Identify mechanism to allow 'offline container registry'
As part of https://gitlab.com/gitlab-org/gitlab-qa/-/issues/694 we identified the when running our E2E suite, we find that tests dependant on runners appear to need to have the ability to connect to registry.gitlab.com
to download the runners.
In https://gitlab.com/gitlab-org/gitlab-qa/-/merge_requests/1092+ we added an exception to allow connecting to this URL but as https://gitlab.com/gitlab-org/gitlab-qa/-/merge_requests/1092#note_1209361513 suggests, longer term it would be better if we had the ability to run some type of containerized registry which could be connected to the Offline Environment allowing us to have a completely isolated test environment.
Proposed Solution
As @willmeek suggested in https://gitlab.com/gitlab-org/gitlab-qa/-/merge_requests/1092#note_1209361513 it seems a good solution for this issue is to use https://docs.docker.com/registry/
With this we can
- run a local docker registry
docker run -d -p 5000:5000 --name registry registry:2
- pull the runner image from the existing registry
<registry>/<image>:<tag>
- retag the image to point at our local registry
docker tag <registry>/<image>:<tag> localhost:5000/<image>:<tag>
- push the runner image to our local registry
localhost:50000/<registry>/<image>:<tag>
- use
QA_DEV_REGISTRY
environment variable for airgapped tests to point at this local container registry - disconnect the registry image from the bridge network
docker network disconnect bridge registry
- connect the registry image to the internal airgapped network
docker network connect airgapped registry
Additional points to consider
- We may need to consider how our existing reporting works. With the gitlab-qa container being
airgapped
with no connection to the bridge network, we should validate that reporting to Sentry/Allure/etc that we do as part of the tests can still work.
If there are any issues with this - we may need the gitlab-qa container to remain connected to bothairgapped
andbridge
networks to allow this traffic to flow.