25cb90bc2d
* project: update all dependencies including ansible Upgrade to ansible 7.x and ansible-core 2.14.x. There seems to be issue with ansible 8/ansible-core 2.15 so we remain on those versions for now. It's quite a big bump already anyway. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * tests: install aws galaxy collection Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * ansible-lint: disable various rules after ansible upgrade Temporarily disable a bunch of linting action following ansible upgrade. Those should be taken care of separately. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve deprecated-module ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve no-free-form ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[meta] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[playbook] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[tasks] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve risky-file-permissions ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve risky-shell-pipe ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: remove deprecated warn args Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: use fqcn for non builtin tasks Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve syntax-check[missing-file] for contrib playbook Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: use arithmetic inside jinja to fix ansible 6 upgrade Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> --------- Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
126 lines
4.2 KiB
YAML
126 lines
4.2 KiB
YAML
---
|
|
- block:
|
|
- name: set default values for flag variables
|
|
set_fact:
|
|
image_is_cached: false
|
|
image_changed: false
|
|
pull_required: "{{ download_always_pull }}"
|
|
tags:
|
|
- facts
|
|
|
|
- name: download_container | Set a few facts
|
|
import_tasks: set_container_facts.yml
|
|
tags:
|
|
- facts
|
|
|
|
- name: download_container | Prepare container download
|
|
include_tasks: check_pull_required.yml
|
|
when:
|
|
- not download_always_pull
|
|
|
|
- debug: # noqa unnamed-task
|
|
msg: "Pull {{ image_reponame }} required is: {{ pull_required }}"
|
|
|
|
- name: download_container | Determine if image is in cache
|
|
stat:
|
|
path: "{{ image_path_cached }}"
|
|
get_attributes: no
|
|
get_checksum: no
|
|
get_mime: no
|
|
delegate_to: localhost
|
|
connection: local
|
|
delegate_facts: no
|
|
register: cache_image
|
|
changed_when: false
|
|
become: false
|
|
when:
|
|
- download_force_cache
|
|
|
|
- name: download_container | Set fact indicating if image is in cache
|
|
set_fact:
|
|
image_is_cached: "{{ cache_image.stat.exists }}"
|
|
tags:
|
|
- facts
|
|
when:
|
|
- download_force_cache
|
|
|
|
- name: Stop if image not in cache on ansible host when download_force_cache=true
|
|
assert:
|
|
that: image_is_cached
|
|
msg: "Image cache file {{ image_path_cached }} not found for {{ image_reponame }} on localhost"
|
|
when:
|
|
- download_force_cache
|
|
- not download_run_once
|
|
|
|
- name: download_container | Download image if required
|
|
command: "{{ image_pull_command_on_localhost if download_localhost else image_pull_command }} {{ image_reponame }}"
|
|
delegate_to: "{{ download_delegate if download_run_once else inventory_hostname }}"
|
|
delegate_facts: yes
|
|
run_once: "{{ download_run_once }}"
|
|
register: pull_task_result
|
|
until: pull_task_result is succeeded
|
|
delay: "{{ retry_stagger | random + 3 }}"
|
|
retries: "{{ download_retries }}"
|
|
become: "{{ user_can_become_root | default(false) or not download_localhost }}"
|
|
environment: "{{ proxy_env if container_manager == 'containerd' else omit }}"
|
|
when:
|
|
- pull_required or download_run_once
|
|
- not image_is_cached
|
|
|
|
- name: download_container | Save and compress image
|
|
shell: "{{ image_save_command_on_localhost if download_localhost else image_save_command }}" # noqa 305 image_save_command_on_localhost contains a pipe, therefore requires shell
|
|
delegate_to: "{{ download_delegate }}"
|
|
delegate_facts: no
|
|
register: container_save_status
|
|
failed_when: container_save_status.stderr
|
|
run_once: true
|
|
become: "{{ user_can_become_root | default(false) or not download_localhost }}"
|
|
when:
|
|
- not image_is_cached
|
|
- download_run_once
|
|
|
|
- name: download_container | Copy image to ansible host cache
|
|
ansible.posix.synchronize:
|
|
src: "{{ image_path_final }}"
|
|
dest: "{{ image_path_cached }}"
|
|
use_ssh_args: true
|
|
mode: pull
|
|
when:
|
|
- not image_is_cached
|
|
- download_run_once
|
|
- not download_localhost
|
|
- download_delegate == inventory_hostname
|
|
|
|
- name: download_container | Upload image to node if it is cached
|
|
ansible.posix.synchronize:
|
|
src: "{{ image_path_cached }}"
|
|
dest: "{{ image_path_final }}"
|
|
use_ssh_args: true
|
|
mode: push
|
|
delegate_facts: no
|
|
register: upload_image
|
|
failed_when: not upload_image
|
|
until: upload_image is succeeded
|
|
retries: "{{ download_retries }}"
|
|
delay: "{{ retry_stagger | random + 3 }}"
|
|
when:
|
|
- pull_required
|
|
- download_force_cache
|
|
|
|
- name: download_container | Load image into the local container registry
|
|
shell: "{{ image_load_command }}" # noqa 305 image_load_command uses pipes, therefore requires shell
|
|
register: container_load_status
|
|
failed_when: container_load_status is failed
|
|
when:
|
|
- pull_required
|
|
- download_force_cache
|
|
|
|
- name: download_container | Remove container image from cache
|
|
file:
|
|
state: absent
|
|
path: "{{ image_path_final }}"
|
|
when:
|
|
- not download_keep_remote_cache
|
|
tags:
|
|
- download
|