diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 1e4a764..78a759b 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -28,11 +28,62 @@ jobs: host: ${{ secrets.DOCKER_HOST }} port: ${{ secrets.DOCKER_PORT }} user: ${{ secrets.DOCKER_USER }} - #pass: ${{ secrets.DOCKER_PASS }} ssh_key: "${{ secrets.DOCKER_SSH_KEY }}" file: "docker-compose.yaml" name: "test-stack" + test_registry_auth: + name: "Test Registry Auth" + runs-on: ubuntu-latest + timeout-minutes: 10 + + steps: + - name: "Checkout" + uses: actions/checkout@v4 + + - name: "Create SSH directory" + run: mkdir -p ~/.ssh + + - name: "Add private key to SSH agent" + uses: webfactory/ssh-agent@v0.5.3 + with: + ssh-private-key: ${{ secrets.DOCKER_SSH_KEY }} + + - name: "Do not check host key" + run: | + export ANSIBLE_HOST_KEY_CHECKING=False + + - name: Run playbook + uses: dawidd6/action-ansible-playbook@v2 + with: + playbook: actions_test.yml + directory: ansible + options: | + -u ${{ secrets.DOCKER_USER }} + --private-key ./ssh_key + -i ${{ secrets.DOCKER_HOST }}, + -c ssh + -e "ansible_ssh_common_args='-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'" + + - name: "Write YAML" + id: yaml-action + uses: teunmooij/yaml@v1 + with: + data: '{"version":"3.8","services":{"alpine":{"image":"localhost:5000/alpine","command":"tail -f /dev/null"}}}' + to-file: "docker-compose.yaml" + + - name: "Test Local Action with Registry Auth" + id: test + uses: ./ + with: + host: ${{ secrets.DOCKER_HOST }} + port: ${{ secrets.DOCKER_PORT }} + user: ${{ secrets.DOCKER_USER }} + ssh_key: "${{ secrets.DOCKER_SSH_KEY }}" + file: "docker-compose.yaml" + name: "test-private-stack" + with_registry_auth: "true" + lint: name: "Lint" runs-on: ubuntu-latest diff --git a/action.yaml b/action.yaml index 2fe36ad..68b3322 100644 --- a/action.yaml +++ b/action.yaml @@ -32,6 +32,10 @@ inputs: env_file: description: "Environment File" required: false + with_registry_auth: + description: "Use registry authentication" + required: false + default: "false" runs: using: "docker" diff --git a/ansible/actions_test.yml b/ansible/actions_test.yml new file mode 100644 index 0000000..cc003e9 --- /dev/null +++ b/ansible/actions_test.yml @@ -0,0 +1,53 @@ +--- +- name: Test Registry Auth + hosts: all + become: no + tasks: + - name: Assert apache2-utils is present + command: dpkg -l apache2-utils + register: result + failed_when: result.rc != 0 + changed_when: false + + - name: Create registry directory + file: + path: /tmp/registry + state: directory + + - name: Create registry user + shell: htpasswd -Bbn testuser testpassword > /tmp/registry/registry.password + changed_when: false + + - name: Create Docker registry container + docker_container: + name: registry + image: registry:2 + ports: + - "5000:5000" + volumes: + - /tmp/registry/registry.password:/auth/registry.password:ro + env: + REGISTRY_AUTH: "htpasswd" + REGISTRY_AUTH_HTPASSWD_REALM: "Registry Realm" + REGISTRY_AUTH_HTPASSWD_PATH: "/auth/registry.password" + state: started + + - name: Login to Docker registry + docker_login: + registry: localhost:5000 + username: testuser + password: testpassword + + - name: pull alpine image from Docker Hub + docker_image: + name: alpine + tag: latest + source: pull + + - name: Push alpine image to local registry + docker_image: + name: alpine + repository: localhost:5000/alpine + tag: latest + push: true + source: local diff --git a/src/main.sh b/src/main.sh index 32aa0df..42d6efe 100644 --- a/src/main.sh +++ b/src/main.sh @@ -60,5 +60,11 @@ if [ -n "${INPUT_ENV_FILE}" ];then # export ENV_FILE="${INPUT_ENV_FILE}" fi +DEPLOY_CMD="docker stack deploy -c \"${INPUT_FILE}\" \"${INPUT_NAME}\"" +if [ "${INPUT_WITH_REGISTRY_AUTH}" == "true" ]; then + echo -e "\u001b[36mAdding with-registry-auth flag to command." + DEPLOY_CMD="$DEPLOY_CMD --with-registry-auth" +fi + echo -e "\u001b[36mDeploying Stack: \u001b[37;1m${INPUT_NAME}" -docker stack deploy -c "${INPUT_FILE}" "${INPUT_NAME}" +eval "${DEPLOY_CMD}" \ No newline at end of file