-
Notifications
You must be signed in to change notification settings - Fork 8
Expand file tree
/
Copy pathquay_disconnected.yaml
More file actions
65 lines (55 loc) · 2.67 KB
/
quay_disconnected.yaml
File metadata and controls
65 lines (55 loc) · 2.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
---
# Quay disconnected tasks: imageset for oc-mirror and mirror run.
# This file is included only when disconnected | default(true).
- name: Collect plugin registries for registries.conf
ansible.builtin.include_tasks:
file: "../../playbooks/tasks/collect_plugin_registries.yaml"
- name: Copy imagesetconfiguration to imagesetconfiguration.internal.yaml
ansible.builtin.copy:
src: "{{ workingDir }}/config/imagesetconfiguration.yaml"
dest: "{{ workingDir }}/config/imagesetconfiguration.internal.yaml"
- name: Replace registry.redhat.io with internal quay
ansible.builtin.replace:
path: "{{ workingDir }}/config/imagesetconfiguration.internal.yaml"
regexp: 'catalog: {{ dc_cache_address | default("registry.redhat.io") }}'
replace: "catalog: {{ quayHostname }}:8443"
- name: Ensure .config/containers/ exists
ansible.builtin.file:
path: "{{ lookup('env','HOME') }}/.config/containers/"
state: directory
- name: Generate registries.conf for the oc-mirror process
ansible.builtin.template:
src: "../../templates/registries.conf.j2"
dest: "{{ lookup('env','HOME') }}/.config/containers/registries.conf"
- name: Start oc-mirror process
ansible.builtin.shell: |
{{ workingDir }}/bin/oc-mirror --v2 \
--log-level {{ ocMirrorLogLevel }} \
--authfile {{ workingDir }}/config/pull-secret.quay.json \
-c {{ workingDir }}/config/imagesetconfiguration.internal.yaml \
--workspace file://{{ workingDir }}/config/oc-mirror-workspace-quay \
docker://registry-quay-quay-enterprise.apps.{{ clusterName }}.{{ baseDomain }} \
--dest-tls-verify=false \
--src-tls-verify=false \
--parallel-images 10 \
--parallel-layers {{ 1 if quayBackend == 'LocalStorage' else 10 }} \
--retry-times 10 \
--retry-delay 0 \
--image-timeout 40m0s \
> {{ workingDir }}/logs/oc-mirror.progress.quay.$(date +%s).log 2>&1
retries: 10
delay: 10
register: r_oc_mirror_quay
until: r_oc_mirror_quay is succeeded
- name: Delete registries.conf for the oc-mirror process
ansible.builtin.file:
path: "{{ lookup('env','HOME') }}/.config/containers/registries.conf"
state: absent
- name: Apply release signature ConfigMap
ansible.builtin.command:
cmd: |
{{ workingDir }}/bin/oc apply -f {{ workingDir }}/config/oc-mirror-workspace-quay/working-dir/cluster-resources/signature-configmap.yaml
# Apply oc-mirror-generated IDMS/ITMS to the cluster (fallback to internal Quay when LZ fails)
# and add the Quay registry CA to image.config so nodes trust the registry for image pulls.
- name: Apply Quay mirrors and trust registry CA for image pulls
ansible.builtin.include_tasks: quay_disconnected_mirrors.yaml