git')) }}"
|
||||||
|
git_branch: >-
|
||||||
|
{%- if deployment_environment == 'staging' -%}
|
||||||
|
staging
|
||||||
|
{%- else -%}
|
||||||
|
main
|
||||||
|
{%- endif -%}
|
||||||
git_token: "{{ git_token | default(vault_git_token | default('')) }}"
|
git_token: "{{ git_token | default(vault_git_token | default('')) }}"
|
||||||
git_username: "{{ git_username | default(vault_git_username | default('')) }}"
|
git_username: "{{ git_username | default(vault_git_username | default('')) }}"
|
||||||
git_password: "{{ git_password | default(vault_git_password | default('')) }}"
|
git_password: "{{ git_password | default(vault_git_password | default('')) }}"
|
||||||
@@ -168,6 +174,41 @@
|
|||||||
when: not env_file_exists.stat.exists
|
when: not env_file_exists.stat.exists
|
||||||
become: yes
|
become: yes
|
||||||
|
|
||||||
|
- name: Configure Docker to use HTTP for git.michaelschiemer.de:5000 registry
|
||||||
|
shell: |
|
||||||
|
# Check if insecure-registries is already configured
|
||||||
|
if ! grep -q "git.michaelschiemer.de:5000" /etc/docker/daemon.json 2>/dev/null; then
|
||||||
|
# Backup existing daemon.json
|
||||||
|
cp /etc/docker/daemon.json /etc/docker/daemon.json.bak 2>/dev/null || echo '{}' > /etc/docker/daemon.json.bak
|
||||||
|
# Add insecure-registries if not present
|
||||||
|
python3 << 'EOF'
|
||||||
|
import json
|
||||||
|
import sys
|
||||||
|
try:
|
||||||
|
with open('/etc/docker/daemon.json', 'r') as f:
|
||||||
|
config = json.load(f)
|
||||||
|
except (FileNotFoundError, json.JSONDecodeError):
|
||||||
|
config = {}
|
||||||
|
if 'insecure-registries' not in config:
|
||||||
|
config['insecure-registries'] = []
|
||||||
|
if 'git.michaelschiemer.de:5000' not in config['insecure-registries']:
|
||||||
|
config['insecure-registries'].append('git.michaelschiemer.de:5000')
|
||||||
|
with open('/etc/docker/daemon.json', 'w') as f:
|
||||||
|
json.dump(config, f, indent=2)
|
||||||
|
sys.exit(0) # Changed
|
||||||
|
sys.exit(1) # No change
|
||||||
|
EOF
|
||||||
|
# Restart Docker daemon if configuration changed
|
||||||
|
if [ $? -eq 0 ]; then
|
||||||
|
systemctl restart docker || service docker restart || true
|
||||||
|
sleep 2
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
become: yes
|
||||||
|
ignore_errors: yes
|
||||||
|
changed_when: false
|
||||||
|
failed_when: false
|
||||||
|
|
||||||
- name: Deploy application stack with new image
|
- name: Deploy application stack with new image
|
||||||
shell: |
|
shell: |
|
||||||
cd {{ application_code_dest }}
|
cd {{ application_code_dest }}
|
||||||
@@ -181,6 +222,7 @@
|
|||||||
MINIO_ROOT_PASSWORD: "{{ minio_root_password | default('') }}"
|
MINIO_ROOT_PASSWORD: "{{ minio_root_password | default('') }}"
|
||||||
SECRETS_DIR: "{{ secrets_dir | default('./secrets') }}"
|
SECRETS_DIR: "{{ secrets_dir | default('./secrets') }}"
|
||||||
GIT_REPOSITORY_URL: "{{ git_repository_url | default('') }}"
|
GIT_REPOSITORY_URL: "{{ git_repository_url | default('') }}"
|
||||||
|
GIT_BRANCH: "{{ git_branch | default('main') }}"
|
||||||
GIT_TOKEN: "{{ git_token | default('') }}"
|
GIT_TOKEN: "{{ git_token | default('') }}"
|
||||||
GIT_USERNAME: "{{ git_username | default('') }}"
|
GIT_USERNAME: "{{ git_username | default('') }}"
|
||||||
GIT_PASSWORD: "{{ git_password | default('') }}"
|
GIT_PASSWORD: "{{ git_password | default('') }}"
|
||||||
|
|||||||
Reference in New Issue
Block a user