Defined Type: docker::credentials

Defined in:
modules/docker/manifests/credentials.pp

Overview

Adds docker configuration for specific credentials in the file path used as a title.

Parameters:

  • owner (String)
  • group (String)
  • registry (Stdlib::Fqdn)
  • registry_username (String)
  • registry_password (String)
  • allow_group (Boolean) (defaults to: true)


3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# File 'modules/docker/manifests/credentials.pp', line 3

define docker::credentials(
    String $owner,
    String $group,
    Stdlib::Fqdn $registry,
    String $registry_username,
    String $registry_password,
    Boolean $allow_group = true,
) {
    unless ($name =~ Stdlib::Unixpath) {
        fail("docker::credentials resource name should be a valid unix path, got ${name}")
    }
    $dirmode = $allow_group ? {
        true  => '0550',
        false => '0500'
    }
    $filemode = $allow_group ? {
        true  => '0440',
        false => '0400'
    }
    $directory = dirname($name)
    if (!defined(File[$directory])) {
        file { $directory:
            ensure => directory,
            owner  => $owner,
            group  => $group,
            mode   => $dirmode,
        }
    }
    # uses strict_encode64 since encode64 adds newlines?!
    $docker_auth = inline_template("<%= require 'base64'; Base64.strict_encode64('${registry_username}:${registry_password}') -%>")
    $docker_config = {
        'auths' => {
            "https://${registry}" => {
                'auth' => $docker_auth,
            },
        },
    }
    file { $name:
        ensure    => present,
        content   => ordered_json($docker_config),
        owner     => $owner,
        group     => $group,
        mode      => $filemode,
        show_diff => false,
    }
}