From 294e6721eb49c4a02d51248ecbe45ccd6c3f274b Mon Sep 17 00:00:00 2001 From: Michael Schiemer Date: Sat, 8 Nov 2025 16:09:56 +0100 Subject: [PATCH] fix: Use immutable operations for Docker daemon config merge - Replace append() with list concatenation (+ operator) - Use combine filter instead of update() method - Avoids 'unsafe append' error with AnsibleLazyTemplateList - All operations are now immutable and safe --- deployment/ansible/playbooks/deploy-image.yml | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/deployment/ansible/playbooks/deploy-image.yml b/deployment/ansible/playbooks/deploy-image.yml index 4b88fb8f..a16ff8c3 100644 --- a/deployment/ansible/playbooks/deploy-image.yml +++ b/deployment/ansible/playbooks/deploy-image.yml @@ -192,16 +192,19 @@ set_fact: docker_daemon_config_dict: "{{ docker_daemon_config.content | b64decode | from_json if (docker_daemon_json.stat.exists and docker_daemon_config.content is defined) else {} }}" + - name: Build insecure registries list + set_fact: + insecure_registries_list: >- + {%- set existing = docker_daemon_config_dict.get('insecure-registries', []) | list -%} + {%- if 'git.michaelschiemer.de:5000' not in existing -%} + {{ existing + ['git.michaelschiemer.de:5000'] }} + {%- else -%} + {{ existing }} + {%- endif -%} + - name: Merge insecure registry into Docker daemon config set_fact: - docker_daemon_config_merged: >- - {%- set config = docker_daemon_config_dict.copy() -%} - {%- set existing_registries = config.get('insecure-registries', []) | list -%} - {%- if 'git.michaelschiemer.de:5000' not in existing_registries -%} - {%- set _ = existing_registries.append('git.michaelschiemer.de:5000') -%} - {%- endif -%} - {%- set _ = config.update({'insecure-registries': existing_registries}) -%} - {{ config }} + docker_daemon_config_merged: "{{ docker_daemon_config_dict | combine({'insecure-registries': insecure_registries_list}) }}" - name: Update Docker daemon.json with insecure registry copy: