--- - name: Create download directory file: dest: "{{ raspios_download_dir }}" state: directory - name: fetch imageutility os list from download server check_mode: no uri: url: "{{ raspios_download_url }}/os_list_imagingutility_v4.json" body_format: json register: raspios_os_list_imagingutility - set_fact: raspios_download_url_image: "{{ raspios_os_list_imagingutility.json.os_list | raspios_extract_latest_image_download_url(raspios_variant, raspios_codename, raspios_arch) }}" - name: download the raspios image block: - name: download sha256sum and signature loop: - sha256 - sig get_url: url: "{{ raspios_download_url_image }}.{{ item }}" dest: "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}.{{ item }}" - name: extract SHA256 hash of the image archive command: grep '{{ raspios_download_image_base_name }}' "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}.sha256" changed_when: False register: sha256 - name: download image get_url: url: "{{ raspios_download_url_image }}" dest: "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}" checksum: sha256:{{ sha256.stdout.split(' ') | first }} - name: check OpenPGP signature command: >- gpgv --keyring "{{ global_files_dir }}/common/keyrings/raspberrypi-downloads.gpg" "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}.sig" "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}" changed_when: False register: raspios_image_gpg_result - debug: var: raspios_image_gpg_result.stderr_lines rescue: - name: delete downloaded artifacts loop: - "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}-sha256" - "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}.sig" - "{{ raspios_download_dir }}/{{ raspios_download_image_base_name }}" file: path: "{{ item }}" state: absent - name: the download has failed... fail: msg: Something borked