Fix yaml;Fix volumemount;Fix filename

ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/certauthority.yml

@@ -30,18 +30,20 @@
   kubernetes.core.k8s:
     state: present
     template: secret.j2
+    kubeconfig: "{{ kubeconfig.path }}"
   vars:
     _template:
       name: step-certificates-certs
       namespace: "{{ item.namespace }}"
       key: "{{ item.filename }}"
       value: "{{ stepca_cm_certs.resources[0].data['root_ca.crt'] | b64encode }}"
-    kubeconfig: "{{ kubeconfig.path }}"
   loop:
     - namespace: argo-cd
       filename: custom-ca-certificates.crt
     - namespace: kube-system
       filename: root_ca.crt
+  loop_control:
+    label: "{{ item.namespace }}"
 
 - name: Configure step-ca passthrough ingress
   ansible.builtin.template:
@@ -74,14 +76,11 @@
           volumes:
             - name: step-certificates-certs
               mountPath: /step-ca
-              type: configMap
+              type: secret
           env:
             - name: LEGO_CA_CERTIFICATES
               value: /step-ca/root_ca.crt
     marker: '    # {mark} ANSIBLE MANAGED BLOCK'
-  # tags:
-  #   - never
-  #   - final
   notify:
     - Apply manifests
 

ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/registry.yml

@@ -15,14 +15,14 @@
         --insecure-policy \
         --dest-tls-verify=false \
         --dest-creds admin:{{ vapp['guestinfo.rootpw'] }} \
-        docker-archive:./{{ item }} \
+        docker-archive:./{{ item | basename }} \
         docker://registry.{{ vapp['metacluster.fqdn'] }}/library/$( \
           skopeo list-tags \
             --insecure-policy \
-            docker-archive:./{{ item }} | \
+            docker-archive:./{{ item | basename }} | \
           jq -r '.Tags[0]')
     chdir: /opt/metacluster/container-images/
-  loop: "{{ imagetarballs.files }}"
+  with_fileglob: /opt/metacluster/container-images/*.tar
 
 - name: Configure K3s node for private registry
   ansible.builtin.template: