- block:

    - name: Push images to registry
      ansible.builtin.shell:
        cmd: >-
          skopeo copy \
            --insecure-policy \
            --dest-tls-verify=false \
            --dest-creds admin:{{ vapp['metacluster.password'] }} \
            docker-archive:./{{ item | basename }} \
            docker://registry.{{ vapp['metacluster.fqdn'] }}/library/$( \
              skopeo list-tags \
                --insecure-policy \
                docker-archive:./{{ item | basename }} | \
              jq -r '.Tags[0]')
        chdir: /opt/metacluster/container-images/
      register: push_result
      loop: "{{ query('ansible.builtin.fileglob', '/opt/metacluster/container-images/*.tar') | sort }}"
      loop_control:
        label: "{{ item | basename }}"
      retries: "{{ playbook.retries }}"
      delay: "{{ ((storage_benchmark | float) * playbook.delay.short) | int }}"
      until: push_result is not failed

    - name: Get all stored container images (=artifacts)
      ansible.builtin.uri:
        url: https://registry.{{ vapp['metacluster.fqdn'] }}/api/v2.0/search?q=library
        method: GET
      register: registry_artifacts

    - name: Get source registries of all artifacts
      ansible.builtin.set_fact:
        source_registries: "{{ (source_registries | default([]) + [(item | split('/'))[1]]) | unique | sort }}"
      loop: "{{ registry_artifacts.json.repository | json_query('[*].repository_name') }}"

    - name: Configure K3s node for private registry
      ansible.builtin.template:
        dest: /etc/rancher/k3s/registries.yaml
        src: registries.j2
      vars:
        _template:
          data: "{{ source_registries }}"
          hv:
            fqdn: "{{ vapp['metacluster.fqdn'] }}"

  module_defaults:
    ansible.builtin.uri:
      validate_certs: no
      status_code: [200, 201, 401]
      body_format: json