fix: improve image pull verification and fix registries_to_login type error
Some checks failed
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 25s
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 1m1s
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 27s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 11s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 11s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Some checks failed
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 25s
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 1m1s
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 27s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 11s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 11s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
- Check if image exists before pull to determine if force pull is needed - Use docker images command to verify image exists locally (more reliable) - Fix registries_to_login Jinja2 template to ensure it's always a list - Add better error messages when image pull fails - Only tag image if it was successfully verified to exist
This commit is contained in:
@@ -136,12 +136,34 @@
|
|||||||
- "Registry accessible: {{ registry_accessible | default('unknown') }}"
|
- "Registry accessible: {{ registry_accessible | default('unknown') }}"
|
||||||
when: registry_accessible is defined and registry_accessible == 'true'
|
when: registry_accessible is defined and registry_accessible == 'true'
|
||||||
|
|
||||||
- name: Pull Docker image
|
- name: Check if image already exists locally
|
||||||
|
ansible.builtin.shell: |
|
||||||
|
docker images --format "{{ '{{' }}.Repository{{ '}}' }}:{{ '{{' }}.Tag{{ '}}' }}" | grep -E "^{{ deploy_image | regex_escape }}$" || echo "NOT_FOUND"
|
||||||
|
register: image_exists_before_pull
|
||||||
|
when: registry_accessible is defined and registry_accessible == 'true'
|
||||||
|
changed_when: false
|
||||||
|
failed_when: false
|
||||||
|
|
||||||
|
- name: Pull Docker image (force pull if not exists locally)
|
||||||
|
community.docker.docker_image:
|
||||||
|
name: "{{ deploy_image }}"
|
||||||
|
source: pull
|
||||||
|
pull: always
|
||||||
|
when:
|
||||||
|
- registry_accessible is defined and registry_accessible == 'true'
|
||||||
|
- image_exists_before_pull.stdout | default('') == 'NOT_FOUND'
|
||||||
|
register: image_pull_result
|
||||||
|
ignore_errors: yes
|
||||||
|
failed_when: false
|
||||||
|
|
||||||
|
- name: Pull Docker image (if already exists, just verify)
|
||||||
community.docker.docker_image:
|
community.docker.docker_image:
|
||||||
name: "{{ deploy_image }}"
|
name: "{{ deploy_image }}"
|
||||||
source: pull
|
source: pull
|
||||||
pull: true
|
pull: true
|
||||||
when: registry_accessible is defined and registry_accessible == 'true'
|
when:
|
||||||
|
- registry_accessible is defined and registry_accessible == 'true'
|
||||||
|
- image_exists_before_pull.stdout | default('') != 'NOT_FOUND'
|
||||||
register: image_pull_result
|
register: image_pull_result
|
||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
failed_when: false
|
failed_when: false
|
||||||
@@ -162,12 +184,35 @@
|
|||||||
ignore_errors: yes
|
ignore_errors: yes
|
||||||
failed_when: false
|
failed_when: false
|
||||||
|
|
||||||
|
- name: Check if image exists by inspecting docker images
|
||||||
|
ansible.builtin.shell: |
|
||||||
|
docker images --format "{{ '{{' }}.Repository{{ '}}' }}:{{ '{{' }}.Tag{{ '}}' }}" | grep -E "^{{ deploy_image | regex_escape }}$" || echo "NOT_FOUND"
|
||||||
|
register: image_check
|
||||||
|
when: registry_accessible is defined and registry_accessible == 'true'
|
||||||
|
changed_when: false
|
||||||
|
failed_when: false
|
||||||
|
|
||||||
|
- name: Display image verification results
|
||||||
|
ansible.builtin.debug:
|
||||||
|
msg:
|
||||||
|
- "Image info result: {{ image_info | default('not executed') }}"
|
||||||
|
- "Image check result: {{ image_check.stdout | default('not executed') }}"
|
||||||
|
- "Image exists: {{ 'YES' if (image_check.stdout | default('') != 'NOT_FOUND' and image_check.stdout | default('') != '') else 'NO' }}"
|
||||||
|
when: registry_accessible is defined and registry_accessible == 'true'
|
||||||
|
|
||||||
- name: Fail if image was not pulled successfully
|
- name: Fail if image was not pulled successfully
|
||||||
ansible.builtin.fail:
|
ansible.builtin.fail:
|
||||||
msg: "Failed to pull image {{ deploy_image }} from registry. Image does not exist locally."
|
msg: |
|
||||||
|
Failed to pull image {{ deploy_image }} from registry.
|
||||||
|
The image does not exist locally after pull attempt.
|
||||||
|
Pull result: changed={{ image_pull_result.changed | default(false) }}, failed={{ image_pull_result.failed | default(false) }}
|
||||||
|
Please check:
|
||||||
|
1. Does the image exist in {{ source_registry }}?
|
||||||
|
2. Are registry credentials correct?
|
||||||
|
3. Is the registry accessible?
|
||||||
when:
|
when:
|
||||||
- registry_accessible is defined and registry_accessible == 'true'
|
- registry_accessible is defined and registry_accessible == 'true'
|
||||||
- image_info.failed | default(true) | bool
|
- (image_check.stdout | default('') == 'NOT_FOUND' or image_check.stdout | default('') == '')
|
||||||
|
|
||||||
- name: Tag image for local registry (if source and local registry differ)
|
- name: Tag image for local registry (if source and local registry differ)
|
||||||
community.docker.docker_image:
|
community.docker.docker_image:
|
||||||
@@ -177,7 +222,9 @@
|
|||||||
source: local
|
source: local
|
||||||
when:
|
when:
|
||||||
- source_registry != local_registry
|
- source_registry != local_registry
|
||||||
- image_info.failed is not defined or not image_info.failed
|
- image_check.stdout is defined
|
||||||
|
- image_check.stdout != 'NOT_FOUND'
|
||||||
|
- image_check.stdout != ''
|
||||||
register: image_tag_result
|
register: image_tag_result
|
||||||
|
|
||||||
- name: Push image to local registry (if source and local registry differ)
|
- name: Push image to local registry (if source and local registry differ)
|
||||||
@@ -311,9 +358,11 @@
|
|||||||
{%- else -%}
|
{%- else -%}
|
||||||
{%- set reg_list = [local_registry] -%}
|
{%- set reg_list = [local_registry] -%}
|
||||||
{%- endif -%}
|
{%- endif -%}
|
||||||
{{ reg_list | unique | list }}
|
{%- set final_list = reg_list | unique | list -%}
|
||||||
|
{{ final_list }}
|
||||||
{%- else -%}
|
{%- else -%}
|
||||||
{{ [docker_registry] }}
|
{%- set default_list = [docker_registry | default('localhost:5000')] -%}
|
||||||
|
{{ default_list }}
|
||||||
{%- endif -%}
|
{%- endif -%}
|
||||||
|
|
||||||
- name: Login to all Docker registries before compose up
|
- name: Login to all Docker registries before compose up
|
||||||
|
|||||||
Reference in New Issue
Block a user