ansible-podman-collections
ansible-podman-collections copied to clipboard
Pushing an image with `/` in the name to a remote registry does not work
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
Pushing an image with /
in the name to a remote registry does not work.
Steps to reproduce the issue:
-
Set up a registry at
localhost:5000
-
Build an image with a slash in the name, e.g.
jlk/archlinux
(or justfoo/bar
) -
Try to push the image to the remote registry with the
containers.podman.podman_image
module
Describe the results you received: An error (see below).
Describe the results you expected: Successful push.
Additional information you deem important (e.g. issue happens only occasionally):
The code only appends the destination argument when /
is not present in the name: https://github.com/containers/ansible-podman-collections/blob/c3b38b54a95a40588cda7124b1879bc161c7f08d/plugins/modules/podman_image.py#L755-L757
So in my case the module executes only podman push jlk/archlinux
and the destination gets resolved to docker.io
via unqualified-search-registries
configuration. However, if the destination was not omitted, the command would be podman push jlk/archlinux jlk.fjfi.cvut.cz:5000/jlk/archlinux
(and running this manually succeeds).
Version of the containers.podman
collection:
ansible-galaxy collection list | grep containers.podman
containers.podman 1.12.0
Output of ansible --version
:
ansible [core 2.16.6]
config file = None
configured module search path = ['/home/lahwaacz/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.11/site-packages/ansible
ansible collection location = /home/lahwaacz/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible
python version = 3.11.8 (main, Feb 12 2024, 14:50:05) [GCC 13.2.1 20230801] (/usr/bin/python)
jinja version = 3.1.3
libyaml = True
Output of podman version
:
Client: Podman Engine
Version: 5.0.2
API Version: 5.0.2
Go Version: go1.22.2
Git Commit: 3304dd95b8978a8346b96b7d43134990609b3b29-dirty
Built: Thu Apr 18 13:13:19 2024
OS/Arch: linux/amd64
Playbok you run with ansible (e.g. content of playbook.yaml
):
- name: Push container images to a registry
hosts: jlk.fjfi.cvut.cz
remote_user: root
tasks:
- name: Push jlk/archlinux
containers.podman.podman_image:
name: "jlk/archlinux"
state: present
push: true
push_args:
destination: "localhost:5000/jlk/archlinux"
Command line and output of ansible run with high verbosity
ansible-playbook playbooks/update_container_images.yml -vvv
TASK [Push jlk/archlinux] ************************************************************************************************************************************************************************
task path: /home/lahwaacz/Bbox/ansible_servers/playbooks/update_container_images.yml:21
Using module file /usr/lib/python3.11/site-packages/ansible_collections/containers/podman/plugins/modules/podman_image.py
Pipelining is enabled.
<jlk.fjfi.cvut.cz> ESTABLISH SSH CONNECTION FOR USER: root
<jlk.fjfi.cvut.cz> SSH: EXEC /usr/bin/ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o 'User="root"' -o ConnectTimeout=5 -o 'ControlPath="/home/lahwaacz/.cache/ansible/cp/7627a66300"' jlk.fjfi.cvut.cz '/bin/sh -c '"'"'/usr/bin/python3.11 && sleep 0'"'"''
<jlk.fjfi.cvut.cz> (1, b'\n{"failed": true, "msg": "Failed to push image jlk/archlinux:latest: Getting image source signatures\\nCopying blob sha256:6bee94a4a1b627970f11e44dbc5d82469651a0602d9caaafb4b470aa7d600213\\nCopying blob sha256:44fc13d1bfdc97871509897d397c8572d3473acd3df0dd9678e1fb689600aa9f\\nCopying blob sha256:8044dc5ce688f2e23c62bdf2ef25a97433df55fd666396ed23872e2b73f528ef\\nCopying blob sha256:462418d25e9d74362ae344dc48d5135ad8b9c28ab56f6e138e3489a17be71716\\nCopying blob sha256:7db2177b9e19a3f80025cbe88878635b86866fe73c12d116ed5b19b4e06510bc\\nCopying blob sha256:b0b6bb6d9342f2338e863569381c3a3c0fa14fd76f1bc8cf485c94a2c1fc74e5\\nCopying blob sha256:b349bf96dfe78882980db8b20c3df6c9cb57293a4f8abfe632ebea933323a0dd\\nCopying blob sha256:eefbd616c4baf2547c568008ffcf9cb2f6939f12a72a72ac87c7a0daad8e2cbe\\nError: trying to reuse blob sha256:44fc13d1bfdc97871509897d397c8572d3473acd3df0dd9678e1fb689600aa9f at destination: checking whether a blob sha256:44fc13d1bfdc97871509897d397c8572d3473acd3df0dd9678e1fb689600aa9f exists in docker.io/jlk/archlinux: requested access to the resource is denied\\n", "invocation": {"module_args": {"name": "jlk/archlinux", "state": "present", "push": true, "push_args": {"destination": "localhost:5000/jlk/archlinux", "dest": "localhost:5000/jlk/archlinux", "compress": null, "format": null, "remove_signatures": null, "sign_by": null, "transport": null}, "tag": "latest", "pull": true, "force": false, "executable": "podman", "build": {"force_rm": false, "format": "oci", "cache": true, "rm": true, "annotation": null, "file": null, "volume": null, "extra_args": null, "target": null}, "arch": null, "path": null, "validate_certs": null, "auth_file": null, "username": null, "password": null, "ca_cert_dir": null}}, "warnings": ["Image name and tag are automatically added to push_args[\'dest\']. Destination changed to localhost:5000"]}\n', b'')
<jlk.fjfi.cvut.cz> Failed to connect to the host via ssh:
[WARNING]: Image name and tag are automatically added to push_args['dest']. Destination changed to localhost:5000
fatal: [jlk.fjfi.cvut.cz]: FAILED! => {
"changed": false,
"invocation": {
"module_args": {
"arch": null,
"auth_file": null,
"build": {
"annotation": null,
"cache": true,
"extra_args": null,
"file": null,
"force_rm": false,
"format": "oci",
"rm": true,
"target": null,
"volume": null
},
"ca_cert_dir": null,
"executable": "podman",
"force": false,
"name": "jlk/archlinux",
"password": null,
"path": null,
"pull": true,
"push": true,
"push_args": {
"compress": null,
"dest": "localhost:5000/jlk/archlinux",
"destination": "localhost:5000/jlk/archlinux",
"format": null,
"remove_signatures": null,
"sign_by": null,
"transport": null
},
"state": "present",
"tag": "latest",
"username": null,
"validate_certs": null
}
},
"msg": "Failed to push image jlk/archlinux:latest: Getting image source signatures\nCopying blob sha256:6bee94a4a1b627970f11e44dbc5d82469651a0602d9caaafb4b470aa7d600213\nCopying blob sha256:44fc13d1bfdc97871509897d397c8572d3473acd3df0dd9678e1fb689600aa9f\nCopying blob sha256:8044dc5ce688f2e23c62bdf2ef25a97433df55fd666396ed23872e2b73f528ef\nCopying blob sha256:462418d25e9d74362ae344dc48d5135ad8b9c28ab56f6e138e3489a17be71716\nCopying blob sha256:7db2177b9e19a3f80025cbe88878635b86866fe73c12d116ed5b19b4e06510bc\nCopying blob sha256:b0b6bb6d9342f2338e863569381c3a3c0fa14fd76f1bc8cf485c94a2c1fc74e5\nCopying blob sha256:b349bf96dfe78882980db8b20c3df6c9cb57293a4f8abfe632ebea933323a0dd\nCopying blob sha256:eefbd616c4baf2547c568008ffcf9cb2f6939f12a72a72ac87c7a0daad8e2cbe\nError: trying to reuse blob sha256:44fc13d1bfdc97871509897d397c8572d3473acd3df0dd9678e1fb689600aa9f at destination: checking whether a blob sha256:44fc13d1bfdc97871509897d397c8572d3473acd3df0dd9678e1fb689600aa9f exists in docker.io/jlk/archlinux: requested access to the resource is denied\n"
}
Additional environment details (AWS, VirtualBox, physical, etc.):