Define registry mirrors dynamically;Fix path;Fix Ansible config

ansible/roles/assets/tasks/main.yml

@@ -9,7 +9,7 @@
     - /opt/metacluster/cluster-api/cni-calico/{{ components.clusterapi.workload.version.calico }}
     - /opt/metacluster/cluster-api/control-plane-kubeadm/{{ components.clusterapi.management.version.base }}
     - /opt/metacluster/cluster-api/infrastructure-vsphere/{{ components.clusterapi.management.version.infrastructure_vsphere }}
-    - /opt/metacluster/cluster-api/ipam-incluster/{{ components.clusterapi.management.version.ipam_incluster }}
+    - /opt/metacluster/cluster-api/ipam-in-cluster/{{ components.clusterapi.management.version.ipam_incluster }}
     - /opt/metacluster/container-images
     - /opt/metacluster/git-repositories/gitops
     - /opt/metacluster/helm-charts

ansible/roles/assets/tasks/manifests.yml

@@ -49,9 +49,9 @@
       dest: cni-calico/{{ components.clusterapi.workload.version.calico }}/calico.yaml
     # IPAM in-cluster provider (w/ metadata.yaml)
     - url: https://github.com/telekom/cluster-api-ipam-provider-in-cluster/releases/download/{{ components.clusterapi.management.version.ipam_incluster }}/ipam-components.yaml
-      dest: ipam-incluster/{{ components.clusterapi.management.version.ipam_incluster }}/ipam-components.yaml
+      dest: ipam-in-cluster/{{ components.clusterapi.management.version.ipam_incluster }}/ipam-components.yaml
     - url: https://github.com/telekom/cluster-api-ipam-provider-in-cluster/releases/download/{{ components.clusterapi.management.version.ipam_incluster }}/metadata.yaml
-      dest: ipam-incluster/{{ components.clusterapi.management.version.ipam_incluster }}/metadata.yaml
+      dest: ipam-in-cluster/{{ components.clusterapi.management.version.ipam_incluster }}/metadata.yaml
   loop_control:
     label: "{{ item.url | basename }}"
   retries: 5

ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml

@@ -39,10 +39,26 @@
       loop_control:
         label: "{{ item | basename }}"
 
+    - name: Get all stored container images (=artifacts)
+      ansible.builtin.uri:
+        url: https://registry.{{ vapp['metacluster.fqdn'] }}/api/v2.0/search?q=library
+        method: GET
+      register: registry_artifacts
+
+    - name: Get source registries of all artifacts
+      ansible.builtin.set_fact:
+        source_registries: "{{ (source_registries | default([]) + [(item | split('/'))[1]]) | unique | sort }}"
+      loop: "{{ registry_artifacts.json.repository | json_query('[*].repository_name') }}"
+
     - name: Configure K3s node for private registry
       ansible.builtin.template:
         dest: /etc/rancher/k3s/registries.yaml
         src: registries.j2
+      vars:
+        _template:
+          data: "{{ source_registries }}"
+          hv:
+            fqdn: "{{ vapp['metacluster.fqdn'] }}"
 
     - name: Restart kubelet (k3s) to pick up configured registries
       ansible.builtin.systemd:

ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml

@@ -31,7 +31,7 @@
       clusterctl init \
         -v5 \
         --infrastructure vsphere:{{ components.clusterapi.management.version.infrastructure_vsphere }} \
-        --ipam in-cluster:{{ components.clusterapi.management.version.ipam_incluster }}
+        --ipam in-cluster:{{ components.clusterapi.management.version.ipam_incluster }} \
         --config ./clusterctl.yaml \
         --kubeconfig {{ kubeconfig.path }}
     chdir: /opt/metacluster/cluster-api

ansible/roles/firstboot/files/ansible_payload/templates/clusterctl.j2

@@ -12,7 +12,7 @@ providers:
     url: "/opt/metacluster/cluster-api/infrastructure-vsphere/{{ _template.version.infrastructure_vsphere }}/infrastructure-components.yaml"
     type: "InfrastructureProvider"
   - name: "in-cluster"
-    url: "/opt/metacluster/cluster-api/ipam-incluster/{{ _template.version.ipam_incluster }}/ipam-components.yaml"
+    url: "/opt/metacluster/cluster-api/ipam-in-cluster/{{ _template.version.ipam_incluster }}/ipam-components.yaml"
     type: "IPAMProvider"
 
 cert-manager:

ansible/roles/firstboot/files/ansible_payload/templates/registries.j2

@@ -1,31 +1,8 @@
 mirrors:
-  cr.step.cm:
+{% for value in _template.data %}
+  {{ value }}:
     endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
+      - https://registry.{{ _template.hv.fqdn }}
     rewrite:
-      "(.*)": "library/cr.step.sm/$1"
+      "(.*)": "library/{{ value }}/$1"
-  docker.io:
+{% endfor %}
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/docker.io/$1"
-  gcr.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/gcr.io/$1"
-  ghcr.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/ghcr.io/$1"
-  k8s.gcr.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/k8s.gcr.io/$1"
-  quay.io:
-    endpoint:
-      - https://registry.{{ vapp['metacluster.fqdn'] }}
-    rewrite:
-      "(.*)": "library/quay.io/$1"

ansible/roles/os/templates/ansible.j2

@@ -1,2 +1,2 @@
 [defaults]
-callback_whitelist = ansible.posix.profile_tasks
+callbacks_enabled = ansible.posix.profile_tasks