mirror of
https://github.com/ansible-collections/community.docker.git
synced 2025-12-15 19:42:06 +00:00
4944 lines
136 KiB
YAML
4944 lines
136 KiB
YAML
---
|
|
# Copyright (c) Ansible Project
|
|
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
- name: Registering container name
|
|
ansible.builtin.set_fact:
|
|
cname: "{{ cname_prefix ~ '-options' }}"
|
|
cname_h1: "{{ cname_prefix ~ '-options-h1' }}"
|
|
cname_h2: "{{ cname_prefix ~ '-options-h2' }}"
|
|
cname_h3: "{{ cname_prefix ~ '-options-h3' }}"
|
|
- name: Registering container name
|
|
ansible.builtin.set_fact:
|
|
cnames: "{{ cnames + [cname, cname_h1, cname_h2, cname_h3] }}"
|
|
|
|
####################################################################
|
|
## auto_remove #####################################################
|
|
####################################################################
|
|
|
|
- name: auto_remove
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "echo"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
auto_remove: true
|
|
register: auto_remove_1
|
|
|
|
- name: Give container 1 second to be sure it terminated
|
|
ansible.builtin.pause:
|
|
seconds: 1
|
|
|
|
- name: auto_remove (verify)
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
register: auto_remove_2
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- auto_remove_1 is changed
|
|
- auto_remove_2 is not changed
|
|
|
|
####################################################################
|
|
## blkio_weight ####################################################
|
|
####################################################################
|
|
|
|
- name: blkio_weight
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
blkio_weight: 123
|
|
register: blkio_weight_1
|
|
ignore_errors: true
|
|
|
|
- name: blkio_weight (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
blkio_weight: 123
|
|
register: blkio_weight_2
|
|
ignore_errors: true
|
|
|
|
- name: blkio_weight (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
blkio_weight: 234
|
|
force_kill: true
|
|
register: blkio_weight_3
|
|
ignore_errors: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- when: blkio_weight_1 is failed
|
|
ansible.builtin.assert:
|
|
that:
|
|
- "'setting cgroup config for procHooks process caused: failed to write' in blkio_weight_1.msg"
|
|
|
|
- when: blkio_weight_1 is not failed
|
|
ansible.builtin.assert:
|
|
that:
|
|
- blkio_weight_1 is changed
|
|
- blkio_weight_2 is not failed
|
|
- >-
|
|
blkio_weight_2 is not changed or ('Docker warning: Your kernel does not support Block I/O weight or the cgroup is not mounted. Weight discarded.' in (blkio_weight_2.warnings | default([])))
|
|
- blkio_weight_3 is not failed
|
|
- blkio_weight_3 is changed
|
|
|
|
####################################################################
|
|
## cap_drop, capabilities ##########################################
|
|
####################################################################
|
|
|
|
- name: capabilities, cap_drop
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
capabilities:
|
|
- sys_time
|
|
cap_drop:
|
|
- all
|
|
register: capabilities_1
|
|
|
|
- name: capabilities, cap_drop (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
capabilities:
|
|
- sys_time
|
|
cap_drop:
|
|
- all
|
|
register: capabilities_2
|
|
|
|
- name: capabilities, cap_drop (less)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
capabilities: []
|
|
cap_drop:
|
|
- all
|
|
register: capabilities_3
|
|
|
|
- name: capabilities, cap_drop (changed)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
capabilities:
|
|
- setgid
|
|
cap_drop:
|
|
- all
|
|
force_kill: true
|
|
register: capabilities_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- capabilities_1 is changed
|
|
- capabilities_2 is not changed
|
|
- capabilities_3 is not changed
|
|
- capabilities_4 is changed
|
|
|
|
####################################################################
|
|
## cgroupns_mode ###################################################
|
|
####################################################################
|
|
|
|
- name: cgroupns_mode
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
cgroupns_mode: host
|
|
register: cgroupns_mode_1
|
|
ignore_errors: true
|
|
|
|
- name: cgroupns_mode (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
cgroupns_mode: host
|
|
register: cgroupns_mode_2
|
|
ignore_errors: true
|
|
|
|
- name: cgroupns_mode (changed)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
cgroupns_mode: private
|
|
register: cgroupns_mode_3
|
|
ignore_errors: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- cgroupns_mode_1 is changed
|
|
- cgroupns_mode_2 is not changed and cgroupns_mode_2 is not failed
|
|
- >-
|
|
cgroupns_mode_3 is changed or
|
|
('Docker warning: Your kernel does not support cgroup namespaces. Cgroup namespace setting discarded.' in (cgroupns_mode_3.warnings | default([]))) or
|
|
(cgroupns_mode_3 is failed and 'error mounting "cgroup" to rootfs at "/sys/fs/cgroup"' in cgroupns_mode_3.msg)
|
|
when: docker_api_version is version('1.41', '>=') and cgroupns_mode_1 is not failed
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- >-
|
|
'error mounting "cgroup" to rootfs at "/sys/fs/cgroup"' in cgroupns_mode_1.msg
|
|
when: docker_api_version is version('1.41', '>=') and cgroupns_mode_1 is failed
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- cgroupns_mode_1 is failed
|
|
- |
|
|
('API version is ' ~ docker_api_version ~ '.') in cgroupns_mode_1.msg and 'Minimum version required is 1.41 ' in cgroupns_mode_1.msg
|
|
when: docker_api_version is version('1.41', '<')
|
|
|
|
####################################################################
|
|
## cgroup_parent ###################################################
|
|
####################################################################
|
|
|
|
- name: cgroup_parent
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
cgroup_parent: ''
|
|
register: cgroup_parent_1
|
|
|
|
- name: cgroup_parent (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
cgroup_parent: ''
|
|
register: cgroup_parent_2
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- cgroup_parent_1 is changed
|
|
- cgroup_parent_2 is not changed
|
|
|
|
####################################################################
|
|
## command #########################################################
|
|
####################################################################
|
|
|
|
# old
|
|
|
|
- name: command (compatibility)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: compatibility
|
|
command: '/bin/sh -v -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: command_1
|
|
|
|
- name: command (compatibility, idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: compatibility
|
|
command: '/bin/sh -v -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: command_2
|
|
|
|
- name: command (compatibility, idempotency, list)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: compatibility
|
|
command:
|
|
- /bin/sh
|
|
- '-v'
|
|
- '-c'
|
|
- '"sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: command_3
|
|
|
|
- name: command (compatibility, fewer parameters)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: compatibility
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: command_4
|
|
|
|
- name: command (compatibility, empty list)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: compatibility
|
|
command: []
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: command_5
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- command_1 is changed
|
|
- command_2 is not changed
|
|
- command_3 is not changed
|
|
- command_4 is changed
|
|
- command_5 is not changed
|
|
|
|
# new
|
|
|
|
- name: command (correct)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: correct
|
|
command: '/bin/sh -v -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: command_1
|
|
|
|
- name: command (correct, idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: correct
|
|
command: '/bin/sh -v -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: command_2
|
|
|
|
- name: command (correct, idempotency, list)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: correct
|
|
command:
|
|
- /bin/sh
|
|
- '-v'
|
|
- '-c'
|
|
- sleep 10m
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: command_3
|
|
|
|
- name: command (correct, fewer parameters)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: correct
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: command_4
|
|
|
|
- name: command (correct, empty list)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: correct
|
|
command: []
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: command_5
|
|
|
|
- name: command (correct, empty list, idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: correct
|
|
command: []
|
|
name: "{{ cname }}"
|
|
state: present # the container will use the default command and likely has been exited by this point, so don't use 'state: started' here
|
|
force_kill: true
|
|
register: command_6
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- command_1 is changed
|
|
- command_2 is not changed
|
|
- command_3 is not changed
|
|
- command_4 is changed
|
|
- command_5 is changed
|
|
- command_6 is not changed
|
|
|
|
####################################################################
|
|
## cpu_period ######################################################
|
|
####################################################################
|
|
|
|
- name: cpu_period
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpu_period: 90000
|
|
state: started
|
|
register: cpu_period_1
|
|
|
|
- name: cpu_period (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpu_period: 90000
|
|
state: started
|
|
register: cpu_period_2
|
|
|
|
- name: cpu_period (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpu_period: 50000
|
|
state: started
|
|
force_kill: true
|
|
register: cpu_period_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- cpu_period_1 is changed
|
|
- cpu_period_2 is not changed
|
|
- cpu_period_3 is changed
|
|
|
|
####################################################################
|
|
## cpu_quota #######################################################
|
|
####################################################################
|
|
|
|
- name: cpu_quota
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpu_quota: 150000
|
|
state: started
|
|
register: cpu_quota_1
|
|
|
|
- name: cpu_quota (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpu_quota: 150000
|
|
state: started
|
|
register: cpu_quota_2
|
|
|
|
- name: cpu_quota (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpu_quota: 50000
|
|
state: started
|
|
force_kill: true
|
|
register: cpu_quota_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- cpu_quota_1 is changed
|
|
- cpu_quota_2 is not changed
|
|
- cpu_quota_3 is changed
|
|
|
|
####################################################################
|
|
## cpu_shares ######################################################
|
|
####################################################################
|
|
|
|
- name: cpu_shares
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpu_shares: 900
|
|
state: started
|
|
register: cpu_shares_1
|
|
|
|
- name: cpu_shares (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpu_shares: 900
|
|
state: started
|
|
register: cpu_shares_2
|
|
|
|
- name: cpu_shares (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpu_shares: 1100
|
|
state: started
|
|
force_kill: true
|
|
register: cpu_shares_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- cpu_shares_1 is changed
|
|
- cpu_shares_2 is not changed
|
|
- cpu_shares_3 is changed
|
|
|
|
####################################################################
|
|
## cpuset_cpus #####################################################
|
|
####################################################################
|
|
|
|
- name: cpuset_cpus
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpuset_cpus: "0"
|
|
state: started
|
|
register: cpuset_cpus_1
|
|
|
|
- name: cpuset_cpus (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpuset_cpus: "0"
|
|
state: started
|
|
register: cpuset_cpus_2
|
|
|
|
- name: cpuset_cpus (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpuset_cpus: "1"
|
|
state: started
|
|
force_kill: true
|
|
# This will fail if the system the test is run on doesn't have
|
|
# multiple CPUs/cores available.
|
|
ignore_errors: true
|
|
register: cpuset_cpus_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- cpuset_cpus_1 is changed
|
|
- cpuset_cpus_2 is not changed
|
|
- cpuset_cpus_3 is failed or cpuset_cpus_3 is changed
|
|
|
|
####################################################################
|
|
## cpuset_mems #####################################################
|
|
####################################################################
|
|
|
|
- name: cpuset_mems
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpuset_mems: "0"
|
|
state: started
|
|
register: cpuset_mems_1
|
|
|
|
- name: cpuset_mems (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpuset_mems: "0"
|
|
state: started
|
|
register: cpuset_mems_2
|
|
|
|
- name: cpuset_mems (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpuset_mems: "1"
|
|
state: started
|
|
force_kill: true
|
|
# This will fail if the system the test is run on doesn't have
|
|
# multiple MEMs available.
|
|
ignore_errors: true
|
|
register: cpuset_mems_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- cpuset_mems_1 is changed
|
|
- cpuset_mems_2 is not changed
|
|
- cpuset_mems_3 is failed or cpuset_mems_3 is changed
|
|
|
|
####################################################################
|
|
## cpus ############################################################
|
|
####################################################################
|
|
|
|
- name: cpus
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpus: 1
|
|
state: started
|
|
register: cpus_1
|
|
|
|
- name: cpus (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpus: 1
|
|
state: started
|
|
register: cpus_2
|
|
|
|
- name: cpus (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
cpus: 1.5
|
|
state: started
|
|
force_kill: true
|
|
# This will fail if the system the test is run on doesn't have
|
|
# multiple MEMs available.
|
|
register: cpus_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- cpus_1 is changed
|
|
- cpus_2 is not changed and cpus_2 is not failed
|
|
- cpus_3 is failed or cpus_3 is changed
|
|
|
|
####################################################################
|
|
## debug ###########################################################
|
|
####################################################################
|
|
|
|
- name: debug (create)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: present
|
|
debug: true
|
|
register: debug_1
|
|
|
|
- name: debug (start)
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: started
|
|
debug: true
|
|
register: debug_2
|
|
|
|
- name: debug (stop)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
name: "{{ cname }}"
|
|
state: stopped
|
|
force_kill: true
|
|
debug: true
|
|
register: debug_3
|
|
|
|
- name: debug (absent)
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
debug: true
|
|
force_kill: true
|
|
register: debug_4
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- debug_1 is changed
|
|
- debug_2 is changed
|
|
- debug_3 is changed
|
|
- debug_4 is changed
|
|
|
|
####################################################################
|
|
## detach, cleanup #################################################
|
|
####################################################################
|
|
|
|
- name: detach without cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
detach: false
|
|
register: detach_no_cleanup
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
register: detach_no_cleanup_cleanup
|
|
diff: false
|
|
|
|
- name: detach with cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
detach: false
|
|
cleanup: true
|
|
register: detach_cleanup
|
|
|
|
- name: cleanup (unnecessary)
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
register: detach_cleanup_cleanup
|
|
diff: false
|
|
|
|
- name: detach with auto_remove and cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
detach: false
|
|
auto_remove: true
|
|
cleanup: true
|
|
register: detach_auto_remove
|
|
ignore_errors: true
|
|
|
|
- name: cleanup (unnecessary)
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
register: detach_auto_remove_cleanup
|
|
diff: false
|
|
|
|
- name: detach with cleanup and non-zero status
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "exit 42"'
|
|
detach: false
|
|
cleanup: true
|
|
register: detach_cleanup_nonzero
|
|
ignore_errors: true
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
# NOTE that 'Output' sometimes fails to contain the correct output
|
|
# of hello-world. We don't know why this happens, but it happens
|
|
# often enough to be annoying. That's why we disable this for now,
|
|
# and simply test that 'Output' is contained in the result.
|
|
- "'Output' in detach_no_cleanup.container"
|
|
- detach_no_cleanup.status == 0
|
|
# - "'Hello from Docker!' in detach_no_cleanup.container.Output"
|
|
- detach_no_cleanup_cleanup is changed
|
|
- "'Output' in detach_cleanup.container"
|
|
- detach_cleanup.status == 0
|
|
# - "'Hello from Docker!' in detach_cleanup.container.Output"
|
|
- detach_cleanup_cleanup is not changed
|
|
- detach_cleanup_nonzero is failed
|
|
- detach_cleanup_nonzero.status == 42
|
|
- "'Output' in detach_cleanup_nonzero.container"
|
|
- "detach_cleanup_nonzero.container.Output == ''"
|
|
- "'Cannot retrieve result as auto_remove is enabled' == detach_auto_remove.container.Output"
|
|
- detach_auto_remove_cleanup is not changed
|
|
|
|
####################################################################
|
|
## devices #########################################################
|
|
####################################################################
|
|
|
|
- name: devices
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
devices:
|
|
- "/dev/random:/dev/virt-random:rwm"
|
|
- "/dev/urandom:/dev/virt-urandom:rwm"
|
|
register: devices_1
|
|
|
|
- name: devices (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
devices:
|
|
- "/dev/urandom:/dev/virt-urandom:rwm"
|
|
- "/dev/random:/dev/virt-random:rwm"
|
|
register: devices_2
|
|
|
|
- name: devices (less)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
devices:
|
|
- "/dev/random:/dev/virt-random:rwm"
|
|
register: devices_3
|
|
|
|
- name: devices (changed)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
devices:
|
|
- "/dev/random:/dev/virt-random:rwm"
|
|
- "/dev/null:/dev/virt-null:rwm"
|
|
force_kill: true
|
|
register: devices_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- devices_1 is changed
|
|
- devices_2 is not changed
|
|
- devices_3 is not changed
|
|
- devices_4 is changed
|
|
|
|
####################################################################
|
|
## device_read_bps #################################################
|
|
####################################################################
|
|
|
|
- name: device_read_bps
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
device_read_bps:
|
|
- path: /dev/random
|
|
rate: 20M
|
|
- path: /dev/urandom
|
|
rate: 10K
|
|
register: device_read_bps_1
|
|
ignore_errors: true
|
|
|
|
- name: device_read_bps (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
device_read_bps:
|
|
- path: /dev/urandom
|
|
rate: 10K
|
|
- path: /dev/random
|
|
rate: 20M
|
|
register: device_read_bps_2
|
|
ignore_errors: true
|
|
|
|
- name: device_read_bps (lesser entries)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
device_read_bps:
|
|
- path: /dev/random
|
|
rate: 20M
|
|
register: device_read_bps_3
|
|
ignore_errors: true
|
|
|
|
- name: device_read_bps (changed)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
device_read_bps:
|
|
- path: /dev/random
|
|
rate: 10M
|
|
- path: /dev/urandom
|
|
rate: 5K
|
|
force_kill: true
|
|
register: device_read_bps_4
|
|
ignore_errors: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- when: device_read_bps_1 is not failed
|
|
ansible.builtin.assert:
|
|
that:
|
|
- device_read_bps_1 is not failed
|
|
- device_read_bps_1 is changed
|
|
- device_read_bps_2 is not failed
|
|
- device_read_bps_2 is not changed
|
|
- device_read_bps_3 is not failed
|
|
- device_read_bps_3 is not changed
|
|
- device_read_bps_4 is not failed
|
|
- device_read_bps_4 is changed
|
|
|
|
- when: device_read_bps_1 is failed
|
|
ansible.builtin.assert:
|
|
that:
|
|
- "'error setting cgroup config for procHooks process' in device_read_bps_1.msg and 'blkio.throttle.read_bps_device: no such device' in device_read_bps_1.msg"
|
|
|
|
####################################################################
|
|
## device_read_iops ################################################
|
|
####################################################################
|
|
|
|
- name: device_read_iops
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
device_read_iops:
|
|
- path: /dev/random
|
|
rate: 10
|
|
- path: /dev/urandom
|
|
rate: 20
|
|
register: device_read_iops_1
|
|
ignore_errors: true
|
|
|
|
- name: device_read_iops (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
device_read_iops:
|
|
- path: /dev/urandom
|
|
rate: "20"
|
|
- path: /dev/random
|
|
rate: 10
|
|
register: device_read_iops_2
|
|
ignore_errors: true
|
|
|
|
- name: device_read_iops (less)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
device_read_iops:
|
|
- path: /dev/random
|
|
rate: 10
|
|
register: device_read_iops_3
|
|
ignore_errors: true
|
|
|
|
- name: device_read_iops (changed)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
device_read_iops:
|
|
- path: /dev/random
|
|
rate: 30
|
|
- path: /dev/urandom
|
|
rate: 50
|
|
force_kill: true
|
|
register: device_read_iops_4
|
|
ignore_errors: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- when: device_read_iops_1 is not failed
|
|
ansible.builtin.assert:
|
|
that:
|
|
- device_read_iops_1 is not failed
|
|
- device_read_iops_1 is changed
|
|
- device_read_iops_2 is not failed
|
|
- device_read_iops_2 is not changed
|
|
- device_read_iops_3 is not failed
|
|
- device_read_iops_3 is not changed
|
|
- device_read_iops_4 is not failed
|
|
- device_read_iops_4 is changed
|
|
|
|
- when: device_read_iops_1 is failed
|
|
ansible.builtin.assert:
|
|
that:
|
|
- "'error setting cgroup config for procHooks process' in device_read_iops_1.msg and 'blkio.throttle.read_iops_device: no such device' in device_read_iops_1.msg"
|
|
|
|
####################################################################
|
|
## device_write_bps and device_write_iops ##########################
|
|
####################################################################
|
|
|
|
- name: device_write_bps and device_write_iops
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
device_write_bps:
|
|
- path: /dev/random
|
|
rate: 10M
|
|
device_write_iops:
|
|
- path: /dev/urandom
|
|
rate: 30
|
|
register: device_write_limit_1
|
|
ignore_errors: true
|
|
|
|
- name: device_write_bps and device_write_iops (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
device_write_bps:
|
|
- path: /dev/random
|
|
rate: 10M
|
|
device_write_iops:
|
|
- path: /dev/urandom
|
|
rate: 30
|
|
register: device_write_limit_2
|
|
ignore_errors: true
|
|
|
|
- name: device_write_bps device_write_iops (changed)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
device_write_bps:
|
|
- path: /dev/random
|
|
rate: 20K
|
|
device_write_iops:
|
|
- path: /dev/urandom
|
|
rate: 100
|
|
force_kill: true
|
|
register: device_write_limit_3
|
|
ignore_errors: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- when: device_write_limit_1 is not failed
|
|
ansible.builtin.assert:
|
|
that:
|
|
- device_write_limit_1 is not failed and device_write_limit_2 is not failed and device_write_limit_3 is not failed
|
|
- device_write_limit_1 is changed
|
|
- device_write_limit_2 is not changed
|
|
- device_write_limit_3 is changed
|
|
|
|
- when: device_write_limit_1 is failed
|
|
ansible.builtin.assert:
|
|
that:
|
|
- "'error setting cgroup config for procHooks process' in device_write_limit_1.msg and 'blkio.throttle.write_bps_device: no such device' in device_write_limit_1.msg"
|
|
|
|
####################################################################
|
|
## device_requests #################################################
|
|
####################################################################
|
|
|
|
- name: device_requests
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
device_requests: []
|
|
register: device_requests_1
|
|
ignore_errors: true
|
|
|
|
- name: device_requests (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
device_requests: []
|
|
register: device_requests_2
|
|
ignore_errors: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- device_requests_1 is changed
|
|
- device_requests_2 is not changed
|
|
when: docker_api_version is version('1.40', '>=')
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- device_requests_1 is failed
|
|
- |
|
|
('API version is ' ~ docker_api_version ~ '.') in device_requests_1.msg and 'Minimum version required is 1.40 ' in device_requests_1.msg
|
|
when: docker_api_version is version('1.40', '<')
|
|
|
|
####################################################################
|
|
## device_cgroup_rules ###################################################
|
|
####################################################################
|
|
|
|
- name: device_cgroup_rules
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
device_cgroup_rules:
|
|
- "c 42:* rmw"
|
|
register: device_cgroup_rules_1
|
|
ignore_errors: true
|
|
|
|
- name: cgroupns_mode (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
device_cgroup_rules:
|
|
- "c 42:* rmw"
|
|
register: device_cgroup_rules_2
|
|
ignore_errors: true
|
|
|
|
- name: cgroupns_mode (changed)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
device_cgroup_rules:
|
|
- "c 189:* rmw"
|
|
register: device_cgroup_rules_3
|
|
ignore_errors: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- device_cgroup_rules_1 is changed
|
|
- device_cgroup_rules_2 is not changed
|
|
- device_cgroup_rules_3 is changed
|
|
when: docker_api_version is version('1.28', '>=')
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- device_cgroup_rules_1 is failed
|
|
- |
|
|
('API version is ' ~ docker_api_version ~ '.') in device_cgroup_rules_1.msg and 'Minimum version required is 1.28 ' in device_cgroup_rules_1.msg
|
|
when: docker_api_version is version('1.28', '<')
|
|
|
|
####################################################################
|
|
## dns_opts ########################################################
|
|
####################################################################
|
|
|
|
- name: dns_opts
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
dns_opts:
|
|
- "timeout:10"
|
|
- rotate
|
|
register: dns_opts_1
|
|
|
|
- name: dns_opts (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
dns_opts:
|
|
- rotate
|
|
- "timeout:10"
|
|
register: dns_opts_2
|
|
|
|
- name: dns_opts (less resolv.conf options)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
dns_opts:
|
|
- "timeout:10"
|
|
register: dns_opts_3
|
|
|
|
- name: dns_opts (more resolv.conf options)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
dns_opts:
|
|
- "timeout:10"
|
|
- no-check-names
|
|
force_kill: true
|
|
register: dns_opts_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- dns_opts_1 is changed
|
|
- dns_opts_2 is not changed
|
|
- dns_opts_3 is not changed
|
|
- dns_opts_4 is changed
|
|
|
|
####################################################################
|
|
## dns_search_domains ##############################################
|
|
####################################################################
|
|
|
|
- name: dns_search_domains
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
dns_search_domains:
|
|
- example.com
|
|
- example.org
|
|
register: dns_search_domains_1
|
|
|
|
- name: dns_search_domains (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
dns_search_domains:
|
|
- example.com
|
|
- example.org
|
|
register: dns_search_domains_2
|
|
|
|
- name: dns_search_domains (different order)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
dns_search_domains:
|
|
- example.org
|
|
- example.com
|
|
force_kill: true
|
|
register: dns_search_domains_3
|
|
|
|
- name: dns_search_domains (changed elements)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
dns_search_domains:
|
|
- ansible.com
|
|
- example.com
|
|
force_kill: true
|
|
register: dns_search_domains_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- dns_search_domains_1 is changed
|
|
- dns_search_domains_2 is not changed
|
|
- dns_search_domains_3 is changed
|
|
- dns_search_domains_4 is changed
|
|
|
|
####################################################################
|
|
## dns_servers #####################################################
|
|
####################################################################
|
|
|
|
- name: dns_servers
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
dns_servers:
|
|
- 1.1.1.1
|
|
- 8.8.8.8
|
|
register: dns_servers_1
|
|
|
|
- name: dns_servers (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
dns_servers:
|
|
- 1.1.1.1
|
|
- 8.8.8.8
|
|
register: dns_servers_2
|
|
|
|
- name: dns_servers (changed order)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
dns_servers:
|
|
- 8.8.8.8
|
|
- 1.1.1.1
|
|
force_kill: true
|
|
register: dns_servers_3
|
|
|
|
- name: dns_servers (changed elements)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
dns_servers:
|
|
- 8.8.8.8
|
|
- 9.9.9.9
|
|
force_kill: true
|
|
register: dns_servers_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- dns_servers_1 is changed
|
|
- dns_servers_2 is not changed
|
|
- dns_servers_3 is changed
|
|
- dns_servers_4 is changed
|
|
|
|
####################################################################
|
|
## domainname ######################################################
|
|
####################################################################
|
|
|
|
- name: domainname
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
domainname: example.com
|
|
state: started
|
|
register: domainname_1
|
|
|
|
- name: domainname (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
domainname: example.com
|
|
state: started
|
|
register: domainname_2
|
|
|
|
- name: domainname (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
domainname: example.org
|
|
state: started
|
|
force_kill: true
|
|
register: domainname_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- domainname_1 is changed
|
|
- domainname_2 is not changed
|
|
- domainname_3 is changed
|
|
|
|
####################################################################
|
|
## entrypoint ######################################################
|
|
####################################################################
|
|
|
|
# Old
|
|
|
|
- name: entrypoint (compatibility)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: compatibility
|
|
entrypoint:
|
|
- /bin/sh
|
|
- "-v"
|
|
- "-c"
|
|
- "'sleep 10m'"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: entrypoint_1
|
|
|
|
- name: entrypoint (compatibility, idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: compatibility
|
|
entrypoint:
|
|
- /bin/sh
|
|
- "-v"
|
|
- "-c"
|
|
- "'sleep 10m'"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: entrypoint_2
|
|
|
|
- name: entrypoint (compatibility, change order, should not be idempotent)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: compatibility
|
|
entrypoint:
|
|
- /bin/sh
|
|
- "-c"
|
|
- "'sleep 10m'"
|
|
- "-v"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: entrypoint_3
|
|
|
|
- name: entrypoint (compatibility, fewer parameters)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: compatibility
|
|
entrypoint:
|
|
- /bin/sh
|
|
- "-c"
|
|
- "'sleep 10m'"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: entrypoint_4
|
|
|
|
- name: entrypoint (compatibility, other parameters)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: compatibility
|
|
entrypoint:
|
|
- /bin/sh
|
|
- "-c"
|
|
- "'sleep 5m'"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: entrypoint_5
|
|
|
|
- name: entrypoint (compatibility, force empty)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: compatibility
|
|
entrypoint: []
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: entrypoint_6
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- entrypoint_1 is changed
|
|
- entrypoint_2 is not changed
|
|
- entrypoint_3 is changed
|
|
- entrypoint_4 is changed
|
|
- entrypoint_5 is changed
|
|
- entrypoint_6 is not changed
|
|
|
|
# New
|
|
|
|
- name: entrypoint (correct)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: correct
|
|
entrypoint:
|
|
- /bin/sh
|
|
- "-v"
|
|
- "-c"
|
|
- "sleep 10m"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: entrypoint_1
|
|
|
|
- name: entrypoint (correct, idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: correct
|
|
entrypoint:
|
|
- /bin/sh
|
|
- "-v"
|
|
- "-c"
|
|
- "sleep 10m"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: entrypoint_2
|
|
|
|
- name: entrypoint (correct, change order, should not be idempotent)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: correct
|
|
entrypoint:
|
|
- /bin/sh
|
|
- "-c"
|
|
- "sleep 10m"
|
|
- "-v"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: entrypoint_3
|
|
|
|
- name: entrypoint (correct, fewer parameters)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: correct
|
|
entrypoint:
|
|
- /bin/sh
|
|
- "-c"
|
|
- "sleep 10m"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: entrypoint_4
|
|
|
|
- name: entrypoint (correct, other parameters)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: correct
|
|
entrypoint:
|
|
- /bin/sh
|
|
- "-c"
|
|
- "sleep 5m"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: entrypoint_5
|
|
|
|
- name: entrypoint (correct, force empty)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command_handling: correct
|
|
entrypoint: []
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: entrypoint_6
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- entrypoint_1 is changed
|
|
- entrypoint_2 is not changed
|
|
- entrypoint_3 is changed
|
|
- entrypoint_4 is changed
|
|
- entrypoint_5 is changed
|
|
- entrypoint_6 is changed
|
|
|
|
####################################################################
|
|
## env #############################################################
|
|
####################################################################
|
|
|
|
- name: env
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
env:
|
|
TEST1: val1
|
|
TEST2: val2
|
|
TEST3: "False"
|
|
TEST4: "true"
|
|
TEST5: "yes"
|
|
register: env_1
|
|
|
|
- name: env (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
env:
|
|
TEST2: val2
|
|
TEST1: val1
|
|
TEST5: "yes"
|
|
TEST3: "False"
|
|
TEST4: "true"
|
|
register: env_2
|
|
|
|
- name: env (less environment variables)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
env:
|
|
TEST1: val1
|
|
register: env_3
|
|
|
|
- name: env (more environment variables)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
env:
|
|
TEST1: val1
|
|
TEST3: val3
|
|
force_kill: true
|
|
register: env_4
|
|
|
|
- name: env (fail unwrapped values)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
env:
|
|
TEST1: true
|
|
force_kill: true
|
|
register: env_5
|
|
ignore_errors: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- env_1 is changed
|
|
- "'TEST1=val1' in env_1.container.Config.Env"
|
|
- "'TEST2=val2' in env_1.container.Config.Env"
|
|
- "'TEST3=False' in env_1.container.Config.Env"
|
|
- "'TEST4=true' in env_1.container.Config.Env"
|
|
- "'TEST5=yes' in env_1.container.Config.Env"
|
|
- env_2 is not changed
|
|
- env_3 is not changed
|
|
- "'TEST1=val1' in env_4.container.Config.Env"
|
|
- "'TEST2=val2' not in env_4.container.Config.Env"
|
|
- "'TEST3=val3' in env_4.container.Config.Env"
|
|
- env_4 is changed
|
|
- env_5 is failed
|
|
- "('Non-string value found for env option.') in env_5.msg"
|
|
|
|
####################################################################
|
|
## env_file #########################################################
|
|
####################################################################
|
|
|
|
- name: Copy env-file
|
|
ansible.builtin.copy:
|
|
src: env-file
|
|
dest: "{{ remote_tmp_dir }}/env-file"
|
|
|
|
- name: env_file
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
env_file: "{{ remote_tmp_dir }}/env-file"
|
|
register: env_file_1
|
|
|
|
- name: env_file (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
env_file: "{{ remote_tmp_dir }}/env-file"
|
|
register: env_file_2
|
|
|
|
- name: env_file (with env, idempotent)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
env_file: "{{ remote_tmp_dir }}/env-file"
|
|
env:
|
|
TEST3: val3
|
|
register: env_file_3
|
|
|
|
- name: env_file (with env)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
env_file: "{{ remote_tmp_dir }}/env-file"
|
|
env:
|
|
TEST1: val1
|
|
TEST3: val3
|
|
force_kill: true
|
|
register: env_file_4
|
|
|
|
- name: env_file (with env, idempotent)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
env_file: "{{ remote_tmp_dir }}/env-file"
|
|
env:
|
|
TEST1: val1
|
|
register: env_file_5
|
|
|
|
- name: env_file (with env, override)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
env_file: "{{ remote_tmp_dir }}/env-file"
|
|
env:
|
|
TEST2: val2
|
|
TEST4: val4alt
|
|
force_kill: true
|
|
register: env_file_6
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- env_file_1 is changed
|
|
- "'TEST3=val3' in env_file_1.container.Config.Env"
|
|
- "'TEST4=val4' in env_file_1.container.Config.Env"
|
|
- env_file_2 is not changed
|
|
- env_file_3 is not changed
|
|
- env_file_4 is changed
|
|
- "'TEST1=val1' in env_file_4.container.Config.Env"
|
|
- "'TEST3=val3' in env_file_4.container.Config.Env"
|
|
- "'TEST4=val4' in env_file_4.container.Config.Env"
|
|
- env_file_5 is not changed
|
|
- env_file_6 is changed
|
|
- "'TEST2=val2' in env_file_6.container.Config.Env"
|
|
- "'TEST3=val3' in env_file_6.container.Config.Env"
|
|
- "'TEST4=val4alt' in env_file_6.container.Config.Env"
|
|
|
|
####################################################################
|
|
## etc_hosts #######################################################
|
|
####################################################################
|
|
|
|
- name: etc_hosts
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
etc_hosts:
|
|
example.com: 1.2.3.4
|
|
example.org: 4.3.2.1
|
|
register: etc_hosts_1
|
|
|
|
- name: etc_hosts (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
etc_hosts:
|
|
example.org: 4.3.2.1
|
|
example.com: 1.2.3.4
|
|
register: etc_hosts_2
|
|
|
|
- name: etc_hosts (less hosts)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
etc_hosts:
|
|
example.com: 1.2.3.4
|
|
register: etc_hosts_3
|
|
|
|
- name: etc_hosts (more hosts)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
etc_hosts:
|
|
example.com: 1.2.3.4
|
|
example.us: 1.2.3.5
|
|
force_kill: true
|
|
register: etc_hosts_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- etc_hosts_1 is changed
|
|
- etc_hosts_2 is not changed
|
|
- etc_hosts_3 is not changed
|
|
- etc_hosts_4 is changed
|
|
|
|
####################################################################
|
|
## exposed_ports ###################################################
|
|
####################################################################
|
|
|
|
- name: exposed_ports
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
exposed_ports:
|
|
- "9001"
|
|
- "9002"
|
|
register: exposed_ports_1
|
|
|
|
- name: exposed_ports (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
exposed_ports:
|
|
- "9002"
|
|
- "9001"
|
|
register: exposed_ports_2
|
|
|
|
- name: exposed_ports (less ports)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
exposed_ports:
|
|
- "9002"
|
|
register: exposed_ports_3
|
|
|
|
- name: exposed_ports (more ports)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
exposed_ports:
|
|
- "9002"
|
|
- "9003"
|
|
force_kill: true
|
|
register: exposed_ports_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- exposed_ports_1 is changed
|
|
- exposed_ports_2 is not changed
|
|
- exposed_ports_3 is not changed
|
|
- exposed_ports_4 is changed
|
|
|
|
####################################################################
|
|
## force_kill ######################################################
|
|
####################################################################
|
|
|
|
# TODO: - force_kill
|
|
|
|
####################################################################
|
|
## groups ##########################################################
|
|
####################################################################
|
|
|
|
- name: groups
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
groups:
|
|
- "1234"
|
|
- "5678"
|
|
register: groups_1
|
|
|
|
- name: groups (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
groups:
|
|
- "5678"
|
|
- "1234"
|
|
register: groups_2
|
|
|
|
- name: groups (less groups)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
groups:
|
|
- "1234"
|
|
register: groups_3
|
|
|
|
- name: groups (more groups)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
groups:
|
|
- "1234"
|
|
- "2345"
|
|
force_kill: true
|
|
register: groups_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- groups_1 is changed
|
|
- groups_2 is not changed
|
|
- groups_3 is not changed
|
|
- groups_4 is changed
|
|
|
|
####################################################################
|
|
## healthcheck #####################################################
|
|
####################################################################
|
|
|
|
- name: healthcheck
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
healthcheck:
|
|
test:
|
|
- CMD
|
|
- sleep
|
|
- 1
|
|
timeout: 2s
|
|
interval: 0h0m2s3ms4us
|
|
retries: 2
|
|
force_kill: true
|
|
register: healthcheck_1
|
|
|
|
- name: healthcheck (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
healthcheck:
|
|
test:
|
|
- CMD
|
|
- sleep
|
|
- 1
|
|
timeout: 2s
|
|
interval: 0h0m2s3ms4us
|
|
retries: 2
|
|
force_kill: true
|
|
register: healthcheck_2
|
|
|
|
- name: healthcheck (changed)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
healthcheck:
|
|
test:
|
|
- CMD
|
|
- sleep
|
|
- 1
|
|
timeout: 3s
|
|
interval: 0h1m2s3ms4us
|
|
retries: 3
|
|
force_kill: true
|
|
register: healthcheck_3
|
|
|
|
- name: healthcheck (no change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: healthcheck_4
|
|
|
|
- name: healthcheck (disabled)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
healthcheck:
|
|
test:
|
|
- NONE
|
|
force_kill: true
|
|
register: healthcheck_5
|
|
|
|
- name: healthcheck (disabled, idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
healthcheck:
|
|
test:
|
|
- NONE
|
|
force_kill: true
|
|
register: healthcheck_6
|
|
|
|
- name: healthcheck (disabled, idempotency, strict)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
healthcheck:
|
|
test:
|
|
- NONE
|
|
force_kill: true
|
|
comparisons:
|
|
'*': strict
|
|
register: healthcheck_7
|
|
|
|
- name: healthcheck (string in healthcheck test, changed)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
healthcheck:
|
|
test: "sleep 1"
|
|
force_kill: true
|
|
register: healthcheck_8
|
|
|
|
- name: healthcheck (string in healthcheck test, idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
healthcheck:
|
|
test: "sleep 1"
|
|
force_kill: true
|
|
register: healthcheck_9
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- healthcheck_1 is changed
|
|
- healthcheck_2 is not changed
|
|
- healthcheck_3 is changed
|
|
- healthcheck_4 is not changed
|
|
- healthcheck_5 is changed
|
|
- healthcheck_6 is not changed
|
|
- healthcheck_7 is not changed
|
|
- healthcheck_8 is changed
|
|
- healthcheck_9 is not changed
|
|
|
|
####################################################################
|
|
## hostname ########################################################
|
|
####################################################################
|
|
|
|
- name: hostname
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
hostname: me.example.com
|
|
state: started
|
|
register: hostname_1
|
|
|
|
- name: hostname (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
hostname: me.example.com
|
|
state: started
|
|
register: hostname_2
|
|
|
|
- name: hostname (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
hostname: me.example.org
|
|
state: started
|
|
force_kill: true
|
|
register: hostname_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- hostname_1 is changed
|
|
- hostname_2 is not changed
|
|
- hostname_3 is changed
|
|
|
|
####################################################################
|
|
## init ############################################################
|
|
####################################################################
|
|
|
|
- name: init
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
init: true
|
|
state: started
|
|
register: init_1
|
|
|
|
- name: init (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
init: true
|
|
state: started
|
|
register: init_2
|
|
|
|
- name: init (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
init: false
|
|
state: started
|
|
force_kill: true
|
|
register: init_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- init_1 is changed
|
|
- init_2 is not changed
|
|
- init_3 is changed
|
|
|
|
####################################################################
|
|
## interactive #####################################################
|
|
####################################################################
|
|
|
|
- name: interactive
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
interactive: true
|
|
state: started
|
|
register: interactive_1
|
|
|
|
- name: interactive (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
interactive: true
|
|
state: started
|
|
register: interactive_2
|
|
|
|
- name: interactive (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
interactive: false
|
|
state: started
|
|
force_kill: true
|
|
register: interactive_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- interactive_1 is changed
|
|
- interactive_2 is not changed
|
|
- interactive_3 is changed
|
|
|
|
####################################################################
|
|
## image / image_comparison ########################################
|
|
####################################################################
|
|
|
|
- name: Pull images to make sure ignore_image test succeeds
|
|
# If the image isn't there, it will pull it and return 'changed'.
|
|
community.docker.docker_image_pull:
|
|
name: "{{ item }}"
|
|
loop:
|
|
- "{{ docker_test_image_hello_world }}"
|
|
- "{{ docker_test_image_registry_nginx }}"
|
|
|
|
- name: image
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: image_1
|
|
|
|
- name: image (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: image_2
|
|
diff: true
|
|
|
|
- name: ignore_image
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
comparisons:
|
|
image: ignore
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: ignore_image
|
|
diff: true
|
|
|
|
- name: ignore_image (labels and env differ in image, image_comparison=current-image)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_registry_nginx }}"
|
|
comparisons:
|
|
image: ignore
|
|
image_comparison: current-image
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: ignore_image_2
|
|
diff: true
|
|
|
|
- name: ignore_image (labels and env differ in image, image_comparison=desired-image)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_registry_nginx }}"
|
|
comparisons:
|
|
image: ignore
|
|
image_comparison: desired-image
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: ignore_image_3
|
|
diff: true
|
|
|
|
- name: image change
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: image_change
|
|
diff: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- image_1 is changed
|
|
- image_2 is not changed
|
|
- ignore_image is not changed
|
|
- ignore_image_2 is not changed
|
|
- ignore_image_3 is changed
|
|
- image_change is changed
|
|
|
|
####################################################################
|
|
## image_label_mismatch ############################################
|
|
####################################################################
|
|
|
|
- name: Registering image name
|
|
ansible.builtin.set_fact:
|
|
iname_labels: "{{ cname_prefix ~ '-labels' }}"
|
|
- name: Registering image name
|
|
ansible.builtin.set_fact:
|
|
inames: "{{ inames + [iname_labels] }}"
|
|
- name: build image with labels
|
|
ansible.builtin.command:
|
|
cmd: "docker build --label img_label=base --tag {{ iname_labels }} -"
|
|
stdin: "FROM {{ docker_test_image_alpine }}"
|
|
|
|
- name: image_label_mismatch
|
|
community.docker.docker_container:
|
|
image: "{{ iname_labels }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: image_label_mismatch_1
|
|
|
|
- name: image_label_mismatch (ignore,unmanaged labels)
|
|
community.docker.docker_container:
|
|
image: "{{ iname_labels }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
image_label_mismatch: ignore
|
|
state: started
|
|
register: image_label_mismatch_2
|
|
|
|
- name: image_label_mismatch (ignore,missing img label)
|
|
community.docker.docker_container:
|
|
image: "{{ iname_labels }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
image_label_mismatch: ignore
|
|
labels: {}
|
|
state: started
|
|
register: image_label_mismatch_3
|
|
|
|
- name: image_label_mismatch (ignore,match img label)
|
|
community.docker.docker_container:
|
|
image: "{{ iname_labels }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
image_label_mismatch: ignore
|
|
labels:
|
|
img_label: base
|
|
state: started
|
|
register: image_label_mismatch_4
|
|
|
|
- name: image_label_mismatch (ignore,mismatched img label)
|
|
community.docker.docker_container:
|
|
image: "{{ iname_labels }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
image_label_mismatch: ignore
|
|
labels:
|
|
img_label: override
|
|
state: started
|
|
force_kill: true
|
|
register: image_label_mismatch_5
|
|
|
|
- name: image_label_mismatch (ignore,remove img label)
|
|
community.docker.docker_container:
|
|
image: "{{ iname_labels }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
image_label_mismatch: ignore
|
|
labels: {}
|
|
state: started
|
|
force_kill: true
|
|
register: image_label_mismatch_6
|
|
|
|
- name: image_label_mismatch (fail,unmanaged labels)
|
|
community.docker.docker_container:
|
|
image: "{{ iname_labels }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
image_label_mismatch: fail
|
|
state: started
|
|
register: image_label_mismatch_7
|
|
|
|
- name: image_label_mismatch (fail,non-strict,missing img label)
|
|
community.docker.docker_container:
|
|
image: "{{ iname_labels }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
image_label_mismatch: fail
|
|
labels: {}
|
|
state: started
|
|
register: image_label_mismatch_8
|
|
|
|
- name: image_label_mismatch (fail,strict,missing img label)
|
|
community.docker.docker_container:
|
|
image: "{{ iname_labels }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
image_label_mismatch: fail
|
|
comparisons:
|
|
labels: strict
|
|
labels: {}
|
|
state: started
|
|
ignore_errors: true
|
|
register: image_label_mismatch_9
|
|
|
|
- name: image_label_mismatch (fail,match img label)
|
|
community.docker.docker_container:
|
|
image: "{{ iname_labels }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
image_label_mismatch: fail
|
|
labels:
|
|
img_label: base
|
|
state: started
|
|
register: image_label_mismatch_10
|
|
|
|
- name: image_label_mismatch (fail,mismatched img label)
|
|
community.docker.docker_container:
|
|
image: "{{ iname_labels }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
image_label_mismatch: fail
|
|
labels:
|
|
img_label: override
|
|
state: started
|
|
force_kill: true
|
|
register: image_label_mismatch_11
|
|
|
|
- name: cleanup container
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- name: cleanup image
|
|
community.docker.docker_image_remove:
|
|
name: "{{ iname_labels }}"
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- image_label_mismatch_1 is changed
|
|
- image_label_mismatch_1.container.Config.Labels.img_label == "base"
|
|
- image_label_mismatch_2 is not changed
|
|
- image_label_mismatch_3 is not changed
|
|
- image_label_mismatch_4 is not changed
|
|
- image_label_mismatch_5 is changed
|
|
- image_label_mismatch_5.container.Config.Labels.img_label == "override"
|
|
- image_label_mismatch_6 is changed
|
|
- image_label_mismatch_6.container.Config.Labels.img_label == "base"
|
|
- image_label_mismatch_7 is not changed
|
|
- image_label_mismatch_8 is not changed
|
|
- image_label_mismatch_9 is failed
|
|
- >-
|
|
image_label_mismatch_9.msg == ("Some labels should be removed but are present in the base image. You can set image_label_mismatch to 'ignore' to ignore this error. " ~ 'Labels: "img_label"')
|
|
- image_label_mismatch_10 is not changed
|
|
- image_label_mismatch_11 is changed
|
|
|
|
####################################################################
|
|
## image_name_mismatch #############################################
|
|
####################################################################
|
|
|
|
- name: Pull images to make sure ignore_image test succeeds
|
|
# If the image isn't there, it will pull it and return 'changed'.
|
|
community.docker.docker_image_pull:
|
|
name: "{{ item }}"
|
|
loop:
|
|
- "{{ docker_test_image_hello_world }}"
|
|
- "{{ docker_test_image_registry_nginx }}"
|
|
|
|
- name: image
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: image_1
|
|
|
|
- name: image (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: image_2
|
|
diff: true
|
|
|
|
- name: ignore_image
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
comparisons:
|
|
image: ignore
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: ignore_image
|
|
diff: true
|
|
|
|
- name: ignore_image (labels and env differ in image, image_comparison=current-image)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_registry_nginx }}"
|
|
image_comparison: current-image
|
|
comparisons:
|
|
image: ignore
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: ignore_image_2
|
|
diff: true
|
|
|
|
- name: ignore_image (labels and env differ in image, image_comparison=desired-image)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_registry_nginx }}"
|
|
image_comparison: desired-image
|
|
comparisons:
|
|
image: ignore
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: ignore_image_3
|
|
diff: true
|
|
|
|
- name: image change
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
force_kill: true
|
|
register: image_change
|
|
diff: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- image_1 is changed
|
|
- image_2 is not changed
|
|
- ignore_image is not changed
|
|
- ignore_image_2 is not changed
|
|
- ignore_image_3 is changed
|
|
- image_change is changed
|
|
|
|
####################################################################
|
|
## image_name_mismatch #############################################
|
|
####################################################################
|
|
|
|
- name: Registering image name
|
|
ansible.builtin.set_fact:
|
|
iname_name_mismatch: "{{ cname_prefix ~ '-image-name' }}"
|
|
- name: Registering image name
|
|
ansible.builtin.set_fact:
|
|
inames: "{{ inames + [iname_name_mismatch] }}"
|
|
|
|
- name: Tag hello world image (pulled earlier) with new name
|
|
community.docker.docker_image_tag:
|
|
name: "{{ docker_test_image_registry_nginx }}"
|
|
repository: "{{ iname_name_mismatch }}:latest"
|
|
|
|
- name: image_name_mismatch
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_registry_nginx }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
register: image_name_mismatch_1
|
|
|
|
- name: image_name_mismatch (ignore)
|
|
community.docker.docker_container:
|
|
image: "{{ iname_name_mismatch }}:latest"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
image_name_mismatch: ignore
|
|
state: started
|
|
register: image_name_mismatch_2
|
|
|
|
- name: image_name_mismatch (recreate)
|
|
community.docker.docker_container:
|
|
image: "{{ iname_name_mismatch }}:latest"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
image_name_mismatch: recreate
|
|
state: started
|
|
force_kill: true
|
|
register: image_name_mismatch_3
|
|
|
|
- name: Cleanup container
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- name: Cleanup image
|
|
community.docker.docker_image_remove:
|
|
name: "{{ iname_name_mismatch }}"
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- image_name_mismatch_1 is changed
|
|
- image_name_mismatch_2 is not changed
|
|
- image_name_mismatch_3 is changed
|
|
- image_name_mismatch_3.container.Image == image_name_mismatch_2.container.Image
|
|
|
|
####################################################################
|
|
## ipc_mode ########################################################
|
|
####################################################################
|
|
|
|
- name: start helpers
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ container_name }}"
|
|
state: started
|
|
ipc_mode: shareable
|
|
loop:
|
|
- "{{ cname_h1 }}"
|
|
loop_control:
|
|
loop_var: container_name
|
|
|
|
- name: ipc_mode
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
ipc_mode: "container:{{ cname_h1 }}"
|
|
# ipc_mode: shareable
|
|
register: ipc_mode_1
|
|
|
|
- name: ipc_mode (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
ipc_mode: "container:{{ cname_h1 }}"
|
|
# ipc_mode: shareable
|
|
register: ipc_mode_2
|
|
|
|
- name: ipc_mode (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
ipc_mode: private
|
|
force_kill: true
|
|
register: ipc_mode_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ container_name }}"
|
|
state: absent
|
|
force_kill: true
|
|
loop:
|
|
- "{{ cname }}"
|
|
- "{{ cname_h1 }}"
|
|
loop_control:
|
|
loop_var: container_name
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- ipc_mode_1 is changed
|
|
- ipc_mode_2 is not changed
|
|
- ipc_mode_3 is changed
|
|
|
|
####################################################################
|
|
## kernel_memory ###################################################
|
|
####################################################################
|
|
|
|
- name: kernel_memory
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
kernel_memory: 8M
|
|
state: started
|
|
register: kernel_memory_1
|
|
ignore_errors: true
|
|
|
|
- name: kernel_memory (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
kernel_memory: 8M
|
|
state: started
|
|
register: kernel_memory_2
|
|
ignore_errors: true
|
|
|
|
- name: kernel_memory (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
kernel_memory: 6M
|
|
state: started
|
|
force_kill: true
|
|
register: kernel_memory_3
|
|
ignore_errors: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- kernel_memory_1 is changed
|
|
- kernel_memory_2 is not changed
|
|
- kernel_memory_3 is changed
|
|
when:
|
|
- kernel_memory_1 is not failed or 'kernel memory accounting disabled in this runc build' not in kernel_memory_1.msg
|
|
- >-
|
|
'Docker warning: Specifying a kernel memory limit is deprecated and will be removed in a future release.' not in (kernel_memory_1.warnings | default([]))
|
|
# API version 1.42 seems to remove the kernel memory option completely
|
|
- "'KernelMemory' in kernel_memory_1.container.HostConfig or docker_api_version is version('1.42', '<')"
|
|
|
|
####################################################################
|
|
## kill_signal #####################################################
|
|
####################################################################
|
|
|
|
# TODO: - kill_signal
|
|
|
|
####################################################################
|
|
## labels ##########################################################
|
|
####################################################################
|
|
|
|
- name: labels
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
labels:
|
|
ansible.test.1: hello
|
|
ansible.test.2: world
|
|
register: labels_1
|
|
|
|
- name: labels (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
labels:
|
|
ansible.test.2: world
|
|
ansible.test.1: hello
|
|
register: labels_2
|
|
|
|
- name: labels (less labels)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
labels:
|
|
ansible.test.1: hello
|
|
register: labels_3
|
|
|
|
- name: labels (more labels)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
labels:
|
|
ansible.test.1: hello
|
|
ansible.test.3: ansible
|
|
force_kill: true
|
|
register: labels_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- labels_1 is changed
|
|
- labels_2 is not changed
|
|
- labels_3 is not changed
|
|
- labels_4 is changed
|
|
|
|
####################################################################
|
|
## links ###########################################################
|
|
####################################################################
|
|
|
|
- name: start helpers
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ container_name }}"
|
|
state: started
|
|
loop:
|
|
- "{{ cname_h1 }}"
|
|
- "{{ cname_h2 }}"
|
|
- "{{ cname_h3 }}"
|
|
loop_control:
|
|
loop_var: container_name
|
|
|
|
- name: links
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
links:
|
|
- "{{ cname_h1 }}:test1"
|
|
- "{{ cname_h2 }}:test2"
|
|
register: links_1
|
|
|
|
- name: links (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
links:
|
|
- "{{ cname_h2 }}:test2"
|
|
- "{{ cname_h1 }}:test1"
|
|
register: links_2
|
|
|
|
- name: links (less links)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
links:
|
|
- "{{ cname_h1 }}:test1"
|
|
register: links_3
|
|
|
|
- name: links (more links)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
links:
|
|
- "{{ cname_h1 }}:test1"
|
|
- "{{ cname_h3 }}:test3"
|
|
force_kill: true
|
|
register: links_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ container_name }}"
|
|
state: absent
|
|
force_kill: true
|
|
loop:
|
|
- "{{ cname }}"
|
|
- "{{ cname_h1 }}"
|
|
- "{{ cname_h2 }}"
|
|
- "{{ cname_h3 }}"
|
|
loop_control:
|
|
loop_var: container_name
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- links_1 is changed
|
|
- links_2 is not changed
|
|
- links_3 is not changed
|
|
- links_4 is changed
|
|
|
|
####################################################################
|
|
## log_driver ######################################################
|
|
####################################################################
|
|
|
|
- name: log_driver
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
log_driver: json-file
|
|
register: log_driver_1
|
|
|
|
- name: log_driver (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
log_driver: json-file
|
|
register: log_driver_2
|
|
|
|
- name: log_driver (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
log_driver: syslog
|
|
force_kill: true
|
|
register: log_driver_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- log_driver_1 is changed
|
|
- log_driver_2 is not changed
|
|
- log_driver_3 is changed
|
|
|
|
####################################################################
|
|
## log_options #####################################################
|
|
####################################################################
|
|
|
|
- name: log_options
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
log_driver: json-file
|
|
log_options:
|
|
labels: production_status
|
|
env: os,customer
|
|
max-file: 5
|
|
register: log_options_1
|
|
|
|
- name: log_options (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
log_driver: json-file
|
|
log_options:
|
|
env: os,customer
|
|
labels: production_status
|
|
max-file: 5
|
|
register: log_options_2
|
|
|
|
- name: log_options (less log options)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
log_driver: json-file
|
|
log_options:
|
|
labels: production_status
|
|
register: log_options_3
|
|
|
|
- name: log_options (more log options)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
log_driver: json-file
|
|
log_options:
|
|
labels: production_status
|
|
max-size: 10m
|
|
force_kill: true
|
|
register: log_options_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- log_options_1 is changed
|
|
- log_options_2 is not changed
|
|
- message in (log_options_2.warnings | default([]))
|
|
- log_options_3 is not changed
|
|
- log_options_4 is changed
|
|
vars:
|
|
message: >-
|
|
Non-string value found for log_options option 'max-file'. The value is automatically converted to '5'.
|
|
If this is not correct, or you want to avoid such warnings, please quote the value,
|
|
or explicitly convert the values to strings when templating them.
|
|
|
|
####################################################################
|
|
## mac_address #####################################################
|
|
####################################################################
|
|
|
|
- when: docker_api_version is version('1.44', '<')
|
|
block:
|
|
- name: mac_address
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
mac_address: 92:d0:c6:0a:29:33
|
|
state: started
|
|
register: mac_address_1
|
|
|
|
- name: mac_address (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
mac_address: 92:d0:c6:0a:29:33
|
|
state: started
|
|
register: mac_address_2
|
|
|
|
- name: mac_address (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
mac_address: 92:d0:c6:0a:29:44
|
|
state: started
|
|
force_kill: true
|
|
register: mac_address_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- mac_address_1 is changed
|
|
- mac_address_2 is not changed
|
|
- mac_address_3 is changed
|
|
|
|
####################################################################
|
|
## memory ##########################################################
|
|
####################################################################
|
|
|
|
- name: memory
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
memory: 64M
|
|
state: started
|
|
register: memory_1
|
|
|
|
- name: memory (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
memory: 64M
|
|
state: started
|
|
register: memory_2
|
|
|
|
- name: memory (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
memory: 48M
|
|
state: started
|
|
force_kill: true
|
|
register: memory_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- memory_1 is changed
|
|
- memory_2 is not changed
|
|
- memory_3 is changed
|
|
|
|
####################################################################
|
|
## memory_reservation ##############################################
|
|
####################################################################
|
|
|
|
- name: memory_reservation
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
memory_reservation: 64M
|
|
state: started
|
|
register: memory_reservation_1
|
|
|
|
- name: memory_reservation (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
memory_reservation: 64M
|
|
state: started
|
|
register: memory_reservation_2
|
|
|
|
- name: memory_reservation (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
memory_reservation: 48M
|
|
state: started
|
|
force_kill: true
|
|
register: memory_reservation_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- memory_reservation_1 is changed
|
|
- memory_reservation_2 is not changed
|
|
- memory_reservation_3 is changed
|
|
|
|
####################################################################
|
|
## memory_swap #####################################################
|
|
####################################################################
|
|
|
|
- name: memory_swap
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
# Docker daemon does not accept memory_swap if memory is not specified
|
|
memory: 32M
|
|
memory_swap: 64M
|
|
state: started
|
|
debug: true
|
|
register: memory_swap_1
|
|
|
|
- name: memory_swap (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
# Docker daemon does not accept memory_swap if memory is not specified
|
|
memory: 32M
|
|
memory_swap: 64M
|
|
state: started
|
|
debug: true
|
|
register: memory_swap_2
|
|
|
|
- name: memory_swap (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
# Docker daemon does not accept memory_swap if memory is not specified
|
|
memory: 32M
|
|
memory_swap: 48M
|
|
state: started
|
|
force_kill: true
|
|
debug: true
|
|
register: memory_swap_3
|
|
|
|
- name: memory_swap (unlimited)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
# Docker daemon does not accept memory_swap if memory is not specified
|
|
memory: 32M
|
|
memory_swap: unlimited
|
|
state: started
|
|
force_kill: true
|
|
debug: true
|
|
register: memory_swap_4
|
|
|
|
- name: memory_swap (unlimited via -1)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
# Docker daemon does not accept memory_swap if memory is not specified
|
|
memory: 32M
|
|
memory_swap: -1
|
|
state: started
|
|
force_kill: true
|
|
debug: true
|
|
register: memory_swap_5
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- memory_swap_1 is changed
|
|
# Sometimes (in particular during integration tests, maybe when not running
|
|
# on a proper VM), memory_swap cannot be set and will be -1 afterwards.
|
|
- memory_swap_2 is not changed or memory_swap_2.container.HostConfig.MemorySwap == -1
|
|
- memory_swap_3 is changed
|
|
# Unlimited memory_swap (using 'unlimited') should be allowed
|
|
# (If the value was already -1 because of the above reasons, it won't change)
|
|
- (memory_swap_4 is changed or memory_swap_3.container.HostConfig.MemorySwap == -1) and memory_swap_4.container.HostConfig.MemorySwap == -1
|
|
# Unlimited memory_swap (using '-1') should be allowed
|
|
- memory_swap_5 is not changed and memory_swap_5.container.HostConfig.MemorySwap == -1
|
|
|
|
- ansible.builtin.debug: var=memory_swap_1
|
|
when: memory_swap_2 is changed
|
|
- ansible.builtin.debug: var=memory_swap_2
|
|
when: memory_swap_2 is changed
|
|
- ansible.builtin.debug: var=memory_swap_3
|
|
when: memory_swap_2 is changed
|
|
|
|
####################################################################
|
|
## memory_swappiness ###############################################
|
|
####################################################################
|
|
|
|
- name: memory_swappiness
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
memory_swappiness: 40
|
|
state: started
|
|
register: memory_swappiness_1
|
|
|
|
- name: memory_swappiness (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
memory_swappiness: 40
|
|
state: started
|
|
register: memory_swappiness_2
|
|
|
|
- name: memory_swappiness (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
memory_swappiness: 60
|
|
state: started
|
|
force_kill: true
|
|
register: memory_swappiness_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- memory_swappiness_1 is changed
|
|
- memory_swappiness_2 is not changed
|
|
- memory_swappiness_3 is changed
|
|
when: >-
|
|
'Docker warning: Your kernel does not support memory swappiness capabilities or the cgroup is not mounted. Memory swappiness discarded.' not in (memory_swappiness_1.warnings | default([]))
|
|
|
|
####################################################################
|
|
## oom_killer ######################################################
|
|
####################################################################
|
|
|
|
- name: oom_killer
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
oom_killer: true
|
|
state: started
|
|
register: oom_killer_1
|
|
|
|
- name: oom_killer (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
oom_killer: true
|
|
state: started
|
|
register: oom_killer_2
|
|
|
|
- name: oom_killer (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
oom_killer: false
|
|
state: started
|
|
force_kill: true
|
|
register: oom_killer_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- oom_killer_1 is changed
|
|
- oom_killer_2 is not changed
|
|
- oom_killer_3 is changed
|
|
when: >-
|
|
'Docker warning: Your kernel does not support OomKillDisable. OomKillDisable discarded.' not in (oom_killer_1.warnings | default([]))
|
|
|
|
####################################################################
|
|
## oom_score_adj ###################################################
|
|
####################################################################
|
|
|
|
- name: oom_score_adj
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
oom_score_adj: 5
|
|
state: started
|
|
register: oom_score_adj_1
|
|
|
|
- name: oom_score_adj (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
oom_score_adj: 5
|
|
state: started
|
|
register: oom_score_adj_2
|
|
|
|
- name: oom_score_adj (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
oom_score_adj: 7
|
|
state: started
|
|
force_kill: true
|
|
register: oom_score_adj_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- oom_score_adj_1 is changed
|
|
- oom_score_adj_2 is not changed
|
|
- oom_score_adj_3 is changed
|
|
when: >-
|
|
'Docker warning: Your kernel does not support OomScoreAdj. OomScoreAdj discarded.' not in (oom_score_adj_1.warnings | default([]))
|
|
|
|
####################################################################
|
|
## output_logs #####################################################
|
|
####################################################################
|
|
|
|
# TODO: - output_logs
|
|
|
|
####################################################################
|
|
## paused ##########################################################
|
|
####################################################################
|
|
|
|
- name: paused
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: "/bin/sh -c 'sleep 10m'"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
paused: true
|
|
force_kill: true
|
|
register: paused_1
|
|
|
|
- name: inspect paused
|
|
ansible.builtin.command: "docker inspect -f {% raw %}'{{.State.Status}} {{.State.Paused}}'{% endraw %} {{ cname }}"
|
|
register: paused_2
|
|
|
|
- name: paused (idempotent)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: "/bin/sh -c 'sleep 10m'"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
paused: true
|
|
force_kill: true
|
|
register: paused_3
|
|
|
|
- name: paused (continue)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: "/bin/sh -c 'sleep 10m'"
|
|
name: "{{ cname }}"
|
|
state: started
|
|
paused: false
|
|
force_kill: true
|
|
register: paused_4
|
|
|
|
- name: inspect paused
|
|
ansible.builtin.command: "docker inspect -f {% raw %}'{{.State.Status}} {{.State.Paused}}'{% endraw %} {{ cname }}"
|
|
register: paused_5
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- paused_1 is changed
|
|
- 'paused_2.stdout == "paused true"'
|
|
- paused_3 is not changed
|
|
- paused_4 is changed
|
|
- 'paused_5.stdout == "running false"'
|
|
|
|
####################################################################
|
|
## pid_mode ########################################################
|
|
####################################################################
|
|
|
|
- name: start helpers
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname_h1 }}"
|
|
state: started
|
|
register: pid_mode_helper
|
|
|
|
- name: pid_mode
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
pid_mode: "container:{{ pid_mode_helper.container.Id }}"
|
|
register: pid_mode_1
|
|
|
|
- name: pid_mode (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
pid_mode: "container:{{ cname_h1 }}"
|
|
register: pid_mode_2
|
|
|
|
- name: pid_mode (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
pid_mode: host
|
|
force_kill: true
|
|
register: pid_mode_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ container_name }}"
|
|
state: absent
|
|
force_kill: true
|
|
loop:
|
|
- "{{ cname }}"
|
|
- "{{ cname_h1 }}"
|
|
loop_control:
|
|
loop_var: container_name
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- pid_mode_1 is changed
|
|
- pid_mode_2 is not changed
|
|
- pid_mode_3 is changed
|
|
|
|
####################################################################
|
|
## pids_limit ######################################################
|
|
####################################################################
|
|
|
|
- name: pids_limit
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
pids_limit: 10
|
|
register: pids_limit_1
|
|
|
|
- name: pids_limit (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
pids_limit: 10
|
|
register: pids_limit_2
|
|
|
|
- name: pids_limit (changed)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
pids_limit: 20
|
|
force_kill: true
|
|
register: pids_limit_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- pids_limit_1 is changed
|
|
- pids_limit_2 is not changed
|
|
- pids_limit_3 is changed
|
|
|
|
####################################################################
|
|
## platform ########################################################
|
|
####################################################################
|
|
|
|
- name: Remove test image
|
|
community.docker.docker_image_remove:
|
|
name: "{{ docker_test_image_simple_1 }}"
|
|
|
|
- name: platform
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_simple_1 }}"
|
|
name: "{{ cname }}"
|
|
state: present
|
|
pull: true
|
|
platform: linux/amd64
|
|
debug: true
|
|
register: platform_1
|
|
ignore_errors: true
|
|
|
|
- name: platform (idempotency with full name)
|
|
# Docker daemon only returns 'linux' as the platform for the container,
|
|
# so this has to be handled correctly by our additional code
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_simple_1 }}"
|
|
name: "{{ cname }}"
|
|
state: present
|
|
platform: linux/amd64
|
|
debug: true
|
|
register: platform_2
|
|
ignore_errors: true
|
|
|
|
- name: platform (idempotency with shorter name)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_simple_1 }}"
|
|
name: "{{ cname }}"
|
|
state: present
|
|
platform: linux
|
|
debug: true
|
|
register: platform_3
|
|
ignore_errors: true
|
|
|
|
- name: platform (idempotency with shorter name)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_simple_1 }}"
|
|
name: "{{ cname }}"
|
|
state: present
|
|
platform: amd64
|
|
debug: true
|
|
register: platform_4
|
|
ignore_errors: true
|
|
|
|
- name: platform (changed)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_simple_1 }}"
|
|
name: "{{ cname }}"
|
|
state: present
|
|
pull: true
|
|
platform: linux/386
|
|
force_kill: true
|
|
debug: true
|
|
comparisons:
|
|
# Do not restart because of the changed image ID
|
|
image: ignore
|
|
register: platform_5
|
|
ignore_errors: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- platform_1 is changed
|
|
- platform_2 is not changed and platform_2 is not failed
|
|
- platform_3 is not changed and platform_3 is not failed
|
|
- platform_4 is not changed and platform_4 is not failed
|
|
- platform_5 is changed
|
|
when: docker_api_version is version('1.41', '>=')
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- platform_1 is failed
|
|
- |
|
|
('API version is ' ~ docker_api_version ~ '.') in platform_1.msg and 'Minimum version required is 1.41 ' in platform_1.msg
|
|
when: docker_api_version is version('1.41', '<')
|
|
|
|
####################################################################
|
|
## pull / pull_check_mode_behavior #################################
|
|
####################################################################
|
|
|
|
- name: Remove hello-world image
|
|
community.docker.docker_image_remove:
|
|
name: "{{ docker_test_image_hello_world }}"
|
|
|
|
- name: pull (pull=never)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
name: "{{ cname }}"
|
|
state: present
|
|
pull: never
|
|
debug: true
|
|
register: pull_1
|
|
ignore_errors: true
|
|
|
|
- name: pull (pull=missing, check mode)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
name: "{{ cname }}"
|
|
state: present
|
|
pull: missing
|
|
debug: true
|
|
register: pull_2
|
|
check_mode: true
|
|
ignore_errors: true
|
|
|
|
- name: pull (pull=missing)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
name: "{{ cname }}"
|
|
state: present
|
|
pull: missing
|
|
debug: true
|
|
register: pull_3
|
|
ignore_errors: true
|
|
|
|
- name: pull (pull=missing, idempotent, check mode)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
name: "{{ cname }}"
|
|
state: present
|
|
pull: missing
|
|
debug: true
|
|
register: pull_4
|
|
check_mode: true
|
|
ignore_errors: true
|
|
|
|
- name: pull (pull=missing, idempotent)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
name: "{{ cname }}"
|
|
state: present
|
|
pull: missing
|
|
debug: true
|
|
register: pull_5
|
|
ignore_errors: true
|
|
|
|
- name: pull (pull=always, check mode, pull_check_mode_behavior=image_not_present)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
name: "{{ cname }}"
|
|
state: present
|
|
pull: always
|
|
pull_check_mode_behavior: image_not_present
|
|
debug: true
|
|
register: pull_6
|
|
check_mode: true
|
|
ignore_errors: true
|
|
|
|
- name: pull (pull=always, check mode, pull_check_mode_behavior=always)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
name: "{{ cname }}"
|
|
state: present
|
|
pull: always
|
|
pull_check_mode_behavior: always
|
|
debug: true
|
|
register: pull_7
|
|
check_mode: true
|
|
ignore_errors: true
|
|
|
|
- name: pull (pull=always)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_hello_world }}"
|
|
name: "{{ cname }}"
|
|
state: present
|
|
pull: always
|
|
debug: true
|
|
register: pull_8
|
|
ignore_errors: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- pull_1 is failed
|
|
- pull_1.msg == ("Cannot find image with name " ~ docker_test_image_hello_world ~ ", and pull=never")
|
|
- pull_2 is changed
|
|
- pulled_image_action not in pull_2.actions
|
|
- pulled_image_action_changed in pull_2.actions
|
|
- pulled_image_action_unchanged not in pull_2.actions
|
|
- pull_3 is changed
|
|
- pulled_image_action not in pull_3.actions
|
|
- pulled_image_action_changed in pull_3.actions
|
|
- pulled_image_action_unchanged not in pull_3.actions
|
|
- pull_4 is not changed
|
|
- pulled_image_action not in pull_4.actions
|
|
- pulled_image_action_changed not in pull_4.actions
|
|
- pulled_image_action_unchanged not in pull_4.actions
|
|
- pull_5 is not changed
|
|
- pulled_image_action not in pull_5.actions
|
|
- pulled_image_action_changed not in pull_5.actions
|
|
- pulled_image_action_unchanged not in pull_5.actions
|
|
- pull_6 is not changed
|
|
- pulled_image_action not in pull_6.actions
|
|
- pulled_image_action_changed not in pull_6.actions
|
|
- pulled_image_action_unchanged not in pull_6.actions
|
|
- pull_7 is changed
|
|
- pulled_image_action in pull_7.actions
|
|
- pulled_image_action_changed not in pull_7.actions
|
|
- pulled_image_action_unchanged not in pull_7.actions
|
|
- pull_8 is not changed
|
|
- pulled_image_action not in pull_8.actions
|
|
- pulled_image_action_changed not in pull_8.actions
|
|
- pulled_image_action_unchanged in pull_8.actions
|
|
vars:
|
|
pulled_image_action:
|
|
pulled_image: "{{ docker_test_image_hello_world }}"
|
|
pulled_image_action_changed:
|
|
pulled_image: "{{ docker_test_image_hello_world }}"
|
|
changed: true
|
|
pulled_image_action_unchanged:
|
|
pulled_image: "{{ docker_test_image_hello_world }}"
|
|
changed: false
|
|
|
|
####################################################################
|
|
## privileged ######################################################
|
|
####################################################################
|
|
|
|
- name: privileged
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
privileged: true
|
|
state: started
|
|
register: privileged_1
|
|
|
|
- name: privileged (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
privileged: true
|
|
state: started
|
|
register: privileged_2
|
|
|
|
- name: privileged (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
privileged: false
|
|
state: started
|
|
force_kill: true
|
|
register: privileged_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- privileged_1 is changed
|
|
- privileged_2 is not changed
|
|
- privileged_3 is changed
|
|
|
|
####################################################################
|
|
## published_ports and default_host_ip #############################
|
|
####################################################################
|
|
|
|
- name: published_ports
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
published_ports:
|
|
- '9001'
|
|
- '9002'
|
|
register: published_ports_1
|
|
|
|
- name: published_ports (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
published_ports:
|
|
- '9002'
|
|
- '9001'
|
|
register: published_ports_2
|
|
|
|
- name: published_ports (less published_ports)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
published_ports:
|
|
- '9002'
|
|
register: published_ports_3
|
|
|
|
- name: published_ports (more published_ports)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
published_ports:
|
|
- '9002'
|
|
- '9003'
|
|
force_kill: true
|
|
register: published_ports_4
|
|
|
|
- name: published_ports (ports with IP addresses)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
published_ports:
|
|
- '127.0.0.1:9002:9002/tcp'
|
|
- '[::1]:9003:9003/tcp'
|
|
- '[fe80::1%test]:90:90/tcp'
|
|
force_kill: true
|
|
register: published_ports_5
|
|
when: docker_host_info.host_info.ServerVersion is version('27.0.0', '<')
|
|
|
|
- name: published_ports (ports with IP addresses, idempotent)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
published_ports:
|
|
- '127.0.0.1:9002:9002/tcp'
|
|
- '[::1]:9003:9003/tcp'
|
|
- '[fe80::1%test]:90:90/tcp'
|
|
register: published_ports_6
|
|
when: docker_host_info.host_info.ServerVersion is version('27.0.0', '<')
|
|
|
|
- name: published_ports (no published ports)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
published_ports: []
|
|
comparisons:
|
|
published_ports: strict
|
|
force_kill: true
|
|
register: published_ports_7
|
|
|
|
- name: published_ports (default_host_ip not set)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
published_ports:
|
|
- '9001'
|
|
- '9002'
|
|
force_kill: true
|
|
register: published_ports_8
|
|
|
|
- name: published_ports (default_host_ip set to empty string)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
published_ports:
|
|
- '9002'
|
|
- '9001'
|
|
default_host_ip: ''
|
|
force_kill: true
|
|
register: published_ports_9
|
|
|
|
- name: published_ports (default_host_ip set to empty string, idempotent)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
published_ports:
|
|
- '9002'
|
|
- '9001'
|
|
default_host_ip: ''
|
|
register: published_ports_10
|
|
|
|
- name: published_ports (default_host_ip unset)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
published_ports:
|
|
- '9002'
|
|
- '9001'
|
|
force_kill: true
|
|
register: published_ports_11
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- published_ports_1 is changed
|
|
- published_ports_2 is not changed
|
|
- published_ports_3 is not changed
|
|
- published_ports_4 is changed
|
|
- (published_ports_5 is changed and published_ports_5 is not skipped) or published_ports_5 is skipped
|
|
- (published_ports_6 is not changed and published_ports_6 is not skipped) or published_ports_6 is skipped
|
|
- published_ports_7 is changed
|
|
- published_ports_8 is changed
|
|
- published_ports_9 is changed
|
|
- published_ports_10 is not changed
|
|
- published_ports_11 is changed
|
|
|
|
####################################################################
|
|
## pull ############################################################
|
|
####################################################################
|
|
|
|
# TODO: - pull
|
|
|
|
####################################################################
|
|
## read_only #######################################################
|
|
####################################################################
|
|
|
|
- name: read_only
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
read_only: true
|
|
state: started
|
|
register: read_only_1
|
|
|
|
- name: read_only (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
read_only: true
|
|
state: started
|
|
register: read_only_2
|
|
|
|
- name: read_only (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
read_only: false
|
|
state: started
|
|
force_kill: true
|
|
register: read_only_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- read_only_1 is changed
|
|
- read_only_2 is not changed
|
|
- read_only_3 is changed
|
|
|
|
####################################################################
|
|
## restart_policy ##################################################
|
|
####################################################################
|
|
|
|
- name: restart_policy
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
restart_policy: always
|
|
state: started
|
|
register: restart_policy_1
|
|
|
|
- name: restart_policy (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
restart_policy: always
|
|
state: started
|
|
register: restart_policy_2
|
|
|
|
- name: restart_policy (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
restart_policy: unless-stopped
|
|
state: started
|
|
force_kill: true
|
|
register: restart_policy_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- restart_policy_1 is changed
|
|
- restart_policy_2 is not changed
|
|
- restart_policy_3 is changed
|
|
|
|
####################################################################
|
|
## restart_retries #################################################
|
|
####################################################################
|
|
|
|
- name: restart_retries
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
restart_policy: on-failure
|
|
restart_retries: 5
|
|
state: started
|
|
register: restart_retries_1
|
|
|
|
- name: restart_retries (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
restart_policy: on-failure
|
|
restart_retries: 5
|
|
state: started
|
|
register: restart_retries_2
|
|
|
|
- name: restart_retries (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
restart_policy: on-failure
|
|
restart_retries: 2
|
|
state: started
|
|
force_kill: true
|
|
register: restart_retries_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- restart_retries_1 is changed
|
|
- restart_retries_2 is not changed
|
|
- restart_retries_3 is changed
|
|
|
|
####################################################################
|
|
## runtime #########################################################
|
|
####################################################################
|
|
|
|
- name: runtime
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
runtime: runc
|
|
state: started
|
|
register: runtime_1
|
|
|
|
- name: runtime (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
runtime: runc
|
|
state: started
|
|
register: runtime_2
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- runtime_1 is changed
|
|
- runtime_2 is not changed
|
|
|
|
####################################################################
|
|
## security_opts ###################################################
|
|
####################################################################
|
|
|
|
# In case some of the options stop working, here are some more
|
|
# options which *currently* work with all integration test targets:
|
|
# no-new-privileges
|
|
# label:disable
|
|
# label=disable
|
|
# label:level:s0:c100,c200
|
|
# label=level:s0:c100,c200
|
|
# label:type:svirt_apache_t
|
|
# label=type:svirt_apache_t
|
|
# label:user:root
|
|
# label=user:root
|
|
# seccomp:unconfined
|
|
# seccomp=unconfined
|
|
# apparmor:docker-default
|
|
# apparmor=docker-default
|
|
|
|
- name: security_opts
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
security_opts:
|
|
- "label:level:s0:c100,c200"
|
|
- "no-new-privileges"
|
|
register: security_opts_1
|
|
|
|
- name: security_opts (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
security_opts:
|
|
- "no-new-privileges"
|
|
- "label:level:s0:c100,c200"
|
|
register: security_opts_2
|
|
|
|
- name: security_opts (less security options)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
security_opts:
|
|
- "no-new-privileges"
|
|
register: security_opts_3
|
|
|
|
- name: security_opts (more security options)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
security_opts:
|
|
- "label:disable"
|
|
- "no-new-privileges"
|
|
force_kill: true
|
|
register: security_opts_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- security_opts_1 is changed
|
|
- security_opts_2 is not changed
|
|
- security_opts_3 is not changed
|
|
- security_opts_4 is changed
|
|
|
|
####################################################################
|
|
## shm_size ########################################################
|
|
####################################################################
|
|
|
|
- name: shm_size
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
shm_size: 96M
|
|
state: started
|
|
register: shm_size_1
|
|
|
|
- name: shm_size (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
shm_size: 96M
|
|
state: started
|
|
register: shm_size_2
|
|
|
|
- name: shm_size (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
shm_size: 75M
|
|
state: started
|
|
force_kill: true
|
|
register: shm_size_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- shm_size_1 is changed
|
|
- shm_size_2 is not changed
|
|
- shm_size_3 is changed
|
|
|
|
####################################################################
|
|
## stop_signal #####################################################
|
|
####################################################################
|
|
|
|
- name: stop_signal
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
stop_signal: "30"
|
|
state: started
|
|
register: stop_signal_1
|
|
|
|
- name: stop_signal (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
stop_signal: "30"
|
|
state: started
|
|
register: stop_signal_2
|
|
|
|
- name: stop_signal (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
stop_signal: "9"
|
|
state: started
|
|
force_kill: true
|
|
register: stop_signal_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- stop_signal_1 is changed
|
|
- stop_signal_2 is not changed
|
|
- stop_signal_3 is changed
|
|
|
|
####################################################################
|
|
## stop_timeout ####################################################
|
|
####################################################################
|
|
|
|
- name: stop_timeout
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
stop_timeout: 2
|
|
state: started
|
|
register: stop_timeout_1
|
|
|
|
- name: stop_timeout (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
stop_timeout: 2
|
|
state: started
|
|
register: stop_timeout_2
|
|
|
|
- name: stop_timeout (no change)
|
|
# stop_timeout changes are ignored by default
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
stop_timeout: 1
|
|
state: started
|
|
register: stop_timeout_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- stop_timeout_1 is changed
|
|
- stop_timeout_2 is not changed
|
|
- stop_timeout_3 is not changed
|
|
|
|
####################################################################
|
|
## storage_opts ####################################################
|
|
####################################################################
|
|
|
|
- name: storage_opts
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
storage_opts:
|
|
size: 12m
|
|
state: started
|
|
register: storage_opts_1
|
|
ignore_errors: true
|
|
|
|
- name: storage_opts (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
storage_opts:
|
|
size: 12m
|
|
state: started
|
|
register: storage_opts_2
|
|
ignore_errors: true
|
|
|
|
- name: storage_opts (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
storage_opts:
|
|
size: 24m
|
|
state: started
|
|
force_kill: true
|
|
register: storage_opts_3
|
|
ignore_errors: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- storage_opts_1 is changed
|
|
- storage_opts_2 is not failed and storage_opts_2 is not changed
|
|
- storage_opts_3 is not failed and storage_opts_3 is changed
|
|
when: storage_opts_1 is not failed
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- "'is supported only for' in storage_opts_1.msg"
|
|
- storage_opts_2 is failed
|
|
- storage_opts_3 is failed
|
|
when: storage_opts_1 is failed
|
|
|
|
####################################################################
|
|
## sysctls #########################################################
|
|
####################################################################
|
|
|
|
# In case some of the options stop working, here are some more
|
|
# options which *currently* work with all integration test targets:
|
|
# net.ipv4.conf.default.log_martians: 1
|
|
# net.ipv4.conf.default.secure_redirects: 0
|
|
# net.ipv4.conf.default.send_redirects: 0
|
|
# net.ipv4.conf.all.log_martians: 1
|
|
# net.ipv4.conf.all.accept_redirects: 0
|
|
# net.ipv4.conf.all.secure_redirects: 0
|
|
# net.ipv4.conf.all.send_redirects: 0
|
|
|
|
- name: sysctls
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
sysctls:
|
|
net.ipv4.icmp_echo_ignore_all: 1
|
|
net.ipv4.ip_forward: 1
|
|
register: sysctls_1
|
|
|
|
- name: sysctls (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
sysctls:
|
|
net.ipv4.ip_forward: 1
|
|
net.ipv4.icmp_echo_ignore_all: 1
|
|
register: sysctls_2
|
|
|
|
- name: sysctls (less sysctls)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
sysctls:
|
|
net.ipv4.icmp_echo_ignore_all: 1
|
|
register: sysctls_3
|
|
|
|
- name: sysctls (more sysctls)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
sysctls:
|
|
net.ipv4.icmp_echo_ignore_all: 1
|
|
net.ipv6.conf.default.accept_redirects: 0
|
|
force_kill: true
|
|
register: sysctls_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- sysctls_1 is changed
|
|
- sysctls_2 is not changed
|
|
- sysctls_3 is not changed
|
|
- sysctls_4 is changed
|
|
|
|
####################################################################
|
|
## tmpfs ###########################################################
|
|
####################################################################
|
|
|
|
- name: tmpfs
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
tmpfs:
|
|
- "/test1:rw,noexec,nosuid,size=65536k"
|
|
- "/test2:rw,noexec,nosuid,size=65536k"
|
|
register: tmpfs_1
|
|
|
|
- name: tmpfs (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
tmpfs:
|
|
- "/test2:rw,noexec,nosuid,size=65536k"
|
|
- "/test1:rw,noexec,nosuid,size=65536k"
|
|
register: tmpfs_2
|
|
|
|
- name: tmpfs (less tmpfs)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
tmpfs:
|
|
- "/test1:rw,noexec,nosuid,size=65536k"
|
|
register: tmpfs_3
|
|
|
|
- name: tmpfs (more tmpfs)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
tmpfs:
|
|
- "/test1:rw,noexec,nosuid,size=65536k"
|
|
- "/test3:rw,noexec,nosuid,size=65536k"
|
|
force_kill: true
|
|
register: tmpfs_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- tmpfs_1 is changed
|
|
- tmpfs_2 is not changed
|
|
- tmpfs_3 is not changed
|
|
- tmpfs_4 is changed
|
|
|
|
####################################################################
|
|
## tty #############################################################
|
|
####################################################################
|
|
|
|
- name: tty
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
tty: true
|
|
state: started
|
|
register: tty_1
|
|
ignore_errors: true
|
|
|
|
- name: tty (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
tty: true
|
|
state: started
|
|
register: tty_2
|
|
ignore_errors: true
|
|
|
|
- name: tty (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
tty: false
|
|
state: started
|
|
force_kill: true
|
|
register: tty_3
|
|
ignore_errors: true
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- tty_1 is changed
|
|
- tty_2 is not changed and tty_2 is not failed
|
|
- tty_3 is changed
|
|
when: tty_1 is not failed
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- "'error during container init: open /dev/pts/' in tty_1.msg"
|
|
- "': operation not permitted: ' in tty_1.msg"
|
|
when: tty_1 is failed
|
|
|
|
####################################################################
|
|
## ulimits #########################################################
|
|
####################################################################
|
|
|
|
- name: ulimits
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
ulimits:
|
|
- "nofile:1234:1234"
|
|
- "nproc:3:6"
|
|
register: ulimits_1
|
|
|
|
- name: ulimits (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
ulimits:
|
|
- "nproc:3:6"
|
|
- "nofile:1234:1234"
|
|
register: ulimits_2
|
|
|
|
- name: ulimits (less ulimits)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
ulimits:
|
|
- "nofile:1234:1234"
|
|
register: ulimits_3
|
|
|
|
- name: ulimits (more ulimits)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
state: started
|
|
ulimits:
|
|
- "nofile:1234:1234"
|
|
- "sigpending:100:200"
|
|
force_kill: true
|
|
register: ulimits_4
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- ulimits_1 is changed
|
|
- ulimits_2 is not changed
|
|
- ulimits_3 is not changed
|
|
- ulimits_4 is changed
|
|
|
|
####################################################################
|
|
## user ############################################################
|
|
####################################################################
|
|
|
|
- name: user
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
user: nobody
|
|
state: started
|
|
register: user_1
|
|
|
|
- name: user (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
user: nobody
|
|
state: started
|
|
register: user_2
|
|
|
|
- name: user (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
user: root
|
|
state: started
|
|
force_kill: true
|
|
register: user_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- user_1 is changed
|
|
- user_2 is not changed
|
|
- user_3 is changed
|
|
|
|
####################################################################
|
|
## userns_mode #####################################################
|
|
####################################################################
|
|
|
|
- name: userns_mode
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
userns_mode: host
|
|
state: started
|
|
register: userns_mode_1
|
|
|
|
- name: userns_mode (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
userns_mode: host
|
|
state: started
|
|
register: userns_mode_2
|
|
|
|
- name: userns_mode (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
userns_mode: ""
|
|
state: started
|
|
force_kill: true
|
|
register: userns_mode_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- userns_mode_1 is changed
|
|
- userns_mode_2 is not changed
|
|
- userns_mode_3 is changed
|
|
|
|
####################################################################
|
|
## uts #############################################################
|
|
####################################################################
|
|
|
|
- name: uts
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
uts: host
|
|
state: started
|
|
register: uts_1
|
|
|
|
- name: uts (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
uts: host
|
|
state: started
|
|
register: uts_2
|
|
|
|
- name: uts (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
uts: ""
|
|
state: started
|
|
force_kill: true
|
|
register: uts_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- uts_1 is changed
|
|
- uts_2 is not changed
|
|
- uts_3 is changed
|
|
|
|
####################################################################
|
|
## working_dir #####################################################
|
|
####################################################################
|
|
|
|
- name: working_dir
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
working_dir: /tmp
|
|
state: started
|
|
register: working_dir_1
|
|
|
|
- name: working_dir (idempotency)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
working_dir: /tmp
|
|
state: started
|
|
register: working_dir_2
|
|
|
|
- name: working_dir (change)
|
|
community.docker.docker_container:
|
|
image: "{{ docker_test_image_alpine }}"
|
|
command: '/bin/sh -c "sleep 10m"'
|
|
name: "{{ cname }}"
|
|
working_dir: /
|
|
state: started
|
|
force_kill: true
|
|
register: working_dir_3
|
|
|
|
- name: cleanup
|
|
community.docker.docker_container:
|
|
name: "{{ cname }}"
|
|
state: absent
|
|
force_kill: true
|
|
diff: false
|
|
|
|
- ansible.builtin.assert:
|
|
that:
|
|
- working_dir_1 is changed
|
|
- working_dir_2 is not changed
|
|
- working_dir_3 is changed
|
|
|
|
####################################################################
|
|
####################################################################
|
|
####################################################################
|