Remove registry access config tags

Remove "bundle_registry_tls_ca" and "bundle_registry_auth" tags in favor of "setup_bundle_registry_tls_ca" and "setup_bundle_registry_auth" config options. Values for these new options are set to true to keep backwards compatibility.
infrawatch · Aug 31, 2023 · e891411 · e891411
1 parent 0dfe245
commit e891411
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 12 deletions.
diff --git a/build/stf-run-ci/README.md b/build/stf-run-ci/README.md
@@ -118,8 +118,9 @@ ansible-playbook -e __local_build_enabled=false -e __deploy_from_bundles_enabled
 
 NOTE: When deploying from bundles, you must have a _CA.pem_ for
 the registry already in place in the build directory, if required. If this is
-not required, add `--skip-tags bundle_registry_tls_ca`. If no login is required
-to your bundle image registry, add `--skip-tags bundle_registry_auth`
+not required, set `setup_bundle_registry_tls_ca` to `false`. If no login is required
+to your bundle image registry, set `setup_bundle_registry_auth` to `false`.
+By default, those configuration options are set to `true`.
 
 ## Deployment from local artifacts, bundles, and index
 

diff --git a/build/stf-run-ci/defaults/main.yml b/build/stf-run-ci/defaults/main.yml
@@ -66,3 +66,6 @@ sg_bridge_repository: https://github.com/infrawatch/sg-bridge
 prometheus_webhook_snmp_repository: https://github.com/infrawatch/prometheus-webhook-snmp
 
 base_dir: ''
+
+setup_bundle_registry_auth: true
+setup_bundle_registry_tls_ca: true
diff --git a/build/stf-run-ci/tasks/setup_stf_from_bundles.yml b/build/stf-run-ci/tasks/setup_stf_from_bundles.yml
@@ -1,4 +1,5 @@
-- block:
+- when: setup_bundle_registry_auth
+  block:
   - name: Get existing Pull Secret from openshift config
     k8s_info:
       api_version: v1
@@ -49,10 +50,8 @@
         data:
           .dockerconfigjson: "{{ new_dockerconfigjson | tojson | b64encode }}"
 
-  tags:
-    - bundle_registry_auth
-
-- name: Create registry CA Cert
+- when: setup_bundle_registry_tls_ca
+  name: Create registry CA Cert
   k8s:
     state: present
     definition:
@@ -64,10 +63,9 @@
         namespace: "{{ namespace }}"
       data:
         cert.pem: "{{ lookup('file', 'CA.pem') | b64encode }}"
-  tags:
-    - bundle_registry_tls_ca
 
-- name: Patch the default service account to use our pull secret
+- when: setup_bundle_registry_tls_ca
+  name: Patch the default service account to use our pull secret
   kubernetes.core.k8s_json_patch:
     kind: ServiceAccount
     namespace: "{{ namespace }}"
@@ -77,8 +75,6 @@
         path: /imagePullSecrets
         value:
           - name: pull-secret
-  tags:
-    - bundle_registry_tls_ca
 
 - name: Deploy SGO via OLM bundle
   shell: