mirror of
https://github.com/ansible-collections/community.docker.git
synced 2025-12-15 11:32:05 +00:00
1f2817fa20
* Bump version to 5.0.0-a1. * Drop support for ansible-core 2.15 and 2.16. * Remove Python 2 and early Python 3 compatibility.
147 lines
5.3 KiB
Python
147 lines
5.3 KiB
Python
#!/usr/bin/python
|
|
#
|
|
# Copyright (c) 2020 Matt Clay <mclay@redhat.com>
|
|
# Copyright (c) 2020 Felix Fontein <felix@fontein.de>
|
|
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
from __future__ import annotations
|
|
|
|
|
|
DOCUMENTATION = r"""
|
|
module: current_container_facts
|
|
short_description: Return facts about whether the module runs in a container
|
|
version_added: 1.1.0
|
|
description:
|
|
- Return facts about whether the module runs in a Docker or podman container.
|
|
- This module attempts a best-effort detection. There might be special cases where it does not work; if you encounter one,
|
|
L(please file an issue, https://github.com/ansible-collections/community.docker/issues/new?assignees=&labels=&template=bug_report.md).
|
|
author:
|
|
- Felix Fontein (@felixfontein)
|
|
extends_documentation_fragment:
|
|
- community.docker.attributes
|
|
- community.docker.attributes.facts
|
|
- community.docker.attributes.facts_module
|
|
- community.docker.attributes.idempotent_not_modify_state
|
|
"""
|
|
|
|
EXAMPLES = r"""
|
|
---
|
|
- name: Get facts on current container
|
|
community.docker.current_container_facts:
|
|
|
|
- name: Print information on current container when running in a container
|
|
ansible.builtin.debug:
|
|
msg: "Container ID is {{ ansible_module_container_id }}"
|
|
when: ansible_module_running_in_container
|
|
"""
|
|
|
|
RETURN = r"""
|
|
ansible_facts:
|
|
description: Ansible facts returned by the module.
|
|
type: dict
|
|
returned: always
|
|
contains:
|
|
ansible_module_running_in_container:
|
|
description:
|
|
- Whether the module was able to detect that it runs in a container or not.
|
|
returned: always
|
|
type: bool
|
|
ansible_module_container_id:
|
|
description:
|
|
- The detected container ID.
|
|
- Contains an empty string if no container was detected.
|
|
returned: always
|
|
type: str
|
|
ansible_module_container_type:
|
|
description:
|
|
- The detected container environment.
|
|
- Contains an empty string if no container was detected, or a non-empty string identifying the container environment.
|
|
- V(docker) indicates that the module ran inside a regular Docker container.
|
|
- V(azure_pipelines) indicates that the module ran on Azure Pipelines. This seems to no longer be reported.
|
|
- V(github_actions) indicates that the module ran inside a Docker container on GitHub Actions. It is supported since
|
|
community.docker 2.4.0.
|
|
- V(podman) indicates that the module ran inside a regular Podman container. It is supported since community.docker
|
|
3.3.0.
|
|
returned: always
|
|
type: str
|
|
choices:
|
|
- ''
|
|
- docker
|
|
- azure_pipelines
|
|
- github_actions
|
|
- podman
|
|
"""
|
|
|
|
import os
|
|
import re
|
|
|
|
from ansible.module_utils.basic import AnsibleModule
|
|
|
|
|
|
def main():
|
|
module = AnsibleModule(dict(), supports_check_mode=True)
|
|
|
|
cpuset_path = '/proc/self/cpuset'
|
|
mountinfo_path = '/proc/self/mountinfo'
|
|
|
|
container_id = ''
|
|
container_type = ''
|
|
|
|
contents = None
|
|
if os.path.exists(cpuset_path):
|
|
# File content varies based on the environment:
|
|
# No Container: /
|
|
# Docker: /docker/c86f3732b5ba3d28bb83b6e14af767ab96abbc52de31313dcb1176a62d91a507
|
|
# Azure Pipelines (Docker): /azpl_job/0f2edfed602dd6ec9f2e42c867f4d5ee640ebf4c058e6d3196d4393bb8fd0891
|
|
# Podman: /../../../../../..
|
|
# While this was true and worked well for a long time, this seems to be no longer accurate
|
|
# with newer Docker / Podman versions and/or with cgroupv2. That's why the /proc/self/mountinfo
|
|
# detection further down is done when this test is inconclusive.
|
|
with open(cpuset_path, 'rb') as f:
|
|
contents = f.read().decode('utf-8')
|
|
|
|
cgroup_path, cgroup_name = os.path.split(contents.strip())
|
|
|
|
if cgroup_path == '/docker':
|
|
container_id = cgroup_name
|
|
container_type = 'docker'
|
|
|
|
if cgroup_path == '/azpl_job':
|
|
container_id = cgroup_name
|
|
container_type = 'azure_pipelines'
|
|
|
|
if cgroup_path == '/actions_job':
|
|
container_id = cgroup_name
|
|
container_type = 'github_actions'
|
|
|
|
if not container_id and os.path.exists(mountinfo_path):
|
|
with open(mountinfo_path, 'rb') as f:
|
|
contents = f.read().decode('utf-8')
|
|
|
|
# As to why this works, see the explanations by Matt Clay in
|
|
# https://github.com/ansible/ansible/blob/80d2f8da02052f64396da6b8caaf820eedbf18e2/test/lib/ansible_test/_internal/docker_util.py#L571-L610
|
|
|
|
for line in contents.splitlines():
|
|
parts = line.split()
|
|
if len(parts) >= 5 and parts[4] == '/etc/hostname':
|
|
m = re.match('.*/([a-f0-9]{64})/hostname$', parts[3])
|
|
if m:
|
|
container_id = m.group(1)
|
|
container_type = 'docker'
|
|
|
|
m = re.match('.*/([a-f0-9]{64})/userdata/hostname$', parts[3])
|
|
if m:
|
|
container_id = m.group(1)
|
|
container_type = 'podman'
|
|
|
|
module.exit_json(ansible_facts=dict(
|
|
ansible_module_running_in_container=container_id != '',
|
|
ansible_module_container_id=container_id,
|
|
ansible_module_container_type=container_type,
|
|
))
|
|
|
|
|
|
if __name__ == '__main__':
|
|
main()
|