summaryrefslogtreecommitdiff
path: root/hack
diff options
context:
space:
mode:
Diffstat (limited to 'hack')
-rwxr-xr-xhack/podman-registry74
-rwxr-xr-xhack/xref-helpmsgs-manpages4
2 files changed, 50 insertions, 28 deletions
diff --git a/hack/podman-registry b/hack/podman-registry
index e7708ce6a..fe79b7d9d 100755
--- a/hack/podman-registry
+++ b/hack/podman-registry
@@ -14,7 +14,7 @@ PODMAN_REGISTRY_PASS=
PODMAN_REGISTRY_PORT=
# Podman binary to run
-PODMAN=${PODMAN:-$(type -p podman)}
+PODMAN=${PODMAN:-$(dirname $0)/../bin/podman}
# END defaults
###############################################################################
@@ -104,6 +104,24 @@ function podman() {
"$@"
}
+###############
+# must_pass # Run a command quietly; abort with error on failure
+###############
+function must_pass() {
+ local log=${PODMAN_REGISTRY_WORKDIR}/log
+
+ "$@" &> $log
+ if [ $? -ne 0 ]; then
+ echo "$ME: Command failed: $*" >&2
+ cat $log >&2
+
+ # If we ever get here, it's a given that the registry is not running.
+ # Clean up after ourselves.
+ rm -rf ${PODMAN_REGISTRY_WORKDIR}
+ exit 1
+ fi
+}
+
# END helper functions
###############################################################################
# BEGIN action processing
@@ -132,7 +150,7 @@ function do_start() {
PODMAN_REGISTRY_PASS=$(random_string 15)
fi
- # Die on any error
+ # For the next few commands, die on any error
set -e
mkdir -p ${PODMAN_REGISTRY_WORKDIR}
@@ -140,50 +158,50 @@ function do_start() {
local AUTHDIR=${PODMAN_REGISTRY_WORKDIR}/auth
mkdir -p $AUTHDIR
- # We have to be silent; our only output must be env. vars. Log output here.
- local log=${PODMAN_REGISTRY_WORKDIR}/log
- touch $log
-
# Pull registry image, but into a separate container storage
mkdir -p ${PODMAN_REGISTRY_WORKDIR}/root
mkdir -p ${PODMAN_REGISTRY_WORKDIR}/runroot
+ set +e
+
# Give it three tries, to compensate for flakes
- podman pull ${PODMAN_REGISTRY_IMAGE} &>> $log ||
- podman pull ${PODMAN_REGISTRY_IMAGE} &>> $log ||
- podman pull ${PODMAN_REGISTRY_IMAGE} &>> $log
+ podman pull ${PODMAN_REGISTRY_IMAGE} &>/dev/null ||
+ podman pull ${PODMAN_REGISTRY_IMAGE} &>/dev/null ||
+ must_pass podman pull ${PODMAN_REGISTRY_IMAGE}
# Registry image needs a cert. Self-signed is good enough.
local CERT=$AUTHDIR/domain.crt
- # FIXME: if this fails, we fail silently! It'd be more helpful
- # to say 'openssl failed' and cat the logfile
- openssl req -newkey rsa:4096 -nodes -sha256 \
- -keyout ${AUTHDIR}/domain.key -x509 -days 2 \
- -out ${AUTHDIR}/domain.crt \
- -subj "/C=US/ST=Foo/L=Bar/O=Red Hat, Inc./CN=localhost" \
- &>> $log
-
- # Store credentials where container will see them
+ must_pass openssl req -newkey rsa:4096 -nodes -sha256 \
+ -keyout ${AUTHDIR}/domain.key -x509 -days 2 \
+ -out ${AUTHDIR}/domain.crt \
+ -subj "/C=US/ST=Foo/L=Bar/O=Red Hat, Inc./CN=localhost"
+
+ # Store credentials where container will see them. We can't run
+ # this one via must_pass because we need its stdout.
podman run --rm \
--entrypoint htpasswd ${PODMAN_REGISTRY_IMAGE} \
-Bbn ${PODMAN_REGISTRY_USER} ${PODMAN_REGISTRY_PASS} \
> $AUTHDIR/htpasswd
+ if [ $? -ne 0 ]; then
+ rm -rf ${PODMAN_REGISTRY_WORKDIR}
+ die "Command failed: podman run [htpasswd]"
+ fi
# In case someone needs to debug
echo "${PODMAN_REGISTRY_USER}:${PODMAN_REGISTRY_PASS}" \
> $AUTHDIR/htpasswd-plaintext
# Run the registry container.
- podman run --quiet -d \
- -p ${PODMAN_REGISTRY_PORT}:5000 \
- --name registry \
- -v $AUTHDIR:/auth:Z \
- -e "REGISTRY_AUTH=htpasswd" \
- -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
- -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" \
- -e "REGISTRY_HTTP_TLS_CERTIFICATE=/auth/domain.crt" \
- -e "REGISTRY_HTTP_TLS_KEY=/auth/domain.key" \
- registry:2 &>> $log
+ must_pass podman run --quiet -d \
+ -p ${PODMAN_REGISTRY_PORT}:5000 \
+ --name registry \
+ -v $AUTHDIR:/auth:Z \
+ -e "REGISTRY_AUTH=htpasswd" \
+ -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
+ -e "REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd" \
+ -e "REGISTRY_HTTP_TLS_CERTIFICATE=/auth/domain.crt" \
+ -e "REGISTRY_HTTP_TLS_KEY=/auth/domain.key" \
+ registry:2
# Dump settings. Our caller will use these to access the registry.
for v in IMAGE PORT USER PASS; do
diff --git a/hack/xref-helpmsgs-manpages b/hack/xref-helpmsgs-manpages
index 00db3c8de..c1e9dffc4 100755
--- a/hack/xref-helpmsgs-manpages
+++ b/hack/xref-helpmsgs-manpages
@@ -150,6 +150,10 @@ sub xref_by_man {
my %ignore = map { $_ => 1 } qw(-l -s -t --latest --size --type);
next if $man =~ /-inspect/ && $ignore{$k};
+ # Special case: podman-diff serves dual purpose (image, ctr)
+ my %diffignore = map { $_ => 1 } qw(-l --latest );
+ next if $man =~ /-diff/ && $diffignore{$k};
+
# Special case: the 'trust' man page is a mess
next if $man =~ /-trust/;