RedHatGov · cadjai · Mar 23, 2021 · Mar 23, 2021
diff --git a/post-deploy-fix-unsuppoted-registry-config.yml b/post-deploy-fix-unsuppoted-registry-config.yml
@@ -0,0 +1,66 @@
+- name: ' Konductor | Provision UPI Infra | post-deploy-fix-unsuppoted-registry-config.yml'
+  hosts: localhost
+  become: yes
+  vars_files:
+    - '../vars/vault.yml'
+    - '../vars/disconnected_olm.yml'
+  vars:
+    ansible_python_interpreter: /usr/bin/python3
+    module: "Fix-Unsupported-operators"
+    ansible_name_module: " Post Cluster Installation | {{ module }}"
+  pre_tasks:
+    - name: Authenticate with the API
+      command: >
+        {{ openshift_cli }} login \
+          -u {{ ocp_cluster_user_user }} \
+          -p {{ ocp_cluster_user_password }} \
+          --insecure-skip-tls-verify=true {{ ocp_cluster_console_url }}:{{ ocp_cluster_console_port | d('6443', true) }}
+      register: login_out
+
+  tasks:
+    - name: '{{ ansible_name_module }} | fix Unsupported Registry Configuration'
+      block:
+        - name: '{{ ansible_name_module }} | assert | Registry hostname is provided'
+          assert:
+            that:
+              - registry_host_fqdn is defined
+              - registry_host_fqdn != ""
+            msg: "The registry FQDN or endpoint is required. If the post is not 443 make you set registry_host_port as well" 
+
+        - name: '{{ ansible_name_module }} | set_fact |Fix registry port'
+          set_fact:
+            registry_host_port_fixed: "{{':' + registry_host_port if registry_host_port is defined and registry_host_port | int > 0 else '' }}"
+            registry_local_ocp_repository: "{{'/' + ocp_local_repository if ocp_local_repository is defined and ocp_local_repository != ''  else '' }}"
+            registry_local_operator_repository: "{{'/' + local_repository if local_repository is defined and local_repository != ''  else '' }}"
+
+        - name: '{{ ansible_name_module }} | template | Copy registry config to staging location'
+          template: 
+            src: "templates/registry.conf.j2"
+            dest: "{{ staging_dir | d('/tmp', true) }}/registry.conf"
+            force: yes
+          register: registry_conf_copied
+
+        - name: '{{ ansible_name_module }} | command:cat | Load registry_conf'
+          shell: cat {{ staging_dir | d('/tmp', true) }}/registry.conf  
+          when:
+            - registry_conf_copied is defined
+          register: registry_conf_loaded
+
+        - name: '{{ ansible_name_module }} | template | Copy unsupported config to staging location'
+          vars:
+            registry_conf_data: "{{ registry_conf_loaded.stdout }}"
+          template: 
+            src: "templates/unsupported-operators-mc.yml.j2"
+            dest: "{{ staging_dir | d('/tmp', true) }}/unsupported-operators-mc.yml"
+            force: yes
+          when:
+            - registry_conf_loaded is defined
+            - registry_conf_loaded.rc is defined and registry_conf_loaded.rc == 0
+            - registry_conf_loaded.stdout is defined and registry_conf_loaded.stdout != ""
+          register: uomc_copied
+
+        - name: '{{ ansible_name_module }} | command:{{ openshift_cli }} apply | deploy unsupported config '
+          command: >
+            {{ openshift_cli }} apply -f {{ staging_dir | d('/tmp', true) }}/unsupported-operators-mc.yml 
+          register: uomc_deployed
+
diff --git a/templates/registry.conf.j2 b/templates/registry.conf.j2
@@ -0,0 +1,82 @@
+unqualified-search-registries = ["registry.access.redhat.com", "docker.io"]
+
+[[registry]]
+  prefix = ""
+  location = "quay.io/openshift-release-dev/ocp-release"
+  mirror-by-digest-only = false
+
+  [[registry.mirror]]
+    location = "{{ registry_host_fqdn }}{{ registry_host_port_fixed }}{{ registry_local_ocp_repository }}/openshift-release-dev"
+
+[[registry]]
+  prefix = ""
+  location = "quay.io/openshift-release-dev/ocp-v4.0-art-dev"
+  mirror-by-digest-only = false
+
+  [[registry.mirror]]
+    location = "{{ registry_host_fqdn }}{{ registry_host_port_fixed }}{{ registry_local_ocp_repository }}/openshift-release-dev"
+
+[[registry]]
+  prefix = ""
+  location = "registry.redhat.io"
+  mirror-by-digest-only = false
+  insecure = true
+
+  [[registry.mirror]]
+    location = "{{ registry_host_fqdn }}{{ registry_host_port_fixed }}{{ registry_local_operator_repository }}"
+    insecure = true
+
+[[registry]]
+  prefix = ""
+  location = "quay.io"
+  mirror-by-digest-only = false
+  insecure = true
+
+  [[registry.mirror]]
+    location = "{{ registry_host_fqdn }}{{ registry_host_port_fixed }}{{ registry_local_operator_repository }}"
+    insecure = true
+
+[[registry]]
+  prefix = ""
+  location = "docker.io"
+  mirror-by-digest-only = false
+  insecure = true
+
+  [[registry.mirror]]
+    location = "{{ registry_host_fqdn }}{{ registry_host_port_fixed }}{{ registry_local_operator_repository }}"
+    insecure = true
+
+[[registry]]
+  prefix = ""
+  location = "registry.connect.redhat.com"
+  mirror-by-digest-only = false
+  insecure = true
+
+  [[registry.mirror]]
+    location = "{{ registry_host_fqdn }}{{ registry_host_port_fixed }}{{ registry_local_operator_repository }}"
+    insecure = true
+
+[[registry]]
+  prefix = ""
+  location = "gcr.io"
+  mirror-by-digest-only = false
+  insecure = true
+
+  [[registry.mirror]]
+    location = "{{ registry_host_fqdn }}{{ registry_host_port_fixed }}{{ registry_local_operator_repository }}"
+    insecure = true
+
+[[registry]]
+  prefix = ""
+  location = "registry.access.redhat.com"
+  mirror-by-digest-only = false
+  insecure = true
+
+  [[registry.mirror]]
+    location = "{{ registry_host_fqdn }}{{ registry_host_port_fixed }}{{ registry_local_operator_repository }}"
+    insecure = true
+
+[[registry]]
+  prefix = ""
+  location = "{{ registry_host_fqdn }}{{ registry_host_port_fixed }}{{ registry_local_operator_repository }}"
+  insecure = true
diff --git a/templates/unsupported-operators-mc.yml.j2 b/templates/unsupported-operators-mc.yml.j2
@@ -0,0 +1,25 @@
+apiVersion: machineconfiguration.openshift.io/v1
+kind: MachineConfig
+metadata:
+  annotations:
+  labels:
+    machineconfiguration.openshift.io/role: worker
+  name: 99-zworker-container-registry-conf
+spec:
+  config:
+    ignition:
+      version: {{ ignition_config_version | d('3.2.0') }}
+    storage:
+      files:
+      - contents:
+          source: data:text/plain;charset=utf-8;base64,{{ registry_conf_data | b64encode }}
+          verification: {}
+        filesystem: root
+        mode: 420
+        overwrite: true
+        path: /etc/containers/registries.conf
+  extensions: null
+  fips: false
+  kernelArguments: null
+  kernelType: ""
+  osImageURL: ""        
diff --git a/vars/registry.yml b/vars/registry.yml
@@ -0,0 +1,17 @@
+---
+
+openshift_cli: '/usr/bin/oc'
+registry_host_fqdn: '{{ vault_registry_host_fqdn }}'
+registry_host_port: '0'
+local_repository: ''  ### used for local operator repo on registry
+ocp_local_repository: '' ### used for local ocp repo on registry
+ocp_cluster_user_user: '{{ vault_ocp_cluster_user_user }}'
+ocp_cluster_user_password: '{{ vault_ocp_cluster_user_password }}'
+ocp_cluster_console_url: '{{ vault_ocp_cluster_console_url }}'
+ocp_cluster_console_port: '6443'
+staging_dir: '/tmp'
+ignition_config_version: ''
+
+#####################################################################################################
+# End of user configurable variables
+#####################################################################################################
diff --git a/vars/vault.yml.example b/vars/vault.yml.example
@@ -0,0 +1,7 @@
+### use this template as sample to create your vault file by populating the following variables
+vault_registry_host_fqdn: ''
+
+### Variable for OCP cluster 
+vault_ocp_cluster_user_user: ''
+vault_ocp_cluster_user_password: ''
+vault_ocp_cluster_console_url: ''