--- - import_tasks: precheck.yml tags: - always - name: From image {{ source_image }} command: buildah from {{ source_image }} register: from_image_cmd - name: Set from_image set_fact: from_image: "{{ from_image_cmd.stdout }}" - name: Run buildah config command: > buildah config --label modified_append_tag={{ modified_append_tag }} --workingdir / {{ from_image }} - name: Create tempfile name for yum_update.sh tempfile: state: file register: yum_update - name: Identify the primary package manager (dnf or yum) shell: command -v dnf || command -v yum register: pkg_mgr_output - name: Set fact for the used package manager binary set_fact: pkg_mgr: "{{ pkg_mgr_output.stdout }}" - name: Set fact for the used cache path set_fact: cache_path: /var/cache/{{ pkg_mgr.split('/')[-1] }} - name: Prepare yum_update.sh script template: src: yum_update.sh.j2 dest: "{{ yum_update.path }}" mode: 0755 - name: List file repos shell: sed -n 's|baseurl=file://||p' *.repo args: chdir: "{{ yum_repos_dir_path }}" register: file_repos - name: Define bind-mount modes for yum cache to be populated or used when: yum_cache is defined and yum_cache block: - name: Check for the cache existence stat: path: "{{ yum_cache }}" get_checksum: false register: yum_cache_stat - name: Check for the cache contents shell: ls -A {{ yum_cache }} register: yum_cache_contents when: yum_cache_stat.stat.exists|default() - name: Purge the cache on host file: path: "{{ yum_cache }}" state: absent when: - force_purge_yum_cache|bool - yum_cache_contents is defined - yum_cache_contents.stdout - name: Ensure the cache path exists file: path: "{{ yum_cache }}" state: directory mode: 0755 setype: svirt_sandbox_file_t when: not yum_cache_stat.stat.exists|default() - name: Use the pre-populated non-empty cache as an overlay fs set_fact: cache_volume: "{{ yum_cache }}:{{ cache_path }}:O" when: - yum_cache_stat.stat.exists|default() - yum_cache_contents.stdout - name: Define the cache populating mode otherwise set_fact: cache_volume: "{{ yum_cache }}:{{ cache_path }}:rw,z" when: cache_volume is not defined - block: - name: Run yum_update.sh command: > buildah run --volume {{ yum_update.path }}:/tmp/yum_update.sh --volume {{ yum_repos_dir_path }}:/etc/yum.repos.d --volume /etc/pki:/etc/pki {% if cache_volume is defined and cache_volume %} --volume {{ cache_volume }} {% endif %} {% for repo in file_repos.stdout_lines %} {% if repo is exists %} --volume {{ repo }}:{{ repo }} {% endif %} {% endfor %} --user root --net host {{ from_image }} /tmp/yum_update.sh "{{ update_repo }}" register: result rescue: - name: Run yum_update.sh (retry) command: > buildah --debug run --volume {{ yum_update.path }}:/tmp/yum_update.sh --volume {{ yum_repos_dir_path }}:/etc/yum.repos.d --volume /etc/pki:/etc/pki {% if cache_volume is defined and cache_volume %} --volume {{ cache_volume }} {% endif %} {% for repo in file_repos.stdout_lines %} {% if repo is exists %} --volume {{ repo }}:{{ repo }} {% endif %} {% endfor %} --user root --net host {{ from_image }} bash -x /tmp/yum_update.sh "{{ update_repo }}" retries: 2 delay: 3 register: result until: result.rc == 0 - name: Remove temporary yum_update.sh script file: path: "{{ yum_update.path }}" state: absent - name: Commit changes to image ({{ target_image | default(source_image) }}{{ modified_append_tag }}) command: > buildah commit {{ from_image }} {{ target_image | default(source_image) }}{{ modified_append_tag }} - name: Cleanup working container command: > buildah rm {{ from_image }} retries: 5 delay: 5 ignore_errors: true