fix: improve image pull verification and fix registries_to_login type error
Some checks failed
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 25s
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 1m1s
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 27s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 11s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 11s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
Some checks failed
Security Vulnerability Scan / Check for Dependency Changes (push) Successful in 25s
🚀 Build & Deploy Image / Auto-deploy to Staging (push) Failing after 1m1s
🚀 Build & Deploy Image / Determine Build Necessity (push) Successful in 27s
🚀 Build & Deploy Image / Build Runtime Base Image (push) Successful in 11s
🚀 Build & Deploy Image / Run Tests & Quality Checks (push) Has been skipped
Security Vulnerability Scan / Composer Security Audit (push) Has been skipped
🚀 Build & Deploy Image / Build Docker Image (push) Successful in 11s
🚀 Build & Deploy Image / Auto-deploy to Production (push) Has been skipped
- Check if image exists before pull to determine if force pull is needed - Use docker images command to verify image exists locally (more reliable) - Fix registries_to_login Jinja2 template to ensure it's always a list - Add better error messages when image pull fails - Only tag image if it was successfully verified to exist
This commit is contained in:
@@ -136,12 +136,34 @@
|
||||
- "Registry accessible: {{ registry_accessible | default('unknown') }}"
|
||||
when: registry_accessible is defined and registry_accessible == 'true'
|
||||
|
||||
- name: Pull Docker image
|
||||
- name: Check if image already exists locally
|
||||
ansible.builtin.shell: |
|
||||
docker images --format "{{ '{{' }}.Repository{{ '}}' }}:{{ '{{' }}.Tag{{ '}}' }}" | grep -E "^{{ deploy_image | regex_escape }}$" || echo "NOT_FOUND"
|
||||
register: image_exists_before_pull
|
||||
when: registry_accessible is defined and registry_accessible == 'true'
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
|
||||
- name: Pull Docker image (force pull if not exists locally)
|
||||
community.docker.docker_image:
|
||||
name: "{{ deploy_image }}"
|
||||
source: pull
|
||||
pull: always
|
||||
when:
|
||||
- registry_accessible is defined and registry_accessible == 'true'
|
||||
- image_exists_before_pull.stdout | default('') == 'NOT_FOUND'
|
||||
register: image_pull_result
|
||||
ignore_errors: yes
|
||||
failed_when: false
|
||||
|
||||
- name: Pull Docker image (if already exists, just verify)
|
||||
community.docker.docker_image:
|
||||
name: "{{ deploy_image }}"
|
||||
source: pull
|
||||
pull: true
|
||||
when: registry_accessible is defined and registry_accessible == 'true'
|
||||
when:
|
||||
- registry_accessible is defined and registry_accessible == 'true'
|
||||
- image_exists_before_pull.stdout | default('') != 'NOT_FOUND'
|
||||
register: image_pull_result
|
||||
ignore_errors: yes
|
||||
failed_when: false
|
||||
@@ -162,12 +184,35 @@
|
||||
ignore_errors: yes
|
||||
failed_when: false
|
||||
|
||||
- name: Check if image exists by inspecting docker images
|
||||
ansible.builtin.shell: |
|
||||
docker images --format "{{ '{{' }}.Repository{{ '}}' }}:{{ '{{' }}.Tag{{ '}}' }}" | grep -E "^{{ deploy_image | regex_escape }}$" || echo "NOT_FOUND"
|
||||
register: image_check
|
||||
when: registry_accessible is defined and registry_accessible == 'true'
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
|
||||
- name: Display image verification results
|
||||
ansible.builtin.debug:
|
||||
msg:
|
||||
- "Image info result: {{ image_info | default('not executed') }}"
|
||||
- "Image check result: {{ image_check.stdout | default('not executed') }}"
|
||||
- "Image exists: {{ 'YES' if (image_check.stdout | default('') != 'NOT_FOUND' and image_check.stdout | default('') != '') else 'NO' }}"
|
||||
when: registry_accessible is defined and registry_accessible == 'true'
|
||||
|
||||
- name: Fail if image was not pulled successfully
|
||||
ansible.builtin.fail:
|
||||
msg: "Failed to pull image {{ deploy_image }} from registry. Image does not exist locally."
|
||||
msg: |
|
||||
Failed to pull image {{ deploy_image }} from registry.
|
||||
The image does not exist locally after pull attempt.
|
||||
Pull result: changed={{ image_pull_result.changed | default(false) }}, failed={{ image_pull_result.failed | default(false) }}
|
||||
Please check:
|
||||
1. Does the image exist in {{ source_registry }}?
|
||||
2. Are registry credentials correct?
|
||||
3. Is the registry accessible?
|
||||
when:
|
||||
- registry_accessible is defined and registry_accessible == 'true'
|
||||
- image_info.failed | default(true) | bool
|
||||
- (image_check.stdout | default('') == 'NOT_FOUND' or image_check.stdout | default('') == '')
|
||||
|
||||
- name: Tag image for local registry (if source and local registry differ)
|
||||
community.docker.docker_image:
|
||||
@@ -177,7 +222,9 @@
|
||||
source: local
|
||||
when:
|
||||
- source_registry != local_registry
|
||||
- image_info.failed is not defined or not image_info.failed
|
||||
- image_check.stdout is defined
|
||||
- image_check.stdout != 'NOT_FOUND'
|
||||
- image_check.stdout != ''
|
||||
register: image_tag_result
|
||||
|
||||
- name: Push image to local registry (if source and local registry differ)
|
||||
@@ -311,9 +358,11 @@
|
||||
{%- else -%}
|
||||
{%- set reg_list = [local_registry] -%}
|
||||
{%- endif -%}
|
||||
{{ reg_list | unique | list }}
|
||||
{%- set final_list = reg_list | unique | list -%}
|
||||
{{ final_list }}
|
||||
{%- else -%}
|
||||
{{ [docker_registry] }}
|
||||
{%- set default_list = [docker_registry | default('localhost:5000')] -%}
|
||||
{{ default_list }}
|
||||
{%- endif -%}
|
||||
|
||||
- name: Login to all Docker registries before compose up
|
||||
|
||||
Reference in New Issue
Block a user