search

containers / ansible-podman-collections

Repository for Ansible content that can include playbooks, roles, modules, and plugins for use with the Podman tool
GNU General Public License v3.0
262 stars 142 forks source link

push_args destination now requires full path with image name and tag when default transport is used #830

Open jakestec opened 2 weeks ago

jakestec commented 2 weeks ago

Hello,

I've been using the latest collection version (v1.15.4) with an existing playbook to build container images. When I went to push a new image today I got the following error related to the line of code below:

Destination must be a full URL or path to a directory.

https://github.com/containers/ansible-podman-collections/blob/552af3ef7ff62706ec4bd88e8f962e069c66eddc/plugins/modules/podman_image.py#L795

My task:

container_registry: "my.registry.domain.name"
...
    - name: Create and push EE => "{{ ee_name }}:{{ ee_tag }}"
      containers.podman.podman_image:
        name: "{{ ee_name }}"
        tag: "{{ ee_tag }}"
        path: "{{ ansible_env.PWD }}/build"
        push: true
        auth_file: "{{ lookup('ansible.builtin.env', 'XDG_RUNTIME_DIR') }}/containers/auth.json"
        validate_certs: true
        push_args:
          dest: "{{ container_registry }}"

Debugging I can see its not forming the push arguments correctly:

    "podman_actions": [
        "/usr/bin/podman image ls rcnet-ee:1.9 --format json",
        "/usr/bin/podman inspect rcnet-ee:1.9 --format json",
        "/usr/bin/podman push --tls-verify --authfile /run/user/1001/containers/auth.json my-ee:1.9 my.registry.domain.name",

We should see:

 "/usr/bin/podman push --tls-verify --authfile /run/user/1001/containers/auth.json my-ee:1.9 my.registry.domain.name/my-ee:1.9",

The above task is working in v1.12.1. I was able to fix the issue by modifying the destination in the task to include the image name and tag like so:

    - name: Create and push EE => "{{ ee_name }}:{{ ee_tag }}"
      containers.podman.podman_image:
        name: "{{ ee_name }}"
        tag: "{{ ee_tag }}"
        path: "{{ ansible_env.PWD }}/build"
        push: true
        auth_file: "{{ lookup('ansible.builtin.env', 'XDG_RUNTIME_DIR') }}/containers/auth.json"
        validate_certs: true
        push_args:
          dest: "{{ container_registry }}/{{ ee_name }}:{{ ee_tag }}"

I am not sure if this is intended, or an unplanned side effect of the changes implemented by https://github.com/containers/ansible-podman-collections/commit/4985d484155b2a0d6f90f21da99e6f152aad3d02 when doing some further checking on the transport type.

sshnaidm commented 2 weeks ago

It would help more if instead of putting variables names "{{ ee_name }}" you put real values, hard to guess what you pass to the task. If you pass dest as my.registry.domain.name only, it won't work, you need to set a name as well. The issue is that it worked before while it shouldn't have. The Podman itself fails if you pass the registry only in command line. We stick to Podman behavior now. It's kind of side-effect of fixing other issues with transports and adding another features for pushing, we don't have a way to understand either it's a different image, registry, archive or anything else in dest, neither Podman does. That's why it's required now to put exactly what you need in dest (exactly as in Podman command line).