dmage/push-to-secured-registry.sh

## push-to-secured-registry.sh
#!/bin/sh

### cleanup
oc cluster down
rm -rf ./secrets
### end of cleanup

oc cluster up --version=latest --skip-registry-check=true
oc login -u system:admin
oc project default
oc get svc/docker-registry
MASTERDIR=/var/lib/origin/openshift.local.config/master
sudo $(which oadm) ca create-server-cert \
    --signer-cert=$MASTERDIR/ca.crt \
    --signer-key=$MASTERDIR/ca.key \
    --signer-serial=$MASTERDIR/ca.serial.txt \
    --hostnames='registry.127.0.0.1.nip.io,docker-registry.default.svc.cluster.local,172.30.1.1' \
    --cert=./secrets/registry.crt \
    --key=./secrets/registry.key
sudo chown -R $(whoami) ./secrets/
oc secrets new registry-secret ./secrets/registry.crt ./secrets/registry.key
oc secrets link registry registry-secret
oc secrets link default  registry-secret
oc volume dc/docker-registry --add --type=secret \
    --secret-name=registry-secret -m /etc/secrets
oc set env dc/docker-registry \
    REGISTRY_HTTP_TLS_CERTIFICATE=/etc/secrets/registry.crt \
    REGISTRY_HTTP_TLS_KEY=/etc/secrets/registry.key
oc patch dc/docker-registry -p '{"spec": {"template": {"spec": {"containers":[{
    "name":"registry",
    "livenessProbe":  {"httpGet": {"scheme":"HTTPS"}}
  }]}}}}'
oc patch dc/docker-registry -p '{"spec": {"template": {"spec": {"containers":[{
    "name":"registry",
    "readinessProbe":  {"httpGet": {"scheme":"HTTPS"}}
  }]}}}}'
oc create route passthrough --service=docker-registry --hostname=registry.127.0.0.1.nip.io
sudo mkdir -p /etc/docker/certs.d/registry.127.0.0.1.nip.io
sudo cp $MASTERDIR/ca.crt /etc/docker/certs.d/registry.127.0.0.1.nip.io
oc rollout status -w dc/docker-registry
oc rollout status -w dc/router
oc login -u developer
oc project myproject

docker login --username `oc whoami` --password `oc whoami -t` registry.127.0.0.1.nip.io
docker pull busybox
docker tag busybox registry.127.0.0.1.nip.io/myproject/busybox
docker push registry.127.0.0.1.nip.io/myproject/busybox
	#!/bin/sh

	### cleanup
	oc cluster down
	rm -rf ./secrets
	### end of cleanup

	oc cluster up --version=latest --skip-registry-check=true
	oc login -u system:admin
	oc project default
	oc get svc/docker-registry
	MASTERDIR=/var/lib/origin/openshift.local.config/master
	sudo $(which oadm) ca create-server-cert \
	--signer-cert=$MASTERDIR/ca.crt \
	--signer-key=$MASTERDIR/ca.key \
	--signer-serial=$MASTERDIR/ca.serial.txt \
	--hostnames='registry.127.0.0.1.nip.io,docker-registry.default.svc.cluster.local,172.30.1.1' \
	--cert=./secrets/registry.crt \
	--key=./secrets/registry.key
	sudo chown -R $(whoami) ./secrets/
	oc secrets new registry-secret ./secrets/registry.crt ./secrets/registry.key
	oc secrets link registry registry-secret
	oc secrets link default registry-secret
	oc volume dc/docker-registry --add --type=secret \
	--secret-name=registry-secret -m /etc/secrets
	oc set env dc/docker-registry \
	REGISTRY_HTTP_TLS_CERTIFICATE=/etc/secrets/registry.crt \
	REGISTRY_HTTP_TLS_KEY=/etc/secrets/registry.key
	oc patch dc/docker-registry -p '{"spec": {"template": {"spec": {"containers":[{
	"name":"registry",
	"livenessProbe": {"httpGet": {"scheme":"HTTPS"}}
	}]}}}}'
	oc patch dc/docker-registry -p '{"spec": {"template": {"spec": {"containers":[{
	"name":"registry",
	"readinessProbe": {"httpGet": {"scheme":"HTTPS"}}
	}]}}}}'
	oc create route passthrough --service=docker-registry --hostname=registry.127.0.0.1.nip.io
	sudo mkdir -p /etc/docker/certs.d/registry.127.0.0.1.nip.io
	sudo cp $MASTERDIR/ca.crt /etc/docker/certs.d/registry.127.0.0.1.nip.io
	oc rollout status -w dc/docker-registry
	oc rollout status -w dc/router
	oc login -u developer
	oc project myproject

	docker login --username `oc whoami` --password `oc whoami -t` registry.127.0.0.1.nip.io
	docker pull busybox
	docker tag busybox registry.127.0.0.1.nip.io/myproject/busybox
	docker push registry.127.0.0.1.nip.io/myproject/busybox