From ab5f082933ccb1b0f4f4ebfab0d6572ed90eadb0 Mon Sep 17 00:00:00 2001
From: Danny Bessems <danny@bessems.eu>
Date: Sat, 10 Dec 2022 16:56:13 +0100
Subject: [PATCH] Define registry mirrors dynamically;Fix path;Fix Ansible
 config

---
 ansible/roles/assets/tasks/main.yml           |  2 +-
 ansible/roles/assets/tasks/manifests.yml      |  4 +--
 .../roles/metacluster/tasks/registry.yml      | 16 +++++++++
 .../workloadcluster/tasks/clusterapi.yml      |  2 +-
 .../ansible_payload/templates/clusterctl.j2   |  2 +-
 .../ansible_payload/templates/registries.j2   | 33 +++----------------
 ansible/roles/os/templates/ansible.j2         |  2 +-
 7 files changed, 27 insertions(+), 34 deletions(-)

diff --git a/ansible/roles/assets/tasks/main.yml b/ansible/roles/assets/tasks/main.yml
index 16df1ea..902192e 100644
--- a/ansible/roles/assets/tasks/main.yml
+++ b/ansible/roles/assets/tasks/main.yml
@@ -9,7 +9,7 @@
     - /opt/metacluster/cluster-api/cni-calico/{{ components.clusterapi.workload.version.calico }}
     - /opt/metacluster/cluster-api/control-plane-kubeadm/{{ components.clusterapi.management.version.base }}
     - /opt/metacluster/cluster-api/infrastructure-vsphere/{{ components.clusterapi.management.version.infrastructure_vsphere }}
-    - /opt/metacluster/cluster-api/ipam-incluster/{{ components.clusterapi.management.version.ipam_incluster }}
+    - /opt/metacluster/cluster-api/ipam-in-cluster/{{ components.clusterapi.management.version.ipam_incluster }}
     - /opt/metacluster/container-images
     - /opt/metacluster/git-repositories/gitops
     - /opt/metacluster/helm-charts
diff --git a/ansible/roles/assets/tasks/manifests.yml b/ansible/roles/assets/tasks/manifests.yml
index 5202f75..af0e1da 100644
--- a/ansible/roles/assets/tasks/manifests.yml
+++ b/ansible/roles/assets/tasks/manifests.yml
@@ -49,9 +49,9 @@
       dest: cni-calico/{{ components.clusterapi.workload.version.calico }}/calico.yaml
     # IPAM in-cluster provider (w/ metadata.yaml)
     - url: https://github.com/telekom/cluster-api-ipam-provider-in-cluster/releases/download/{{ components.clusterapi.management.version.ipam_incluster }}/ipam-components.yaml
-      dest: ipam-incluster/{{ components.clusterapi.management.version.ipam_incluster }}/ipam-components.yaml
+      dest: ipam-in-cluster/{{ components.clusterapi.management.version.ipam_incluster }}/ipam-components.yaml
     - url: https://github.com/telekom/cluster-api-ipam-provider-in-cluster/releases/download/{{ components.clusterapi.management.version.ipam_incluster }}/metadata.yaml
-      dest: ipam-incluster/{{ components.clusterapi.management.version.ipam_incluster }}/metadata.yaml
+      dest: ipam-in-cluster/{{ components.clusterapi.management.version.ipam_incluster }}/metadata.yaml
   loop_control:
     label: "{{ item.url | basename }}"
   retries: 5
diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml
index 6bd8bac..5de1233 100644
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml
@@ -39,10 +39,26 @@
       loop_control:
         label: "{{ item | basename }}"
 
+    - name: Get all stored container images (=artifacts)
+      ansible.builtin.uri:
+        url: https://registry.{{ vapp['metacluster.fqdn'] }}/api/v2.0/search?q=library
+        method: GET
+      register: registry_artifacts
+
+    - name: Get source registries of all artifacts
+      ansible.builtin.set_fact:
+        source_registries: "{{ (source_registries | default([]) + [(item | split('/'))[1]]) | unique | sort }}"
+      loop: "{{ registry_artifacts.json.repository | json_query('[*].repository_name') }}"
+
     - name: Configure K3s node for private registry
       ansible.builtin.template:
         dest: /etc/rancher/k3s/registries.yaml
         src: registries.j2
+      vars:
+        _template:
+          data: "{{ source_registries }}"
+          hv:
+            fqdn: "{{ vapp['metacluster.fqdn'] }}"
 
     - name: Restart kubelet (k3s) to pick up configured registries
       ansible.builtin.systemd:
diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
index 8801f8b..4f1be47 100644
--- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
@@ -31,7 +31,7 @@
       clusterctl init \
         -v5 \
         --infrastructure vsphere:{{ components.clusterapi.management.version.infrastructure_vsphere }} \
-        --ipam in-cluster:{{ components.clusterapi.management.version.ipam_incluster }}
+        --ipam in-cluster:{{ components.clusterapi.management.version.ipam_incluster }} \
         --config ./clusterctl.yaml \
         --kubeconfig {{ kubeconfig.path }}
     chdir: /opt/metacluster/cluster-api
diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2 b/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2
index 9f603c7..4898754 100644
--- a/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2
+++ b/ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2
@@ -12,7 +12,7 @@ providers:
     url: "/opt/metacluster/cluster-api/infrastructure-vsphere/{{ _template.version.infrastructure_vsphere }}/infrastructure-components.yaml"
     type: "InfrastructureProvider"
   - name: "in-cluster"
-    url: "/opt/metacluster/cluster-api/ipam-incluster/{{ _template.version.ipam_incluster }}/ipam-components.yaml"
+    url: "/opt/metacluster/cluster-api/ipam-in-cluster/{{ _template.version.ipam_incluster }}/ipam-components.yaml"
     type: "IPAMProvider"
 
 cert-manager:
diff --git a/ansible/roles/firstboot/files/ansible_payload/templates/registries.j2 b/ansible/roles/firstboot/files/ansible_payload/templates/registries.j2
index a07ddcd..6a6016c 100644
--- a/ansible/roles/firstboot/files/ansible_payload/templates/registries.j2
+++ b/ansible/roles/firstboot/files/ansible_payload/templates/registries.j2
@@ -1,31 +1,8 @@
 mirrors:
-  cr.step.cm:
+{% for value in _template.data %}
+  {{ value }}:
     endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
+      - https://registry.{{ _template.hv.fqdn }}
     rewrite:
-      "(.*)": "library/cr.step.sm/$1"
-  docker.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/docker.io/$1"
-  gcr.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/gcr.io/$1"
-  ghcr.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/ghcr.io/$1"
-  k8s.gcr.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/k8s.gcr.io/$1"
-  quay.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/quay.io/$1"
+      "(.*)": "library/{{ value }}/$1"
+{% endfor %}
diff --git a/ansible/roles/os/templates/ansible.j2 b/ansible/roles/os/templates/ansible.j2
index 467a737..11523ea 100644
--- a/ansible/roles/os/templates/ansible.j2
+++ b/ansible/roles/os/templates/ansible.j2
@@ -1,2 +1,2 @@
 [defaults]
-callback_whitelist = ansible.posix.profile_tasks
+callbacks_enabled = ansible.posix.profile_tasks