ansible-collections/community.docker
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.docker.git synced 2025-12-17 20:38:42 +00:00
Code Packages Projects Releases Wiki Activity

docker_context_info: fix some aspects (#1043)

Browse Source 
* Extend docker_context_info tests.

* Fix a bug in the context code.

* Fix TLS handling for contexts.

* Adjust code to fix tests.
This commit is contained in:
Felix Fontein 2025-02-10 23:54:36 +01:00 committed by GitHub
parent 20042ea780
commit 22ab85fe2b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 64 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
plugins/module_utils/_api/context/context.py
View File

@ -34,7 +34,7 @@ class Context(object):
"""A context.""" """A context."""
def __init__(self, name, orchestrator=None, host=None, endpoints=None, def __init__(self, name, orchestrator=None, host=None, endpoints=None,
tls=False, description=None): skip_tls_verify=False, tls=False, description=None):
if not name: if not name:
raise Exception("Name not provided") raise Exception("Name not provided")
self.name = name self.name = name
@ -54,8 +54,8 @@ class Context(object):
self.endpoints = { self.endpoints = {
default_endpoint: { default_endpoint: {
"Host": get_context_host(host, tls), "Host": get_context_host(host, skip_tls_verify or tls),
"SkipTLSVerify": not tls "SkipTLSVerify": skip_tls_verify,
} }
} }
return return
@ -73,15 +73,15 @@ class Context(object):
continue continue
self.endpoints[k]["Host"] = v.get("Host", get_context_host( self.endpoints[k]["Host"] = v.get("Host", get_context_host(
host, tls)) host, skip_tls_verify or tls))
self.endpoints[k]["SkipTLSVerify"] = bool(v.get( self.endpoints[k]["SkipTLSVerify"] = bool(v.get(
"SkipTLSVerify", not tls)) "SkipTLSVerify", skip_tls_verify))
def set_endpoint( def set_endpoint(
self, name="docker", host=None, tls_cfg=None, self, name="docker", host=None, tls_cfg=None,
skip_tls_verify=False, def_namespace=None): skip_tls_verify=False, def_namespace=None):
self.endpoints[name] = { self.endpoints[name] = {
"Host": get_context_host(host, not skip_tls_verify), "Host": get_context_host(host, not skip_tls_verify or tls_cfg is not None),
"SkipTLSVerify": skip_tls_verify "SkipTLSVerify": skip_tls_verify
} }
if def_namespace: if def_namespace:
@ -101,7 +101,7 @@ class Context(object):
meta["Name"], meta["Name"],
orchestrator=meta["Metadata"].get("StackOrchestrator", None), orchestrator=meta["Metadata"].get("StackOrchestrator", None),
endpoints=meta.get("Endpoints", None), endpoints=meta.get("Endpoints", None),
description=meta.get('Description')) description=meta["Metadata"].get('Description'))
instance.context_type = meta["Metadata"].get("Type", None) instance.context_type = meta["Metadata"].get("Type", None)
instance._load_certs() instance._load_certs()
instance.meta_path = get_meta_dir(name) instance.meta_path = get_meta_dir(name)
@ -152,13 +152,13 @@ class Context(object):
cert = os.path.join(tls_dir, endpoint, filename) cert = os.path.join(tls_dir, endpoint, filename)
elif filename.startswith("key"): elif filename.startswith("key"):
key = os.path.join(tls_dir, endpoint, filename) key = os.path.join(tls_dir, endpoint, filename)
if all([ca_cert, cert, key]): if all([cert, key]) or ca_cert:
verify = None verify = None
if endpoint == "docker" and not self.endpoints["docker"].get( if endpoint == "docker" and not self.endpoints["docker"].get(
"SkipTLSVerify", False): "SkipTLSVerify", False):
verify = True verify = True
certs[endpoint] = TLSConfig( certs[endpoint] = TLSConfig(
client_cert=(cert, key), ca_cert=ca_cert, verify=verify) client_cert=(cert, key) if cert and key else None, ca_cert=ca_cert, verify=verify)
self.tls_cfg = certs self.tls_cfg = certs
self.tls_path = tls_dir self.tls_path = tls_dir

9
plugins/modules/docker_context_info.py
View File

@ -229,7 +229,6 @@ def context_to_json(context, current):
# Create config for the modules # Create config for the modules
module_config['docker_host'] = host_str module_config['docker_host'] = host_str
module_config['tls'] = not to_bool(endpoint.get('SkipTLSVerify'))
if context.tls_cfg.get('docker'): if context.tls_cfg.get('docker'):
tls_cfg = context.tls_cfg['docker'] tls_cfg = context.tls_cfg['docker']
if tls_cfg.ca_cert: if tls_cfg.ca_cert:
@ -238,7 +237,9 @@ def context_to_json(context, current):
module_config['client_cert'] = tls_cfg.cert[0] module_config['client_cert'] = tls_cfg.cert[0]
module_config['client_key'] = tls_cfg.cert[1] module_config['client_key'] = tls_cfg.cert[1]
module_config['validate_certs'] = tls_cfg.verify module_config['validate_certs'] = tls_cfg.verify
module_config['tls'] = to_bool(tls_cfg.verify) module_config['tls'] = True
else:
module_config['tls'] = to_bool(endpoint.get('SkipTLSVerify'))
return { return {
'current': current, 'current': current,
'name': context.name, 'name': context.name,
@ -285,10 +286,10 @@ def main():
else: else:
contexts = ContextAPI.contexts() contexts = ContextAPI.contexts()
json_contexts = [ json_contexts = sorted([
context_to_json(context, context.name == current_context_name) context_to_json(context, context.name == current_context_name)
for context in contexts for context in contexts
] ], key=lambda entry: entry['name'])
module.exit_json( module.exit_json(
changed=False, changed=False,

1
tests/integration/targets/docker_context_info/meta/main.yml
View File

@ -6,3 +6,4 @@
dependencies: dependencies:
- setup_docker - setup_docker
- setup_docker_python_deps - setup_docker_python_deps
- setup_podman

49
tests/integration/targets/docker_context_info/tasks/tests/podman.yml Normal file
View File

@ -0,0 +1,49 @@
---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
- when: podman_cli_version is version('1.0.0', '>=')
block:
# The setup_podman role created a 'podman' context that we can use here.
- name: Get all contexts
community.docker.docker_context_info:
register: docker_contexts
- name: Ensure that there are at least two contexts
assert:
that:
- docker_contexts.contexts | length >= 2
- name: Get Podman context
community.docker.docker_context_info:
name: podman
register: docker_podman_context
- assert:
that:
- docker_podman_context.contexts | length == 1
- docker_podman_context.contexts[0].name == 'podman'
- docker_podman_context.contexts[0].current == false
- docker_podman_context.contexts[0].description == 'Podman'
- docker_podman_context.contexts[0].meta_path is string
- docker_podman_context.contexts[0].tls_path is string
- docker_podman_context.contexts[0].config.docker_host is string
- docker_podman_context.contexts[0].config.tls == false
- name: Run basic test with Podman context
module_defaults:
group/community.docker.docker: "{{ docker_podman_context.contexts[0].config }}"
block:
- name: Get info on Podman host
docker_host_info:
register: output
- name: Check for some Podman specific values
assert:
that:
- output.host_info.ProductLicense == 'Apache-2.0'
- >-
"Rootless" in output.host_info