{"id":20155247,"url":"https://github.com/redhat-cop/quay_configuration","last_synced_at":"2025-09-21T10:31:32.463Z","repository":{"id":250287438,"uuid":"833174584","full_name":"redhat-cop/quay_configuration","owner":"redhat-cop","description":"Ansible collection for managing Red Hat Quay","archived":false,"fork":false,"pushed_at":"2025-08-24T20:47:51.000Z","size":887,"stargazers_count":5,"open_issues_count":0,"forks_count":4,"subscribers_count":18,"default_branch":"main","last_synced_at":"2025-08-24T23:56:41.377Z","etag":null,"topics":["automation-cop"],"latest_commit_sha":null,"homepage":"https://galaxy.ansible.com/ui/repo/published/infra/quay_configuration/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/redhat-cop.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.rst","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-07-24T13:55:12.000Z","updated_at":"2025-08-24T20:47:49.000Z","dependencies_parsed_at":"2024-08-22T17:33:09.576Z","dependency_job_id":"42fb6b03-8f35-4e94-be58-86b20cfbb06f","html_url":"https://github.com/redhat-cop/quay_configuration","commit_stats":null,"previous_names":["redhat-cop/quay_configuration"],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/redhat-cop/quay_configuration","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/redhat-cop%2Fquay_configuration","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/redhat-cop%2Fquay_configuration/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/redhat-cop%2Fquay_configuration/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/redhat-cop%2Fquay_configuration/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/redhat-cop","download_url":"https://codeload.github.com/redhat-cop/quay_configuration/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/redhat-cop%2Fquay_configuration/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":276228989,"owners_count":25606937,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-21T02:00:07.055Z","response_time":72,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation-cop"],"created_at":"2024-11-13T23:30:55.274Z","updated_at":"2025-09-21T10:31:32.457Z","avatar_url":"https://github.com/redhat-cop.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Quay Container Registry Collection for Ansible\n\n[![Sanity Test](https://github.com/redhat-cop/quay_configuration/actions/workflows/pre-commit-sanity.yml/badge.svg)](https://github.com/redhat-cop/quay_configuration/actions/workflows/pre-commit-sanity.yml)\n[![Integration Test](https://github.com/redhat-cop/quay_configuration/actions/workflows/ansible-integration.yml/badge.svg)](https://github.com/redhat-cop/quay_configuration/actions/workflows/ansible-integration.yml)\n\n\nThe collection provides modules for managing your Quay Container Registry deployment.\n\n## Included Content\n\nAfter you install the collection, use the `ansible-doc` command to access the collection documentation.\n\n### Modules\n\nRun the `ansible-doc -l infra.quay_configuration` command to list the modules that the collection provides.\nFor accessing the documentation of a module, use the `ansible-doc infra.quay_configuration.\u003cmodule-name\u003e` command.\n\nYou can also access the documentation from [Ansible Galaxy](https://galaxy.ansible.com/ui/repo/published/infra/quay_configuration/docs/).\n\nName | Description\n---: | :---\n`quay_api_token` |          Create OAuth access tokens for accessing the Quay Container Registry API\n`quay_application` |        Manage Quay Container Registry applications\n`quay_config_info` |        Return Quay's configuration\n`quay_default_perm` |       Manage Quay Container Registry default repository permissions\n`quay_docker_token` |       Manage tokens for accessing Quay Container Registry repositories\n`quay_first_user` |         Create the first user account\n`quay_layer_info` |         Gather information about image layers in Quay Container Registry\n`quay_manifest_label` |     Manage Quay Container Registry image manifest labels\n`quay_manifest_label_info` | Gather information about manifest labels in Quay Container Registry\n`quay_message` |            Manage Quay Container Registry global messages\n`quay_notification` |       Manage Quay Container Registry repository notifications\n`quay_organization` |       Manage Quay Container Registry organizations\n`quay_organization_prune` | Manage auto-pruning policies for organizations and user namespaces\n`quay_proxy_cache` |        Manage Quay Container Registry proxy cache configurations\n`quay_quota` |              Manage Quay Container Registry organizations quota\n`quay_repository` |         Manage Quay Container Registry repositories\n`quay_repository_mirror` |  Manage Quay Container Registry repository mirror configurations\n`quay_repository_prune` |   Manage auto-pruning policies for repositories\n`quay_robot` |              Manage Quay Container Registry robot accounts\n`quay_tag` |                Manage Quay Container Registry image tags\n`quay_tag_info` |           Gather information about tags in a Quay Container Registry repository\n`quay_team` |               Manage Quay Container Registry teams\n`quay_team_ldap` |          Synchronize Quay Container Registry teams with LDAP groups\n`quay_team_oidc` |          Synchronize Quay Container Registry teams with OIDC groups\n`quay_user` |               Manage Quay Container Registry users\n\n\n### Jinja2 Filters\n\nRun the `ansible-doc -t filter -l infra.quay_configuration` command to list the filters that the collection provides.\nFor accessing the documentation of a filter, use the `ansible-doc -t filter infra.quay_configuration.\u003cfilter-name\u003e` command.\n\nName | Description\n---: | :---\n`quay_docker_config` |  Build a Docker configuration in JSON format\n\n### Roles\n\nRun the `ansible-doc -t role -l infra.quay_configuration` command to list the roles that the collection provides.\nFor accessing the documentation of a role, use the `ansible-doc -t role infra.quay_configuration.\u003crole-name\u003e` command.\n\nName | Description\n---: | :---\n`quay_org` | Create and configure a Quay Container Registry organization\n\n## Installing the Collection\n\nBefore using the Quay collection, install it by using the Ansible Galaxy command-line tool:\n\n```bash\nansible-galaxy collection install infra.quay_configuration\n```\n\nAs an alternative, you can declare the collection in a `collections/requirements.yml` file inside your Ansible project:\n\n```yaml\n---\ncollections:\n  - name: infra.quay_configuration\n```\n\nUse the `ansible-galaxy collection install -r collections/requirements.yml` command to install the collection from this file.\nIf you manage your Ansible project in automation controller, then automation controller detects this `collections/requirements.yml` file, and automatically installs the collection.\n\nYou can also download the tar archive from [Ansible Galaxy](https://galaxy.ansible.com/infra/quay_configuration), and then manually install the collection.\n\nSee [Ansible -- Using collections](https://docs.ansible.com/ansible/latest/user_guide/collections_using.html) for more details.\n\n\n## Using the Collection\n\nThe modules in the collection access Quay through its REST API.\nThe modules can connect to the API by using a username and a password, or by using an OAuth access token.\n\nThere are two ways to get an OAuth access token:\n\n* Use the Quay Container Registry web UI.\n* Use the `infra.quay_configuration.quay_first_user` Ansible module to create the first user account just after you installed Quay Container Registry.\n  The module creates and then returns an OAuth access token for the user.\n  This token is only valid for 2 hours and 30 minutes.\n\n\n### Creating an OAuth Access Token by Using the Web UI\n\nBefore you can use the collection, you must generate an OAuth access token.\nTo do so, follow these steps:\n\n1. Log in to the Quay Container Registry web UI.\n2. Use an existing organization or create a new one.\n3. In the organization, create an application.\n4. In the application, select the `Generate Token` menu.\n5. Select the permissions to associate to the token.\n   To be able to use all the modules in the collection, select `Administer Organization`, `Administer Repositories`, `Create Repositories`, `Super User Access`, and `Administer User`.\n6. Click `Generate Token`.\n7. Copy and then paste the token string into the `quay_token` module parameter.\n\nThe OAuth access token is linked to the user account you use to create it.\nYour user account needs to have superuser permissions for some modules to operate correctly.\nFor example, to manage user accounts, the `infra.quay_configuration.quay_user` module needs a token created by a user that have superuser permissions.\n\nSee the [Quay.io API](https://docs.quay.io/api/) documentation for more details.\n\n\n### Getting an OAuth Access Token when Creating the First User\n\nJust after you installed Quay Container Registry, and before you do anything else, you can create the first user and generate an OAuth access token for that user.\n\nAfter this initial operation, you can create additional user accounts by using the `infra.quay_configuration.quay_user` module and generate OAuth access tokens for these additional accounts by using the `infra.quay_configuration.quay_api_token` module.\n\nThe following playbook example uses the `infra.quay_configuration.quay_first_user` module to create the first user:\n\n```yaml\n---\n- name: Bootstrapping a fresh Quay Container Registry installation\n  hosts: localhost\n\n  tasks:\n    # You must probably ensure that the user account you create, admin in this\n    # example, has superuser permissions so that you can use the generated\n    # token to create additional objects.\n    # To give the user superuser permissions, add its name to the SUPER_USERS\n    # section in the config.yaml file.\n    - name: Ensure the initial user exists\n      infra.quay_configuration.quay_first_user:\n        username: admin\n        email: admin@example.com\n        password: S6tGwo13\n        create_token: true\n        quay_host: https://quay.example.com\n        validate_certs: true\n      register: result\n\n    # The token is valid for 2 hours and 30 minutes\n    - name: Display the generated OAuth access token\n      debug:\n        msg: \"Access token: {{ result['access_token'] }}\"\n\n    # Using the OAuth access token to continue configuring Quay\n    - name: Ensure the user exists\n      infra.quay_configuration.quay_user:\n        username: lvasquez\n        email: lvasquez@example.com\n        password: vs9mrD55NP\n        state: present\n        quay_token: \"{{ result['access_token'] }}\"\n        quay_host: https://quay.example.com\n        validate_certs: true\n```\n\nThe requirements for the `infra.quay_configuration.quay_first_user` module are as follows:\n\n* You must use Quay version 3.6 or later.\n* You must enable the first user creation feature (`FEATURE_USER_INITIALIZE` in `config.yaml`).\n* You must use the internal database for user authentication (`AUTHENTICATION_TYPE` to `Database` in `config.yaml` or `Internal Authentication` to `Local Database` in the configuration web UI).\n* You probably want the first user to have superuser permissions.\n  To do so, add this user account to the `SUPER_USERS` section in the `config.yaml` file.\n\n\n### Grouping Common Module Parameters\n\nWhen your play calls multiple modules from the collection, you can group common module parameters in the `module_defaults` section, under the `group/infra.quay_configuration.quay` subsection.\nFor example, instead of repeating the `quay_host`, `quay_username`, and `quay_password` parameters in each task, you can declare them at the top of your play:\n\n```yaml\n---\n- name: Creating the development organization and the developers team\n  hosts: localhost\n\n  module_defaults:\n    group/infra.quay_configuration.quay:\n      quay_host: https://quay.example.com\n      quay_username: admin\n      quay_password: S6tGwo13\n\n  tasks:\n    - name: Ensure the organization exists\n      infra.quay_configuration.quay_organization:\n        name: development\n        email: devorg@example.com\n        time_machine_expiration: \"1d\"\n        state: present\n\n    - name: Ensure the additional user exists\n      infra.quay_configuration.quay_user:\n        username: dwilde\n        email: dwilde@example.com\n        password: 7BbB8T6c\n        state: present\n\n    - name: Ensure the team exists in the development organization\n      infra.quay_configuration.quay_team:\n        name: developers\n        organization: development\n        role: creator\n        members:\n          - lvasquez\n          - dwilde\n        append: false\n        state: present\n```\n\n\n## Contributing to the Collection\n\nWe welcome community contributions to this collection.\nIf you find problems, then please open an [issue](https://github.com/redhat-cop/quay_configuration/issues) or create a [pull request](https://github.com/redhat-cop/quay_configuration/pulls).\n\nMore information about contributing can be found in the [Contribution Guidelines](https://github.com/redhat-cop/quay_configuration/blob/main/CONTRIBUTING.md).\n\n\n## Release Notes\n\nSee the [changelog](https://github.com/redhat-cop/quay_configuration/blob/main/CHANGELOG.rst).\n\n\n## Licensing\n\nGNU General Public License v3.0 or later.\n\nSee [LICENSE](https://www.gnu.org/licenses/gpl-3.0.txt) to read the full text.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fredhat-cop%2Fquay_configuration","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fredhat-cop%2Fquay_configuration","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fredhat-cop%2Fquay_configuration/lists"}