From c6b94b11479402954232d11e077df0b1b6560c32 Mon Sep 17 00:00:00 2001
From: Michael Schiemer <kontakt@michaelschiemer.de>
Date: Sat, 8 Nov 2025 23:56:17 +0100
Subject: [PATCH] fix: login to correct Docker registry from docker-compose
 files

- Extract actual registry URLs from docker-compose files
- Login to all registries found in compose files (e.g. git.michaelschiemer.de:5000)
- This fixes the 'no basic auth credentials' error when pulling images
- The playbook now automatically detects which registry is used in compose files
- Falls back to docker_registry variable if no registry found in compose files
---
 deployment/ansible/playbooks/deploy-image.yml | 47 ++++++++++++++++---
 1 file changed, 40 insertions(+), 7 deletions(-)

diff --git a/deployment/ansible/playbooks/deploy-image.yml b/deployment/ansible/playbooks/deploy-image.yml
index 044cbd84..e6200025 100644
--- a/deployment/ansible/playbooks/deploy-image.yml
+++ b/deployment/ansible/playbooks/deploy-image.yml
@@ -224,23 +224,56 @@
       ignore_errors: yes
 
     - name: Wait for Docker daemon to be ready
-      wait_for:
-        path: /var/run/docker.sock
-        timeout: 10
+      shell: docker ps > /dev/null 2>&1
+      register: docker_ready
+      until: docker_ready.rc == 0
+      retries: 30
+      delay: 2
       when: docker_daemon_updated.changed | default(false)
       ignore_errors: yes
-      become: no
+      changed_when: false
 
-    - name: Login to Docker registry before compose up
+    - name: Determine actual registry URLs from docker-compose files
+      ansible.builtin.shell: |
+        cd {{ application_code_dest }}
+        grep -h "image:" docker-compose.base.yml docker-compose.{{ application_compose_suffix }} 2>/dev/null | sed -E 's/.*image:\s*([^\/]+).*/\1/' | sed 's/:.*//' | sort -u || echo ""
+      register: actual_registry_urls
+      changed_when: false
+      failed_when: false
+
+    - name: Set list of registries to login to
+      ansible.builtin.set_fact:
+        registries_to_login: >-
+          {%- set found_registries = actual_registry_urls.stdout | trim | split('\n') | select('match', '.+') | list -%}
+          {%- set default_registry = [docker_registry] -%}
+          {%- if found_registries | length > 0 -%}
+            {{ found_registries | unique | list }}
+          {%- else -%}
+            {{ default_registry }}
+          {%- endif -%}
+
+    - name: Login to all Docker registries before compose up
       community.docker.docker_login:
-        registry_url: "{{ docker_registry }}"
+        registry_url: "{{ item }}"
         username: "{{ docker_registry_username | default('admin') }}"
         password: "{{ registry_password }}"
       when: 
         - registry_password | string | trim != ''
         - registry_accessible == 'true'
+      loop: "{{ registries_to_login }}"
       no_log: yes
-      ignore_errors: yes
+      register: docker_login_results
+      failed_when: false
+
+    - name: Display login results
+      ansible.builtin.debug:
+        msg: "Docker login to {{ item.item }}: {% if item.failed %}FAILED{% else %}SUCCESS{% endif %}"
+      when: 
+        - registry_password | string | trim != ''
+        - registry_accessible == 'true'
+      loop: "{{ docker_login_results.results | default([]) }}"
+      loop_control:
+        label: "{{ item.item }}"
 
     - name: Deploy application stack with new image
       shell: |