Fix TLS handling for contexts.

plugins/module_utils/_api/context/context.py

@@ -34,7 +34,7 @@ class Context(object):
     """A context."""
 
     def __init__(self, name, orchestrator=None, host=None, endpoints=None,
-                 tls=False, description=None):
+                 skip_tls_verify=False, description=None):
         if not name:
             raise Exception("Name not provided")
         self.name = name
@@ -54,8 +54,8 @@ class Context(object):
 
             self.endpoints = {
                 default_endpoint: {
-                    "Host": get_context_host(host, tls),
-                    "SkipTLSVerify": not tls
+                    "Host": get_context_host(host, skip_tls_verify),
+                    "SkipTLSVerify": skip_tls_verify,
                 }
             }
             return
@@ -73,9 +73,9 @@ class Context(object):
                 continue
 
             self.endpoints[k]["Host"] = v.get("Host", get_context_host(
-                host, tls))
+                host, skip_tls_verify))
             self.endpoints[k]["SkipTLSVerify"] = bool(v.get(
-                "SkipTLSVerify", not tls))
+                "SkipTLSVerify", skip_tls_verify))
 
     def set_endpoint(
             self, name="docker", host=None, tls_cfg=None,
@@ -152,13 +152,13 @@ class Context(object):
                     cert = os.path.join(tls_dir, endpoint, filename)
                 elif filename.startswith("key"):
                     key = os.path.join(tls_dir, endpoint, filename)
-            if all([ca_cert, cert, key]):
+            if all([cert, key]) or ca_cert:
                 verify = None
                 if endpoint == "docker" and not self.endpoints["docker"].get(
                         "SkipTLSVerify", False):
                     verify = True
                 certs[endpoint] = TLSConfig(
-                    client_cert=(cert, key), ca_cert=ca_cert, verify=verify)
+                    client_cert=(cert, key) if cert and key else None, ca_cert=ca_cert, verify=verify)
         self.tls_cfg = certs
         self.tls_path = tls_dir
 

plugins/modules/docker_context_info.py

@@ -229,7 +229,6 @@ def context_to_json(context, current):
 
             # Create config for the modules
             module_config['docker_host'] = host_str
-            module_config['tls'] = not to_bool(endpoint.get('SkipTLSVerify'))
             if context.tls_cfg.get('docker'):
                 tls_cfg = context.tls_cfg['docker']
                 if tls_cfg.ca_cert:
@@ -238,7 +237,9 @@ def context_to_json(context, current):
                     module_config['client_cert'] = tls_cfg.cert[0]
                     module_config['client_key'] = tls_cfg.cert[1]
                 module_config['validate_certs'] = tls_cfg.verify
-                module_config['tls'] = to_bool(tls_cfg.verify)
+                module_config['tls'] = True
+            else:
+                module_config['tls'] = to_bool(endpoint.get('SkipTLSVerify'))
     return {
         'current': current,
         'name': context.name,
@@ -285,10 +286,10 @@ def main():
         else:
             contexts = ContextAPI.contexts()
 
-        json_contexts = [
+        json_contexts = sorted([
             context_to_json(context, context.name == current_context_name)
             for context in contexts
-        ]
+        ], key=lambda entry: entry['name'])
 
         module.exit_json(
             changed=False,