diff --git a/test/integration/docker-compose.yml b/test/integration/docker-compose.yml index 8f095f0f..6df0935d 100644 --- a/test/integration/docker-compose.yml +++ b/test/integration/docker-compose.yml @@ -29,6 +29,8 @@ services: context: docker/registry environment: - REGISTRY_HTTP_ADDR=0.0.0.0:4443 + - REGISTRY_HTTP_TLS_CERTIFICATE=/certs/domain.crt + - REGISTRY_HTTP_TLS_KEY=/certs/domain.key volumes: - shared:/shared - registry:/var/lib/registry/ diff --git a/test/integration/docker/deployer/Dockerfile b/test/integration/docker/deployer/Dockerfile index a809a6ed..bb6b462a 100644 --- a/test/integration/docker/deployer/Dockerfile +++ b/test/integration/docker/deployer/Dockerfile @@ -22,6 +22,7 @@ COPY app_with_roles/ app_with_roles/ RUN rm -rf /root/.ssh RUN ln -s /shared/ssh /root/.ssh +RUN mkdir -p /etc/docker/certs.d/registry:4443 && ln -s /shared/certs/domain.crt /etc/docker/certs.d/registry:4443/ca.crt RUN git config --global user.email "deployer@example.com" RUN git config --global user.name "Deployer" diff --git a/test/integration/docker/deployer/boot.sh b/test/integration/docker/deployer/boot.sh index 20e1375d..77d6d1ea 100755 --- a/test/integration/docker/deployer/boot.sh +++ b/test/integration/docker/deployer/boot.sh @@ -1,5 +1,5 @@ #!/bin/bash -dockerd --max-concurrent-downloads 1 --insecure-registry registry:4443 & +dockerd --max-concurrent-downloads 1 & exec sleep infinity diff --git a/test/integration/docker/registry/boot.sh b/test/integration/docker/registry/boot.sh index 6eb8a518..895838f5 100755 --- a/test/integration/docker/registry/boot.sh +++ b/test/integration/docker/registry/boot.sh @@ -1,3 +1,5 @@ #!/bin/sh +while [ ! -f /certs/domain.crt ]; do sleep 1; done + exec /entrypoint.sh /etc/docker/registry/config.yml diff --git a/test/integration/docker/shared/Dockerfile b/test/integration/docker/shared/Dockerfile index 348fa4f3..f672fbe1 100644 --- a/test/integration/docker/shared/Dockerfile +++ b/test/integration/docker/shared/Dockerfile @@ -10,6 +10,8 @@ RUN mkdir ssh && \ COPY registry-dns.conf . COPY boot.sh . +RUN mkdir certs && openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/domain.key -x509 -days 365 -out certs/domain.crt -subj '/CN=registry' -extensions EXT -config registry-dns.conf + HEALTHCHECK --interval=1s CMD pgrep sleep CMD ["./boot.sh"] diff --git a/test/integration/docker/vm/Dockerfile b/test/integration/docker/vm/Dockerfile index 014794b0..584a7b6a 100644 --- a/test/integration/docker/vm/Dockerfile +++ b/test/integration/docker/vm/Dockerfile @@ -5,6 +5,7 @@ WORKDIR /work RUN apt-get update --fix-missing && apt-get -y install openssh-client openssh-server docker.io RUN mkdir /root/.ssh && ln -s /shared/ssh/id_rsa.pub /root/.ssh/authorized_keys +RUN mkdir -p /etc/docker/certs.d/registry:4443 && ln -s /shared/certs/domain.crt /etc/docker/certs.d/registry:4443/ca.crt RUN echo "HOST_TOKEN=abcd" >> /etc/environment diff --git a/test/integration/docker/vm/boot.sh b/test/integration/docker/vm/boot.sh index ecdbdb3c..681a8a4e 100755 --- a/test/integration/docker/vm/boot.sh +++ b/test/integration/docker/vm/boot.sh @@ -4,6 +4,6 @@ while [ ! -f /root/.ssh/authorized_keys ]; do echo "Waiting for ssh keys"; sleep service ssh restart -dockerd --max-concurrent-downloads 1 --insecure-registry registry:4443 & +dockerd --max-concurrent-downloads 1 & exec sleep infinity