- name: Parse Cluster-API manifests for container images ansible.builtin.shell: # This set of commands is necessary to deal with multi-line scalar values # eg.: # key: | # multi-line # value cmd: >- cat {{ item.dest }} | yq --no-doc eval '.. | .image? | select(.)' | awk '!/ /'; cat {{ item.dest }} | yq eval '.data.data' | yq --no-doc eval '.. | .image? | select(.)'; cat {{ item.dest }} | yq --no-doc eval '.. | .files? | with_entries(select(.value.path == "*.yaml")).[0].content' | awk '!/null/' | yq eval '.. | .image? | select(.)' register: clusterapi_parsedmanifests loop: "{{ clusterapi_manifests.results }}" loop_control: label: "{{ item.dest | basename }}" - name: Parse pinniped manifests for container images ansible.builtin.shell: cmd: cat {{ item.dest }} | yq --no-doc eval '.. | .image? | select(.)' | awk '!/ /' register: pinniped_parsedmanifests loop: "{{ pinniped_manifests.results }}" loop_control: label: "{{ item.dest | basename }}" - name: Parse metacluster helm charts for container images ansible.builtin.shell: cmd: "{{ item.value.helm.parse_logic }}" chdir: /opt/metacluster/helm-charts/{{ item.key }} register: chartimages_metacluster when: item.value.helm is defined loop: "{{ query('ansible.builtin.dict', components) }}" loop_control: label: "{{ item.key }}" - name: Parse workloadcluster helm charts for container images ansible.builtin.shell: cmd: "{{ item.value.parse_logic }}" chdir: /opt/workloadcluster/helm-charts/{{ item.value.namespace }}/{{ item.key }} register: chartimages_workloadcluster loop: "{{ query('ansible.builtin.dict', downstream.helm_charts) }}" loop_control: label: "{{ item.key }}" - name: Store container images in dicts ansible.builtin.set_fact: containerimages_{{ item.source }}: "{{ item.results }}" loop: - source: charts results: "{{ (chartimages_metacluster | json_query('results[*].stdout_lines')) + (chartimages_workloadcluster | json_query('results[*].stdout_lines')) | select() | flatten | list }}" - source: kubeadm results: "{{ kubeadmimages.stdout_lines }}" - source: clusterapi results: "{{ clusterapi_parsedmanifests | json_query('results[*].stdout_lines') | select() | flatten | list }}" - source: pinniped results: "{{ pinniped_parsedmanifests | json_query('results[*].stdout_lines') | select() | flatten | list }}" loop_control: label: "{{ item.source }}" - name: Log in to container registry ansible.builtin.shell: cmd: >- skopeo login \ docker.io \ --username={{ docker_username }} \ --password={{ docker_password }} no_log: true - name: Pull and store containerimages ansible.builtin.shell: cmd: >- skopeo copy \ --insecure-policy \ --retry-times=5 \ docker://{{ item }} \ docker-archive:./{{ ( item | regex_findall('[^/:]+'))[-2] }}_{{ lookup('ansible.builtin.password', '/dev/null length=5 chars=ascii_lowercase,digits seed={{ item }}') }}.tar:{{ item }} chdir: /opt/metacluster/container-images loop: "{{ (containerimages_charts + containerimages_kubeadm + containerimages_clusterapi + containerimages_pinniped + dependencies.container_images) | flatten | unique | sort }}"