166 lines
4.5 KiB
YAML
166 lines
4.5 KiB
YAML
---
|
|
- import_tasks: precheck.yml
|
|
tags:
|
|
- always
|
|
|
|
- name: From image {{ source_image }}
|
|
command: buildah from {{ source_image }}
|
|
register: from_image_cmd
|
|
retries: 3
|
|
delay: 5
|
|
until: from_image_cmd is succeeded
|
|
|
|
- name: Set from_image
|
|
set_fact:
|
|
from_image: "{{ from_image_cmd.stdout }}"
|
|
|
|
- name: Run buildah config
|
|
command: >
|
|
buildah config
|
|
--label modified_append_tag={{ modified_append_tag }}
|
|
--workingdir / {{ from_image }}
|
|
|
|
- name: Create tempfile name for yum_update.sh
|
|
tempfile:
|
|
state: file
|
|
register: yum_update
|
|
|
|
- name: Identify the primary package manager (dnf or yum)
|
|
shell: command -v dnf || command -v yum
|
|
register: pkg_mgr_output
|
|
|
|
- name: Set fact for the used package manager binary
|
|
set_fact:
|
|
pkg_mgr: "{{ pkg_mgr_output.stdout }}"
|
|
|
|
- name: Set fact for the used cache path
|
|
set_fact:
|
|
cache_path: /var/cache/{{ pkg_mgr.split('/')[-1] }}
|
|
|
|
- import_tasks: copy_rpms.yml
|
|
|
|
- name: Prepare yum_update.sh script
|
|
template:
|
|
src: yum_update.sh.j2
|
|
dest: "{{ yum_update.path }}"
|
|
mode: 0755
|
|
|
|
- name: List file repos
|
|
shell: sed -n 's|baseurl=file://||p' *.repo
|
|
args:
|
|
chdir: "{{ yum_repos_dir_path }}"
|
|
register: file_repos
|
|
when: rpms_path is undefined
|
|
|
|
- name: Define bind-mount modes for yum cache to be populated or used
|
|
when: yum_cache is defined and yum_cache
|
|
block:
|
|
- name: Check for the cache existence
|
|
stat:
|
|
path: "{{ yum_cache }}"
|
|
get_checksum: false
|
|
register: yum_cache_stat
|
|
|
|
- name: Check for the cache contents
|
|
shell: ls -A {{ yum_cache }}
|
|
register: yum_cache_contents
|
|
when: yum_cache_stat.stat.exists|default()
|
|
|
|
- name: Purge the cache on host
|
|
file:
|
|
path: "{{ yum_cache }}"
|
|
state: absent
|
|
when:
|
|
- force_purge_yum_cache|bool
|
|
- yum_cache_contents is defined
|
|
- yum_cache_contents.stdout
|
|
|
|
- name: Ensure the cache path exists
|
|
file:
|
|
path: "{{ yum_cache }}"
|
|
state: directory
|
|
mode: 0755
|
|
setype: svirt_sandbox_file_t
|
|
when: not yum_cache_stat.stat.exists|default()
|
|
|
|
- name: Check if the cache path has been already mounted
|
|
command: findmnt {{ yum_cache }}
|
|
register: findmnt_result
|
|
failed_when: false
|
|
|
|
- name: Use the pre-populated non-empty cache as an overlay fs
|
|
set_fact:
|
|
cache_volume: "{{ yum_cache }}:{{ cache_path }}:O"
|
|
when:
|
|
- yum_cache_stat.stat.exists|default()
|
|
- yum_cache_contents.stdout
|
|
- findmnt_result.rc != 0
|
|
|
|
- name: Define the cache populating mode otherwise
|
|
set_fact:
|
|
cache_volume: "{{ yum_cache }}:{{ cache_path }}:rw,z"
|
|
when: cache_volume is not defined
|
|
|
|
- block:
|
|
- name: Run yum_update.sh
|
|
command: >
|
|
buildah run
|
|
--volume {{ yum_update.path }}:/tmp/yum_update.sh
|
|
--volume {{ yum_repos_dir_path }}:/etc/yum.repos.d
|
|
--volume /etc/pki:/etc/pki
|
|
{% if cache_volume is defined and cache_volume %}
|
|
--volume {{ cache_volume }}
|
|
{% endif %}
|
|
{% for repo in file_repos.stdout_lines %}
|
|
{% if repo is exists %}
|
|
--volume {{ repo }}:{{ repo }}
|
|
{% endif %}
|
|
{% endfor %}
|
|
--user root
|
|
--net host
|
|
{{ from_image }}
|
|
/tmp/yum_update.sh "{{ update_repo }}"
|
|
register: result
|
|
|
|
rescue:
|
|
- name: Run yum_update.sh (retry without yum cache)
|
|
command: >
|
|
buildah --debug run
|
|
--volume {{ yum_update.path }}:/tmp/yum_update.sh
|
|
--volume {{ yum_repos_dir_path }}:/etc/yum.repos.d
|
|
--volume /etc/pki:/etc/pki
|
|
{% for repo in file_repos.stdout_lines %}
|
|
{% if repo is exists %}
|
|
--volume {{ repo }}:{{ repo }}
|
|
{% endif %}
|
|
{% endfor %}
|
|
--user root
|
|
--net host
|
|
{{ from_image }}
|
|
bash -x /tmp/yum_update.sh "{{ update_repo }}"
|
|
retries: 2
|
|
delay: 3
|
|
register: result
|
|
until: result.rc == 0
|
|
|
|
- name: Remove temporary yum_update.sh script
|
|
file:
|
|
path: "{{ yum_update.path }}"
|
|
state: absent
|
|
|
|
# NOTE(aschultz): remove --format docker when oci images are properly supported
|
|
- name: Commit changes to image
|
|
({{ target_image | default(source_image) }}{{ modified_append_tag }})
|
|
command: >
|
|
buildah commit
|
|
--format docker
|
|
{{ from_image }}
|
|
{{ target_image | default(source_image) }}{{ modified_append_tag }}
|
|
|
|
- name: Cleanup working container
|
|
command: >
|
|
buildah rm {{ from_image }}
|
|
retries: 5
|
|
delay: 5
|
|
ignore_errors: true
|