Step: optional-operators-configure-proxy-registry

The configure-proxy registry step configures the proxy image registry to pull internal images.

Container image used for this step: cli

cli resolves to an image built or imported by the ci-operator configuration (documentation).

Environment

Step exposes no environmental variables except the defaults.

Source Code

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
#!/bin/bash

set -o nounset
set -o errexit
set -o pipefail

# steps involved inside the configure proxy registry 
# 0. needs to add the pull secrets provided by 
# mirroring the pull secrets

# add brew pull secret 
oc set data secret/pull-secret -n openshift-config --from-file=.dockerconfigjson=/var/run/brew-pullsecret/.dockerconfigjson

# 1. Apply the ICSP to the cluster 
echo "Creating new proxy registry record on cluster"
OO_CONFIGURE_PROXY_REGISTRY=$(
    oc create -f - -o jsonpath='{.metadata.name}' <<EOF
apiVersion: operator.openshift.io/v1alpha1
kind: ImageContentSourcePolicy
metadata:
  name: brew-registry
spec:
  repositoryDigestMirrors:
  - mirrors:
    - brew.registry.redhat.io
    source: registry.redhat.io
  - mirrors:
    - brew.registry.redhat.io
    source: registry.stage.redhat.io
  - mirrors:
    - brew.registry.redhat.io
    source: registry-proxy.engineering.redhat.com
  - mirrors:
    - brew.registry.redhat.io
    source: registry-proxy-stage.engineering.redhat.com
EOF
)
echo "Configuring proxy registry : \"$OO_CONFIGURE_PROXY_REGISTRY\""

# step-3: Disable the default OperatorSources/Sources (for redhat-operators, certified-operators, and community-operators) on your 4.5 cluster (or default CatalogSources in 4.6+) with the following command:
oc patch OperatorHub cluster --type json -p '[{"op": "add", "path": "/spec/disableAllDefaultSources", "value": true}]'

# Sleep for 2 minutes to allow for the nodes to begin restarting
sleep 120
# Query the node state until all of the nodes are ready
for i in {1..60}; do
    NODE_STATE="$(oc get nodes || echo "ERROR")"
    if [[ ${NODE_STATE} == *"NotReady"*  || ${NODE_STATE} == *"SchedulingDisabled"* ]]; then
        echo "Not all of the nodes have finished restarting - waiting for 30 seconds, attempt ${i}"
        sleep 30
    elif [[ ${NODE_STATE} == "ERROR" ]]; then
        echo "Encountered an issue querying the OpenShift API - waiting for 30 seconds, attempt ${i}"
        sleep 30
    else
        echo "All nodes ready"
        break
    fi
done

Properties

Property Value Description
Resource requests (cpu) 300m Used in .resources.requests of the pod running this step.
Resource requests (memory) 300Mi Used in .resources.requests of the pod running this step.

GitHub Link:

https://github.com/openshift/release/blob/master/ci-operator/step-registry/optional-operators/configure-proxy-registry/optional-operators-configure-proxy-registry-ref.yaml

Owners:

Approvers:

Reviewers:

Source code for this page located on GitHub