diff options
Diffstat (limited to 'roles/installer/raspios/image/tasks/fetch.yml')
-rw-r--r-- | roles/installer/raspios/image/tasks/fetch.yml | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/roles/installer/raspios/image/tasks/fetch.yml b/roles/installer/raspios/image/tasks/fetch.yml new file mode 100644 index 00000000..bbde6bdf --- /dev/null +++ b/roles/installer/raspios/image/tasks/fetch.yml @@ -0,0 +1,60 @@ +--- +- name: Create download directory + file: + dest: "{{ raspios_download_dir }}" + state: directory + +- name: fetch imageutility os list from download server + check_mode: no + uri: + url: "{{ raspios_download_url }}/os_list_imagingutility_v4.json" + body_format: json + register: raspios_os_list_imagingutility + +- set_fact: + raspios_download_url_image: "{{ raspios_os_list_imagingutility.json.os_list | raspios_extract_latest_image_download_url(raspios_variant, raspios_codename, raspios_arch) }}" + +- name: download the raspios image + block: + - name: download sha256sum and signature + loop: + - sha256 + - sig + get_url: + url: "{{ raspios_download_url_image }}.{{ item }}" + dest: "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}.{{ item }}" + + - name: extract SHA256 hash of the image archive + command: grep '{{ raspios_download_image_base_name }}' "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}.sha256" + changed_when: False + register: sha256 + + - name: download image + get_url: + url: "{{ raspios_download_url_image }}" + dest: "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}" + checksum: sha256:{{ sha256.stdout.split(' ') | first }} + + - name: check OpenPGP signature + command: >- + gpgv --keyring "{{ global_files_dir }}/common/keyrings/raspberrypi-downloads.gpg" + "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}.sig" "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}" + changed_when: False + register: raspios_image_gpg_result + + - debug: + var: raspios_image_gpg_result.stderr_lines + + rescue: + - name: delete downloaded artifacts + loop: + - "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}-sha256" + - "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}.sig" + - "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}" + file: + path: "{{ item }}" + state: absent + + - name: the download has failed... + fail: + msg: Something borked |