added ECR login for podman containers needed [debyltech]

2023-05-05 12:39:01 -04:00
parent 81fb5b143f
commit c9171b8c2a
3 changed files with 29 additions and 2 deletions
--- a/ansible/roles/podman/tasks/container-fulfillr.yml
+++ b/ansible/roles/podman/tasks/container-fulfillr.yml
@@ -1,4 +1,6 @@
 ---
 - import_tasks: podman-ecr-login.yml
 - name: create fulfillr host directory volumes
  become: true
  ansible.builtin.file:
@@ -35,7 +37,7 @@
  become_user: "{{ podman_user }}"
  containers.podman.podman_container:
    name: fulfillr
-    image: "{{ aws_ecr_endpoint }}/fulfillr:20230503.1628"
+    image: "{{ aws_ecr_endpoint }}/fulfillr:20230505.1608"
    command: --config /config/production.json
    recreate: true
    restart: true
--- a/ansible/roles/podman/tasks/podman-ecr-login.yml
+++ b/ansible/roles/podman/tasks/podman-ecr-login.yml
@@ -0,0 +1,25 @@
 ---
 - name: fetch aws ecr auth token
  become: true
  become_user: podman
  shell: |
    aws ecr get-authorization-token --region us-east-1
  register: ecr_command
  tags: always
 - set_fact:
    ecr_authorization_data: "{{ (ecr_command.stdout | from_json).authorizationData[0] }}"
  tags: always
 - set_fact:
    ecr_credentials: "{{ (ecr_authorization_data.authorizationToken | b64decode).split(':') }}"
  tags: always
 - name: podman login to AWS ECR
  become: true
  become_user: podman
  containers.podman.podman_login:
    registry: "{{ aws_ecr_endpoint }}"
    username: "{{ ecr_credentials[0] }}"
    password: "{{ ecr_credentials[1] }}"
  tags: always
--- a/ansible/roles/podman/tasks/podman.yml
+++ b/ansible/roles/podman/tasks/podman.yml
@@ -115,4 +115,4 @@
  ansible.builtin.shell: |
    set -o pipefail && cat /etc/subuid | awk -F':' '/{{ podman_user }}/{ print $2 }' | head -n 1
  register: podman_subuid
-  tags: always
+  tags: always