From 8f899a1101ec0befefd2186697fc54c3138ec7b0 Mon Sep 17 00:00:00 2001
From: Pavel Chekin <pbchekin@gmail.com>
Date: Mon, 22 Aug 2022 23:13:23 -0700
Subject: [PATCH] Fix containerd (<1.7) configuration for insecure registries
 (#9207)

For the following configuration

```
    containerd_insecure_registries:
      docker.io:
        - dockerhubcache.example.com
```

the rendered /etc/containerd/config.toml contains

```
        [plugins."io.containerd.grpc.v1.cri".registry.configs."docker.io".tls]
          insecure_skip_verify = true
```

but it needs to be

```
        [plugins."io.containerd.grpc.v1.cri".registry.configs."dockerhubcache.example.com".tls]
          insecure_skip_verify = true
```
---
 roles/container-engine/containerd/templates/config.toml.j2 | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/roles/container-engine/containerd/templates/config.toml.j2 b/roles/container-engine/containerd/templates/config.toml.j2
index 463c5aca3..c02ea2034 100644
--- a/roles/container-engine/containerd/templates/config.toml.j2
+++ b/roles/container-engine/containerd/templates/config.toml.j2
@@ -58,7 +58,9 @@ oom_score = {{ containerd_oom_score }}
 {% for registry, addr in containerd_insecure_registries.items() %}
         [plugins."io.containerd.grpc.v1.cri".registry.mirrors."{{ registry }}"]
           endpoint = ["{{ ([ addr ] | flatten ) | join('","') }}"]
-        [plugins."io.containerd.grpc.v1.cri".registry.configs."{{ registry }}".tls]
+{% endfor %}
+{% for addr in containerd_insecure_registries.values() | flatten | unique %}
+        [plugins."io.containerd.grpc.v1.cri".registry.configs."{{ addr }}".tls]
           insecure_skip_verify = true
 {% endfor %}
 {% endif %}
-- 
GitLab