added ECR login for podman containers needed [debyltech]

ansible/roles/podman/tasks/container-fulfillr.yml

@@ -1,4 +1,6 @@
 ---
+- import_tasks: podman-ecr-login.yml
+
 - name: create fulfillr host directory volumes
   become: true
   ansible.builtin.file:
@@ -35,7 +37,7 @@
   become_user: "{{ podman_user }}"
   containers.podman.podman_container:
     name: fulfillr
-    image: "{{ aws_ecr_endpoint }}/fulfillr:20230503.1628"
+    image: "{{ aws_ecr_endpoint }}/fulfillr:20230505.1608"
     command: --config /config/production.json
     recreate: true
     restart: true

ansible/roles/podman/tasks/podman-ecr-login.yml

@@ -0,0 +1,25 @@
+---
+- name: fetch aws ecr auth token
+  become: true
+  become_user: podman
+  shell: |
+    aws ecr get-authorization-token --region us-east-1
+  register: ecr_command
+  tags: always
+
+- set_fact:
+    ecr_authorization_data: "{{ (ecr_command.stdout | from_json).authorizationData[0] }}"
+  tags: always
+
+- set_fact:
+    ecr_credentials: "{{ (ecr_authorization_data.authorizationToken | b64decode).split(':') }}"
+  tags: always
+
+- name: podman login to AWS ECR
+  become: true
+  become_user: podman
+  containers.podman.podman_login:
+    registry: "{{ aws_ecr_endpoint }}"
+    username: "{{ ecr_credentials[0] }}"
+    password: "{{ ecr_credentials[1] }}"
+  tags: always

ansible/roles/podman/tasks/podman.yml

@@ -115,4 +115,4 @@
   ansible.builtin.shell: |
     set -o pipefail && cat /etc/subuid | awk -F':' '/{{ podman_user }}/{ print $2 }' | head -n 1
   register: podman_subuid
-  tags: always
+  tags: always