mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-07-23 05:10:22 -07:00
Adds docker_secret module (#26469)
This commit is contained in:
parent
5acebc124a
commit
6af53cf0ef
10 changed files with 503 additions and 0 deletions
3
test/integration/targets/docker_secret/aliases
Normal file
3
test/integration/targets/docker_secret/aliases
Normal file
|
@ -0,0 +1,3 @@
|
|||
posix/ci/group2
|
||||
skip/osx
|
||||
skip/freebsd
|
3
test/integration/targets/docker_secret/handlers/main.yml
Normal file
3
test/integration/targets/docker_secret/handlers/main.yml
Normal file
|
@ -0,0 +1,3 @@
|
|||
- name: disable_swarm
|
||||
command: docker swarm leave --force
|
||||
ignore_errors: yes
|
17
test/integration/targets/docker_secret/tasks/Fedora.yml
Normal file
17
test/integration/targets/docker_secret/tasks/Fedora.yml
Normal file
|
@ -0,0 +1,17 @@
|
|||
- name: Install Docker pre-reqs
|
||||
dnf:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
items:
|
||||
- dnf-plugins-core
|
||||
|
||||
- name: Add repository
|
||||
command: dnf config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo
|
||||
|
||||
- name: Update cache
|
||||
command: dnf makecache fast
|
||||
|
||||
- name: Install docker
|
||||
dnf:
|
||||
name: docker-ce
|
||||
state: present
|
11
test/integration/targets/docker_secret/tasks/OpenSuse.yml
Normal file
11
test/integration/targets/docker_secret/tasks/OpenSuse.yml
Normal file
|
@ -0,0 +1,11 @@
|
|||
- name: Template repo
|
||||
template:
|
||||
src: virt.repo.j2
|
||||
dest: /etc/zypp/repos.d/virt.repo
|
||||
|
||||
- name: Install docker 17
|
||||
zypper:
|
||||
name: docker-17.04.0_ce-203.6.x86_64
|
||||
force: yes
|
||||
disable_gpg_check: yes
|
||||
update_cache: yes
|
21
test/integration/targets/docker_secret/tasks/RedHat.yml
Normal file
21
test/integration/targets/docker_secret/tasks/RedHat.yml
Normal file
|
@ -0,0 +1,21 @@
|
|||
- name: Install Docker pre-reqs
|
||||
yum:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
items:
|
||||
- yum-utils
|
||||
- device-mapper-persistent-data
|
||||
- lvm2
|
||||
- python-crypto
|
||||
- libseccomp
|
||||
|
||||
- name: Add repository
|
||||
command: yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
|
||||
|
||||
- name: Update cache
|
||||
command: yum -y makecache fast
|
||||
|
||||
- name: Install docker
|
||||
yum:
|
||||
name: docker-ce
|
||||
state: present
|
36
test/integration/targets/docker_secret/tasks/Ubuntu.yml
Normal file
36
test/integration/targets/docker_secret/tasks/Ubuntu.yml
Normal file
|
@ -0,0 +1,36 @@
|
|||
- name: Get OS version
|
||||
shell: uname -r
|
||||
register: os_version
|
||||
|
||||
- name: Install packages for Trusty
|
||||
apt:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
update_cache: yes
|
||||
with_items:
|
||||
- "linux-image-extra-{{ os_version.stdout }}"
|
||||
- linux-image-extra-virtual
|
||||
when: ansible_distribution_release == 'trusty'
|
||||
|
||||
- name: Install pre-reqs
|
||||
apt:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
update_cache: yes
|
||||
with_items:
|
||||
- apt-transport-https
|
||||
- ca-certificates
|
||||
- curl
|
||||
- software-properties-common
|
||||
|
||||
- name: Add gpg key
|
||||
shell: curl -fsSL https://download.docker.com/linux/ubuntu/gpg >key && apt-key add key
|
||||
|
||||
- name: Add Docker repo
|
||||
shell: add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
|
||||
|
||||
- name: Install Docker CE
|
||||
apt:
|
||||
name: docker-ce
|
||||
state: present
|
||||
update_cache: yes
|
14
test/integration/targets/docker_secret/tasks/main.yml
Normal file
14
test/integration/targets/docker_secret/tasks/main.yml
Normal file
|
@ -0,0 +1,14 @@
|
|||
- include: RedHat.yml
|
||||
when: ansible_os_family == 'RedHat' and ansible_distribution != 'Fedora' and ansible_distribution_major_version != '6'
|
||||
|
||||
- include: Fedora.yml
|
||||
when: ansible_distribution == 'Fedora'
|
||||
|
||||
- include: OpenSuse.yml
|
||||
when: ansible_os_family == 'Suse'
|
||||
|
||||
- include: Ubuntu.yml
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- include: test_secrets.yml
|
||||
when: ansible_os_family != 'RedHat' or ansible_distribution_major_version != '6'
|
104
test/integration/targets/docker_secret/tasks/test_secrets.yml
Normal file
104
test/integration/targets/docker_secret/tasks/test_secrets.yml
Normal file
|
@ -0,0 +1,104 @@
|
|||
- name: Install Python requirements
|
||||
pip:
|
||||
state: present
|
||||
name: "{{ item }}"
|
||||
with_items:
|
||||
- docker>=2.1.0
|
||||
|
||||
- name: Check if already in swarm
|
||||
shell: docker node ls 2>&1 | grep 'docker swarm init'
|
||||
register: output
|
||||
ignore_errors: yes
|
||||
|
||||
- name: Enable swarm mode
|
||||
command: docker swarm init
|
||||
when: output.rc == 0
|
||||
notify: disable_swarm
|
||||
|
||||
- name: Parameter name should be required
|
||||
docker_secret:
|
||||
state: present
|
||||
ignore_errors: yes
|
||||
register: output
|
||||
|
||||
- name: assert failure when called with no name
|
||||
assert:
|
||||
that:
|
||||
- 'output.failed'
|
||||
- 'output.msg == "missing required arguments: name"'
|
||||
|
||||
- name: Test parameters
|
||||
docker_secret:
|
||||
name: foo
|
||||
state: present
|
||||
ignore_errors: yes
|
||||
register: output
|
||||
|
||||
- name: assert failure when called with no data
|
||||
assert:
|
||||
that:
|
||||
- 'output.failed'
|
||||
- 'output.msg == "state is present but the following are missing: data"'
|
||||
|
||||
- name: Create secret
|
||||
docker_secret:
|
||||
name: db_password
|
||||
data: opensesame!
|
||||
state: present
|
||||
register: output
|
||||
|
||||
- name: Create variable secret_id
|
||||
set_fact:
|
||||
secret_id: "{{ output.secret_id }}"
|
||||
|
||||
- name: Inspect secret
|
||||
command: "docker secret inspect {{ secret_id }}"
|
||||
register: inspect
|
||||
|
||||
- debug: var=inspect
|
||||
|
||||
- name: assert secret creation succeeded
|
||||
assert:
|
||||
that:
|
||||
- "'db_password' in inspect.stdout"
|
||||
- "'ansible_key' in inspect.stdout"
|
||||
|
||||
- name: Create secret again
|
||||
docker_secret:
|
||||
name: db_password
|
||||
data: opensesame!
|
||||
state: present
|
||||
register: output
|
||||
|
||||
- name: assert create secret is idempotent
|
||||
assert:
|
||||
that:
|
||||
- not output.changed
|
||||
|
||||
- name: Update secret
|
||||
docker_secret:
|
||||
name: db_password
|
||||
data: newpassword!
|
||||
state: present
|
||||
register: output
|
||||
|
||||
- name: assert secret was updated
|
||||
assert:
|
||||
that:
|
||||
- output.changed
|
||||
- output.secret_id != secret_id
|
||||
|
||||
- name: Remove secret
|
||||
docker_secret:
|
||||
name: db_password
|
||||
state: absent
|
||||
|
||||
- name: Check that secret is removed
|
||||
command: "docker secret inspect {{ secret_id }}"
|
||||
register: output
|
||||
ignore_errors: yes
|
||||
|
||||
- name: assert secret was removed
|
||||
assert:
|
||||
that:
|
||||
- output.failed
|
|
@ -0,0 +1,7 @@
|
|||
[Virtualization_containers]
|
||||
name=Virtualization:containers (openSUSE_Tumbleweed)
|
||||
type=rpm-md
|
||||
baseurl=http://download.opensuse.org/repositories/Virtualization:/containers/openSUSE_Tumbleweed/
|
||||
gpgcheck=1
|
||||
gpgkey=http://download.opensuse.org/repositories/Virtualization:/containers/openSUSE_Tumbleweed//repodata/repomd.xml.key
|
||||
enabled=1
|
Loading…
Add table
Add a link
Reference in a new issue