containerd: simplify registry mirror template (#11326)

Simplify registry mirror rendering in config.toml.
The map filter can extract the host list from mirrors so we can
just unique them and render them without needing to construct vars
for it.
For the registry mirror tls section, we can first extract mirrors
from the dict then filter on only the ones having skip_veridy defined
first and then filter on the ones having true (as the dict might not
have skip_verify defined and that would cause errors of undefined var).

This will speed up and simply the templating.

Signed-off-by: Seena Fallah <seenafallah@gmail.com>

roles/container-engine/containerd/templates/config.toml.j2

@@ -73,18 +73,12 @@ oom_score = {{ containerd_oom_score }}
  config_path = "{{ containerd_cfg_dir }}/certs.d"
 {% else %}
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors]
-{% set insecure_registries_addr = [] %}
 {% for registry in containerd_registries_mirrors %}
  [plugins."io.containerd.grpc.v1.cri".registry.mirrors."{{ registry.prefix }}"]
-{% set endpoint = [] %}
-{% for mirror in registry.mirrors %}
-{% if endpoint.append(mirror.host) %}{% endif %}
-{% if mirror.skip_verify is defined and mirror.skip_verify|bool %}{% if insecure_registries_addr.append(mirror.host | urlsplit('netloc')) %}{% endif %}{% endif %}
+ endpoint = {{ registry.mirrors | map(attribute='host') | unique | to_json }}
 {% endfor %}
- endpoint = ["{{ ( endpoint | unique ) | join('","') }}"]
-{% endfor %}
-{% for addr in insecure_registries_addr | unique %}
- [plugins."io.containerd.grpc.v1.cri".registry.configs."{{ addr }}".tls]
+{% for mirror in containerd_registries_mirrors | map(attribute='mirrors') | flatten | selectattr('skip_verify', 'defined') | selectattr('skip_verify') | unique %}
+ [plugins."io.containerd.grpc.v1.cri".registry.configs."{{ mirror.host | urlsplit('netloc') }}".tls]
  insecure_skip_verify = true
 {% endfor %}
 {% endif %}