herve4m / herve4m.quay / 1.2.0 / module / quay_repository Manage Quay Container Registry repositories | "added in version" 0.0.1 of herve4m.quay" Authors: Herve Quatremain (@herve4m)herve4m.quay.quay_repository (1.2.0) — module
Install with ansible-galaxy collection install herve4m.quay:==1.2.0
collections: - name: herve4m.quay version: 1.2.0
Create, delete, and update repositories in Quay Container Registry.
- name: Ensure repository smallimage exists in the production organization herve4m.quay.quay_repository: name: production/smallimage visibility: private description: | # My first repository * smallimage is a small GNU/linux container image * Use podman to start a container using that image perms: - name: operators type: team role: read - name: lvasquez type: user role: read - name: production+automationrobot type: user role: admin state: present quay_host: https://quay.example.com quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
- name: Ensure repository bigimage exists in my namespace herve4m.quay.quay_repository: name: bigimage visibility: public perms: - name: dwilde type: user role: write state: present quay_host: https://quay.example.com quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
- name: Ensure repository development/testimg does not exist herve4m.quay.quay_repository: name: development/testimg state: absent quay_host: https://quay.example.com quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
- name: Ensure the repository has the exact set of permissions herve4m.quay.quay_repository: name: production/smallimage perms: - name: operators type: team role: admin - name: managers type: team role: read - name: developers type: team role: read - name: production+auditrobot type: user role: read append: false state: present quay_host: https://quay.example.com quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
- name: Ensure the repository has a star and tags older that 4 weeks are pruned herve4m.quay.quay_repository: name: production/smallimage star: true auto_prune_method: date auto_prune_value: 4w state: present quay_host: https://quay.example.com quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
# You must enable the mirroring capability of your Quay installation # to use the repo_state parameter. - name: Ensure the repository is prepared for mirroring herve4m.quay.quay_repository: name: production/smallimage repo_state: MIRROR state: present quay_host: https://quay.example.com quay_token: vgfH9zH5q6eV16Con7SvDQYSr0KPYQimMHVehZv7
name: description: - Name of the repository to create, remove, or modify. The format for the name is C(namespace)/C(shortname). The namespace can be an organization or a personal namespace. - The name must be in lowercase and must not contain white spaces. - If you omit the namespace part in the name, then the module uses your personal namespace. required: true type: str star: description: - If C(yes), then add a star to the repository. If C(no), then remove the star. - To star or unstar a repository you must provide the I(quay_token) parameter to authenticate. If you are not authenticated, then the module ignores the I(star) parameter. type: bool perms: description: - User, robot, and team permissions to associate with the repository. elements: dict suboptions: name: description: - Name of the account. The format for robot accounts is C(namespace)+C(shortrobotname). required: true type: str role: choices: - read - write - admin default: read description: - Type of permission to grant. type: str type: choices: - user - team default: user description: - Specifies the type of the account. Choose C(user) for both user and robot accounts. type: str type: list state: choices: - absent - present default: present description: - If C(absent), then the module deletes the repository. - The module does not fail if the repository does not exist, because the state is already as expected. - If C(present), then the module creates the repository if it does not already exist. - If the repository already exists, then the module updates its state. type: str append: default: true description: - If C(yes), then add the permission defined in I(perms) to the repository. - If C(no), then the module sets the permissions specified in I(perms), removing all others permissions from the repository. type: bool quay_host: default: http://127.0.0.1 description: - URL for accessing the API. U(https://quay.example.com:8443) for example. - If you do not set the parameter, then the module uses the C(QUAY_HOST) environment variable. - If you do no set the environment variable either, then the module uses the U(http://127.0.0.1) URL. type: str quay_token: description: - OAuth access token for authenticating against the API. - If you do not set the parameter, then the module tries the C(QUAY_TOKEN) environment variable. - Mutually exclusive with I(quay_username) and I(quay_password). type: str repo_state: choices: - NORMAL - READ_ONLY - MIRROR description: - If C(NORMAL), then the repository is in the default state (read/write). - If C(READ_ONLY), then the repository is read-only. - If C(MIRROR), then the repository is a mirror and you can configure it by using the M(herve4m.quay.quay_repository_mirror) module. - You must enable the mirroring capability of your Quay installation to use this I(repo_state) parameter. type: str visibility: choices: - public - private description: - If C(public), then anyone can pull images from the repository. - If C(private), then nobody can access the repository and you need to explicitly grant access to users, robots, and teams. - If you do not set the parameter when you create a repository, then it defaults to C(private). type: str description: description: - Text in Markdown format that describes the repository. type: str quay_password: description: - The password to use for authenticating against the API. - If you do not set the parameter, then the module tries the C(QUAY_PASSWORD) environment variable. - If you set I(quay_password), then you also need to set I(quay_username). - Mutually exclusive with I(quay_token). type: str quay_username: description: - The username to use for authenticating against the API. - If you do not set the parameter, then the module tries the C(QUAY_USERNAME) environment variable. - If you set I(quay_username), then you also need to set I(quay_password). - Mutually exclusive with I(quay_token). type: str validate_certs: aliases: - verify_ssl default: true description: - Whether to allow insecure connections to the API. - If C(no), then the module does not validate SSL certificates. - If you do not set the parameter, then the module tries the C(QUAY_VERIFY_SSL) environment variable (C(yes), C(1), and C(True) mean yes, and C(no), C(0), C(False), and no value mean no). type: bool auto_prune_value: description: - Number of tags to keep when I(auto_prune_value) is C(tags). The value must be 1 or more. - Period of time when I(auto_prune_value) is C(date). The value must be 1 or more, and must be followed by a suffix; s (for second), m (for minute), h (for hour), d (for day), or w (for week). - I(auto_prune_method) is required when I(auto_prune_value) is set. type: str auto_prune_method: choices: - none - tags - date description: - Method to use for the auto-pruning tags policy. - If C(none), then the module ensures that no policy is in place. The tags are not pruned. - If C(tags), then the policy keeps only the number of tags that you specify in I(auto_prune_value). - If C(date), then the policy deletes the tags older than the time period that you specify in I(auto_prune_value). - I(auto_prune_value) is required when I(auto_prune_method) is C(tags) or C(date). type: str