From b643c52cf29ce5bbab738b43290af3556efa1ca9 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 5 Jun 2024 18:18:41 +0200 Subject: Merging upstream version 10.0.0+dfsg. Signed-off-by: Daniel Baumann --- .../docker/.azure-pipelines/azure-pipelines.yml | 2 +- .../docker/.github/workflows/ansible-test.yml | 3 + ansible_collections/community/docker/CHANGELOG.md | 684 ++++++++++++--------- ansible_collections/community/docker/CHANGELOG.rst | 108 +++- ansible_collections/community/docker/FILES.json | 114 ++-- ansible_collections/community/docker/MANIFEST.json | 4 +- ansible_collections/community/docker/README.md | 3 +- .../community/docker/changelogs/changelog.yaml | 96 +++ .../community/docker/changelogs/config.yaml | 2 + .../docker/docs/docsite/rst/scenario_guide.rst | 7 +- .../community/docker/meta/runtime.yml | 7 + .../community/docker/plugins/connection/docker.py | 2 +- .../docker/plugins/connection/docker_api.py | 1 + .../community/docker/plugins/connection/nsenter.py | 4 +- .../docker/plugins/doc_fragments/docker.py | 9 + .../docker/plugins/inventory/docker_containers.py | 1 + .../docker/plugins/inventory/docker_swarm.py | 3 + .../module_utils/_api/transport/basehttpadapter.py | 12 + .../plugins/module_utils/module_container/base.py | 2 + .../module_utils/module_container/docker_api.py | 18 +- .../docker/plugins/module_utils/selectors.py | 21 + .../community/docker/plugins/module_utils/util.py | 15 +- .../docker/plugins/modules/docker_compose.py | 5 + .../docker/plugins/modules/docker_container.py | 19 +- .../plugins/modules/docker_container_exec.py | 3 +- .../docker/plugins/modules/docker_image_build.py | 247 +++++++- .../docker/plugins/modules/docker_network.py | 35 ++ .../docker/plugins/modules/docker_prune.py | 60 +- .../docker/plugins/modules/docker_swarm_service.py | 16 + .../docker/plugins/plugin_utils/socket_handler.py | 2 +- .../targets/docker_compose_v2/tasks/main.yml | 3 +- .../targets/docker_compose_v2_pull/tasks/main.yml | 6 +- .../targets/docker_image_build/tasks/test.yml | 12 + .../docker_image_build/tasks/tests/options.yml | 85 +++ .../docker_image_build/templates/SecretsDockerfile | 7 + .../targets/docker_prune/tasks/main.yml | 22 + .../targets/docker_swarm_service/vars/main.yml | 1 + .../generic_connection_tests/tasks/main.yml | 3 +- .../targets/setup_docker/tasks/main.yml | 3 +- .../setup_docker_cli_compose/tasks/main.yml | 3 +- .../setup_docker_compose_v1/vars/Alpine.yml | 2 + .../community/docker/tests/sanity/ignore-2.11.txt | 1 + .../community/docker/tests/sanity/ignore-2.12.txt | 1 + .../community/docker/tests/sanity/ignore-2.13.txt | 1 + .../community/docker/tests/sanity/ignore-2.14.txt | 1 + .../community/docker/tests/sanity/ignore-2.15.txt | 1 + .../community/docker/tests/sanity/ignore-2.16.txt | 1 + .../tests/unit/plugins/plugin_utils/test_unsafe.py | 133 ++++ 48 files changed, 1403 insertions(+), 388 deletions(-) create mode 100644 ansible_collections/community/docker/plugins/module_utils/selectors.py create mode 100644 ansible_collections/community/docker/tests/integration/targets/docker_image_build/templates/SecretsDockerfile create mode 100644 ansible_collections/community/docker/tests/unit/plugins/plugin_utils/test_unsafe.py (limited to 'ansible_collections/community/docker') diff --git a/ansible_collections/community/docker/.azure-pipelines/azure-pipelines.yml b/ansible_collections/community/docker/.azure-pipelines/azure-pipelines.yml index e5d55cf6e..ae4197a4a 100644 --- a/ansible_collections/community/docker/.azure-pipelines/azure-pipelines.yml +++ b/ansible_collections/community/docker/.azure-pipelines/azure-pipelines.yml @@ -186,7 +186,7 @@ stages: - name: Debian Bookworm test: debian-bookworm/3.11 - name: ArchLinux - test: archlinux/3.11 + test: archlinux/3.12 groups: - 4 - 5 diff --git a/ansible_collections/community/docker/.github/workflows/ansible-test.yml b/ansible_collections/community/docker/.github/workflows/ansible-test.yml index d0f253d35..d4778e091 100644 --- a/ansible_collections/community/docker/.github/workflows/ansible-test.yml +++ b/ansible_collections/community/docker/.github/workflows/ansible-test.yml @@ -48,6 +48,7 @@ jobs: with: ansible-core-github-repository-slug: ${{ contains(fromJson('["2.10", "2.11"]'), matrix.ansible) && 'felixfontein/ansible' || 'ansible/ansible' }} ansible-core-version: stable-${{ matrix.ansible }} + codecov-token: ${{ secrets.CODECOV_TOKEN }} coverage: ${{ github.event_name == 'schedule' && 'always' || 'never' }} pull-request-change-detection: 'true' testing-type: sanity @@ -81,6 +82,7 @@ jobs: with: ansible-core-github-repository-slug: ${{ contains(fromJson('["2.10", "2.11"]'), matrix.ansible) && 'felixfontein/ansible' || 'ansible/ansible' }} ansible-core-version: stable-${{ matrix.ansible }} + codecov-token: ${{ secrets.CODECOV_TOKEN }} coverage: ${{ github.event_name == 'schedule' && 'always' || 'never' }} pull-request-change-detection: 'true' testing-type: units @@ -236,6 +238,7 @@ jobs: with: ansible-core-github-repository-slug: ${{ contains(fromJson('["2.10", "2.11"]'), matrix.ansible) && 'felixfontein/ansible' || 'ansible/ansible' }} ansible-core-version: stable-${{ matrix.ansible }} + codecov-token: ${{ secrets.CODECOV_TOKEN }} coverage: ${{ github.event_name == 'schedule' && 'always' || 'never' }} docker-image: ${{ matrix.docker }} integration-continue-on-error: 'false' diff --git a/ansible_collections/community/docker/CHANGELOG.md b/ansible_collections/community/docker/CHANGELOG.md index f3a4b7af6..13d287f2e 100644 --- a/ansible_collections/community/docker/CHANGELOG.md +++ b/ansible_collections/community/docker/CHANGELOG.md @@ -2,241 +2,331 @@ **Topics** -- v3\.9\.0 +- v3\.10\.3 - Release Summary - - Minor Changes - Bugfixes -- v3\.8\.1 +- v3\.10\.2 - Release Summary - - Security Fixes - Bugfixes -- v3\.8\.0 +- v3\.10\.1 - Release Summary - - Minor Changes - Bugfixes -- v3\.7\.0 + - Known Issues +- v3\.10\.0 - Release Summary - - Minor Changes + - Minor Changes + - Deprecated Features +- v3\.9\.0 + - Release Summary + - Minor Changes - Bugfixes +- v3\.8\.1 + - Release Summary + - Security Fixes + - Bugfixes +- v3\.8\.0 + - Release Summary + - Minor Changes + - Bugfixes +- v3\.7\.0 + - Release Summary + - Minor Changes + - Bugfixes - New Modules - v3\.6\.0 - - Release Summary + - Release Summary - Major Changes - - Minor Changes - - Bugfixes - - New Modules -- v3\.5\.0 - - Release Summary - Minor Changes - - Deprecated Features - - Bugfixes -- v3\.4\.11 - - Release Summary - - Bugfixes -- v3\.4\.10 - - Release Summary - Bugfixes -- v3\.4\.9 - - Release Summary - - Bugfixes -- v3\.4\.8 + - New Modules +- v3\.5\.0 - Release Summary - - Known Issues -- v3\.4\.7 + - Minor Changes + - Deprecated Features + - Bugfixes +- v3\.4\.11 - Release Summary - Bugfixes -- v3\.4\.6 +- v3\.4\.10 - Release Summary - Bugfixes - - Known Issues -- v3\.4\.5 +- v3\.4\.9 - Release Summary - Bugfixes -- v3\.4\.4 +- v3\.4\.8 - Release Summary - - Minor Changes - - Known Issues -- v3\.4\.3 + - Known Issues +- v3\.4\.7 - Release Summary -- v3\.4\.2 - - Release Summary - Bugfixes -- v3\.4\.1 - - Release Summary +- v3\.4\.6 + - Release Summary - Bugfixes -- v3\.4\.0 + - Known Issues +- v3\.4\.5 + - Release Summary + - Bugfixes +- v3\.4\.4 - Release Summary - Minor Changes - - Bugfixes - - New Modules -- v3\.3\.2 + - Known Issues +- v3\.4\.3 - Release Summary - - Bugfixes -- v3\.3\.1 +- v3\.4\.2 - Release Summary - - Bugfixes -- v3\.3\.0 + - Bugfixes +- v3\.4\.1 - Release Summary + - Bugfixes +- v3\.4\.0 + - Release Summary - Minor Changes - Bugfixes -- v3\.2\.2 - - Release Summary - - Bugfixes -- v3\.2\.1 + - New Modules +- v3\.3\.2 - Release Summary -- v3\.2\.0 + - Bugfixes +- v3\.3\.1 - Release Summary - - Minor Changes - - Deprecated Features -- v3\.1\.0 + - Bugfixes +- v3\.3\.0 - Release Summary + - Minor Changes + - Bugfixes +- v3\.2\.2 + - Release Summary + - Bugfixes +- v3\.2\.1 + - Release Summary +- v3\.2\.0 + - Release Summary - Minor Changes + - Deprecated Features +- v3\.1\.0 + - Release Summary + - Minor Changes - v3\.0\.2 - - Release Summary - - Bugfixes + - Release Summary + - Bugfixes - v3\.0\.1 - - Release Summary - - Bugfixes + - Release Summary + - Bugfixes - v3\.0\.0 - - Release Summary + - Release Summary - Major Changes - - Minor Changes + - Minor Changes - Breaking Changes / Porting Guide - Removed Features \(previously deprecated\) - Security Fixes - - Bugfixes + - Bugfixes - v2\.7\.0 - - Release Summary - - Minor Changes - - Deprecated Features - - Bugfixes -- v2\.6\.0 - - Release Summary + - Release Summary - Minor Changes - Deprecated Features - - Bugfixes -- v2\.5\.1 - - Release Summary - - Bugfixes -- v2\.5\.0 - - Release Summary - - Minor Changes -- v2\.4\.0 - - Release Summary - - Minor Changes - Bugfixes -- v2\.3\.0 +- v2\.6\.0 - Release Summary - - Minor Changes + - Minor Changes + - Deprecated Features - Bugfixes -- v2\.2\.1 +- v2\.5\.1 - Release Summary - Bugfixes -- v2\.2\.0 +- v2\.5\.0 - Release Summary - - Minor Changes - - Bugfixes -- v2\.1\.1 + - Minor Changes +- v2\.4\.0 - Release Summary - - Bugfixes -- v2\.1\.0 + - Minor Changes + - Bugfixes +- v2\.3\.0 - Release Summary - - Minor Changes - - Bugfixes -- v2\.0\.2 + - Minor Changes + - Bugfixes +- v2\.2\.1 - Release Summary - - Bugfixes -- v2\.0\.1 + - Bugfixes +- v2\.2\.0 - Release Summary -- v2\.0\.0 + - Minor Changes + - Bugfixes +- v2\.1\.1 - Release Summary - - Breaking Changes / Porting Guide - - Deprecated Features - - Removed Features \(previously deprecated\) -- v1\.10\.0 + - Bugfixes +- v2\.1\.0 - Release Summary - Minor Changes -- v1\.9\.1 + - Bugfixes +- v2\.0\.2 - Release Summary - - Bugfixes -- v1\.9\.0 + - Bugfixes +- v2\.0\.1 - Release Summary - - Minor Changes - - Deprecated Features - - Bugfixes - - New Plugins - - Connection -- v1\.8\.0 +- v2\.0\.0 - Release Summary - - Minor Changes - - Bugfixes -- v1\.7\.0 + - Breaking Changes / Porting Guide + - Deprecated Features + - Removed Features \(previously deprecated\) +- v1\.10\.0 - Release Summary - - Minor Changes -- v1\.6\.1 + - Minor Changes +- v1\.9\.1 - Release Summary - Bugfixes -- v1\.6\.0 +- v1\.9\.0 - Release Summary - - Minor Changes + - Minor Changes - Deprecated Features - Bugfixes -- v1\.5\.0 + - New Plugins + - Connection +- v1\.8\.0 - Release Summary - - Minor Changes + - Minor Changes - Bugfixes - - New Modules -- v1\.4\.0 +- v1\.7\.0 - Release Summary + - Minor Changes +- v1\.6\.1 + - Release Summary + - Bugfixes +- v1\.6\.0 + - Release Summary + - Minor Changes + - Deprecated Features + - Bugfixes +- v1\.5\.0 + - Release Summary - Minor Changes + - Bugfixes + - New Modules +- v1\.4\.0 + - Release Summary + - Minor Changes - Breaking Changes / Porting Guide - Security Fixes - - Bugfixes + - Bugfixes - v1\.3\.0 - - Release Summary - - Minor Changes - - Bugfixes + - Release Summary + - Minor Changes + - Bugfixes - New Modules - v1\.2\.2 - - Release Summary + - Release Summary - Security Fixes - v1\.2\.1 - - Release Summary - - Bugfixes + - Release Summary + - Bugfixes - v1\.2\.0 - - Release Summary - - Minor Changes - - Bugfixes -- v1\.1\.0 - - Release Summary + - Release Summary - Minor Changes - - Deprecated Features - - Bugfixes + - Bugfixes +- v1\.1\.0 + - Release Summary + - Minor Changes + - Deprecated Features + - Bugfixes - New Plugins - Connection - Inventory - New Modules - v1\.0\.1 - - Release Summary - - Bugfixes + - Release Summary + - Bugfixes - v1\.0\.0 - - Release Summary - - Minor Changes -- v0\.1\.0 - - Release Summary + - Release Summary - Minor Changes +- v0\.1\.0 + - Release Summary + - Minor Changes - Removed Features \(previously deprecated\) - - Bugfixes + - Bugfixes + + +## v3\.10\.3 + + +### Release Summary + +Bugfix release\. + + +### Bugfixes + +* docker and nsenter connection plugins\, docker\_container\_exec module \- avoid using the deprecated ansible\.module\_utils\.compat\.selectors module util with Python 3 \([https\://github\.com/ansible\-collections/community\.docker/issues/870](https\://github\.com/ansible\-collections/community\.docker/issues/870)\, [https\://github\.com/ansible\-collections/community\.docker/pull/871](https\://github\.com/ansible\-collections/community\.docker/pull/871)\)\. + + +## v3\.10\.2 + + +### Release Summary + +Bugfix release\. + + +### Bugfixes + +* vendored Docker SDK for Python \- include a fix requests 2\.32\.2\+ compatibility \([https\://github\.com/ansible\-collections/community\.docker/issues/860](https\://github\.com/ansible\-collections/community\.docker/issues/860)\, [https\://github\.com/psf/requests/issues/6707](https\://github\.com/psf/requests/issues/6707)\, [https\://github\.com/ansible\-collections/community\.docker/pull/864](https\://github\.com/ansible\-collections/community\.docker/pull/864)\)\. + + +## v3\.10\.1 + + +### Release Summary + +Hotfix release for requests 2\.32\.0 compatibility\. + + +### Bugfixes + +* vendored Docker SDK for Python \- include a hotfix for requests 2\.32\.0 compatibility \([https\://github\.com/ansible\-collections/community\.docker/issues/860](https\://github\.com/ansible\-collections/community\.docker/issues/860)\, [https\://github\.com/docker/docker\-py/issues/3256](https\://github\.com/docker/docker\-py/issues/3256)\, [https\://github\.com/ansible\-collections/community\.docker/pull/861](https\://github\.com/ansible\-collections/community\.docker/pull/861)\)\. + + +### Known Issues + +* Please note that the fix for requests 2\.32\.0 included in community\.docker 3\.10\.1 only + fixes problems with the vendored Docker SDK for Python code\. Modules and plugins that + use Docker SDK for Python can still fail due to the SDK currently being incompatible + with requests 2\.32\.0\. + + If you still experience problems with requests 2\.32\.0\, such as error messages like + Not supported URL scheme http\+docker\, please restrict requests to \<2\.32\.0\. + + +## v3\.10\.0 + + +### Release Summary + +Feature release\. + + +### Minor Changes + +* docker\_container \- adds healthcheck\.start\_interval to support healthcheck start interval setting on containers \([https\://github\.com/ansible\-collections/community\.docker/pull/848](https\://github\.com/ansible\-collections/community\.docker/pull/848)\)\. +* docker\_container \- adds healthcheck\.test\_cli\_compatible to allow omit test option on containers without remove existing image test \([https\://github\.com/ansible\-collections/community\.docker/pull/847](https\://github\.com/ansible\-collections/community\.docker/pull/847)\)\. +* docker\_image\_build \- add outputs option to allow configuring outputs for the build \([https\://github\.com/ansible\-collections/community\.docker/pull/852](https\://github\.com/ansible\-collections/community\.docker/pull/852)\)\. +* docker\_image\_build \- add secrets option to allow passing secrets to the build \([https\://github\.com/ansible\-collections/community\.docker/pull/852](https\://github\.com/ansible\-collections/community\.docker/pull/852)\)\. +* docker\_image\_build \- allow platform to be a list of platforms instead of only a single platform for multi\-platform builds \([https\://github\.com/ansible\-collections/community\.docker/pull/852](https\://github\.com/ansible\-collections/community\.docker/pull/852)\)\. +* docker\_network \- adds config\_only and config\_from to support creating and using config only networks \([https\://github\.com/ansible\-collections/community\.docker/issues/395](https\://github\.com/ansible\-collections/community\.docker/issues/395)\)\. +* docker\_prune \- add new options builder\_cache\_all\, builder\_cache\_filters\, and builder\_cache\_keep\_storage\, and a new return value builder\_cache\_caches\_deleted for pruning build caches \([https\://github\.com/ansible\-collections/community\.docker/issues/844](https\://github\.com/ansible\-collections/community\.docker/issues/844)\, [https\://github\.com/ansible\-collections/community\.docker/issues/845](https\://github\.com/ansible\-collections/community\.docker/issues/845)\)\. +* docker\_swarm\_service \- adds sysctls to support sysctl settings on swarm services \([https\://github\.com/ansible\-collections/community\.docker/issues/190](https\://github\.com/ansible\-collections/community\.docker/issues/190)\)\. + + +### Deprecated Features + +* docker\_compose \- the Docker Compose v1 module is deprecated and will be removed from community\.docker 4\.0\.0\. Please migrate to the community\.docker\.docker\_compose\_v2 module\, which works with Docker Compose v2 \([https\://github\.com/ansible\-collections/community\.docker/issues/823](https\://github\.com/ansible\-collections/community\.docker/issues/823)\, [https\://github\.com/ansible\-collections/community\.docker/pull/833](https\://github\.com/ansible\-collections/community\.docker/pull/833)\)\. +* various modules and plugins \- the ssl\_version option has been deprecated and will be removed from community\.docker 4\.0\.0\. It has already been removed from Docker SDK for Python 7\.0\.0\, and was only necessary in the past to work around SSL/TLS issues \([https\://github\.com/ansible\-collections/community\.docker/pull/853](https\://github\.com/ansible\-collections/community\.docker/pull/853)\)\. ## v3\.9\.0 - + ### Release Summary Bugfix and feature release\. - + ### Minor Changes * The EE requirements now include PyYAML\, since the docker\_compose\_v2\* modules depend on it when the definition option is used\. This should not have a noticable effect on generated EEs since ansible\-core itself depends on PyYAML as well\, and ansible\-builder explicitly ignores this dependency \([https\://github\.com/ansible\-collections/community\.docker/pull/832](https\://github\.com/ansible\-collections/community\.docker/pull/832)\)\. @@ -244,7 +334,7 @@ Bugfix and feature release\. * docker\_compose\_v2\* modules \- allow to provide an inline definition of the compose content instead of having to provide a project\_src directory with the compose file written into it \([https\://github\.com/ansible\-collections/community\.docker/issues/829](https\://github\.com/ansible\-collections/community\.docker/issues/829)\, [https\://github\.com/ansible\-collections/community\.docker/pull/832](https\://github\.com/ansible\-collections/community\.docker/pull/832)\)\. * vendored Docker SDK for Python \- remove unused code that relies on functionality deprecated in Python 3\.12 \([https\://github\.com/ansible\-collections/community\.docker/pull/834](https\://github\.com/ansible\-collections/community\.docker/pull/834)\)\. - + ### Bugfixes * docker\_compose\_v2\* \- allow project\_src to be a relative path\, by converting it to an absolute path before using it \([https\://github\.com/ansible\-collections/community\.docker/issues/827](https\://github\.com/ansible\-collections/community\.docker/issues/827)\, [https\://github\.com/ansible\-collections/community\.docker/pull/828](https\://github\.com/ansible\-collections/community\.docker/pull/828)\)\. @@ -254,7 +344,7 @@ Bugfix and feature release\. ## v3\.8\.1 - + ### Release Summary Bugfix release @@ -264,7 +354,7 @@ Bugfix release * docker\_containers\, docker\_machine\, and docker\_swarm inventory plugins \- make sure all data received from the Docker daemon / Docker machine is marked as unsafe\, so remote code execution by obtaining texts that can be evaluated as templates is not possible \([https\://www\.die\-welt\.net/2024/03/remote\-code\-execution\-in\-ansible\-dynamic\-inventory\-plugins/](https\://www\.die\-welt\.net/2024/03/remote\-code\-execution\-in\-ansible\-dynamic\-inventory\-plugins/)\, [https\://github\.com/ansible\-collections/community\.docker/pull/815](https\://github\.com/ansible\-collections/community\.docker/pull/815)\)\. - + ### Bugfixes * docker\_compose\_v2 \- do not fail when non\-fatal errors occur\. This can happen when pulling an image fails\, but then the image can be built for another service\. Docker Compose emits an error in that case\, but docker compose up still completes successfully \([https\://github\.com/ansible\-collections/community\.docker/issues/807](https\://github\.com/ansible\-collections/community\.docker/issues/807)\, [https\://github\.com/ansible\-collections/community\.docker/pull/810](https\://github\.com/ansible\-collections/community\.docker/pull/810)\, [https\://github\.com/ansible\-collections/community\.docker/pull/811](https\://github\.com/ansible\-collections/community\.docker/pull/811)\)\. @@ -275,19 +365,19 @@ Bugfix release ## v3\.8\.0 - + ### Release Summary Bugfix and feature release\. - + ### Minor Changes * docker\_compose\_v2 \- allow to wait until containers are running/health when running docker compose up with the new wait option \([https\://github\.com/ansible\-collections/community\.docker/issues/794](https\://github\.com/ansible\-collections/community\.docker/issues/794)\, [https\://github\.com/ansible\-collections/community\.docker/pull/796](https\://github\.com/ansible\-collections/community\.docker/pull/796)\)\. * docker\_container \- the pull\_check\_mode\_behavior option now allows to control the module\'s behavior in check mode when pull\=always \([https\://github\.com/ansible\-collections/community\.docker/issues/792](https\://github\.com/ansible\-collections/community\.docker/issues/792)\, [https\://github\.com/ansible\-collections/community\.docker/pull/797](https\://github\.com/ansible\-collections/community\.docker/pull/797)\)\. * docker\_container \- the pull option now accepts the three values never\, missing\_image \(default\)\, and never\, next to the previously valid values true \(equivalent to always\) and false \(equivalent to missing\_image\)\. This allows the equivalent to \-\-pull\=never from the Docker command line \([https\://github\.com/ansible\-collections/community\.docker/issues/783](https\://github\.com/ansible\-collections/community\.docker/issues/783)\, [https\://github\.com/ansible\-collections/community\.docker/pull/797](https\://github\.com/ansible\-collections/community\.docker/pull/797)\)\. - + ### Bugfixes * docker\_compose\_v2 \- do not consider a Waiting event as an action/change \([https\://github\.com/ansible\-collections/community\.docker/pull/804](https\://github\.com/ansible\-collections/community\.docker/pull/804)\)\. @@ -297,18 +387,18 @@ Bugfix and feature release\. ## v3\.7\.0 - + ### Release Summary Bugfix and feature release\. - + ### Minor Changes * docker\_compose\_v2 \- add scale option to allow to explicitly scale services \([https\://github\.com/ansible\-collections/community\.docker/pull/776](https\://github\.com/ansible\-collections/community\.docker/pull/776)\)\. * docker\_compose\_v2\, docker\_compose\_v2\_pull \- support files parameter to specify multiple Compose files \([https\://github\.com/ansible\-collections/community\.docker/issues/772](https\://github\.com/ansible\-collections/community\.docker/issues/772)\, [https\://github\.com/ansible\-collections/community\.docker/pull/775](https\://github\.com/ansible\-collections/community\.docker/pull/775)\)\. - + ### Bugfixes * docker\_compose\_v2 \- properly parse dry\-run build events from stderr \([https\://github\.com/ansible\-collections/community\.docker/issues/778](https\://github\.com/ansible\-collections/community\.docker/issues/778)\, [https\://github\.com/ansible\-collections/community\.docker/pull/779](https\://github\.com/ansible\-collections/community\.docker/pull/779)\)\. @@ -317,12 +407,12 @@ Bugfix and feature release\. ### New Modules -* docker\_image\_export \- Export \(archive\) Docker images +* community\.docker\.docker\_image\_export \- Export \(archive\) Docker images ## v3\.6\.0 - + ### Release Summary Bugfix and feature release\. @@ -342,7 +432,7 @@ so the main difference is that instead of some Python requirements\, they depend * The community\.docker collection now depends on the community\.library\_inventory\_filtering\_v1 collection\. This utility collection provides host filtering functionality for inventory plugins\. If you use the Ansible community package\, both collections are included and you do not have to do anything special\. If you install the collection with ansible\-galaxy collection install\, it will be installed automatically\. If you install the collection by copying the files of the collection to a place where ansible\-core can find it\, for example by cloning the git repository\, you need to make sure that you also have to install the dependency if you are using the inventory plugins \([https\://github\.com/ansible\-collections/community\.docker/pull/698](https\://github\.com/ansible\-collections/community\.docker/pull/698)\)\. - + ### Minor Changes * The ca\_cert option available to almost all modules and plugins has been renamed to ca\_path\. The name ca\_path is also used for similar options in ansible\-core and other collections\. The old name has been added as an alias and can still be used \([https\://github\.com/ansible\-collections/community\.docker/pull/744](https\://github\.com/ansible\-collections/community\.docker/pull/744)\)\. @@ -352,7 +442,7 @@ so the main difference is that instead of some Python requirements\, they depend * docker\_image \- allow to specify memory size and swap memory size in other units than bytes \([https\://github\.com/ansible\-collections/community\.docker/pull/727](https\://github\.com/ansible\-collections/community\.docker/pull/727)\)\. * inventory plugins \- add filter option which allows to include and exclude hosts based on Jinja2 conditions \([https\://github\.com/ansible\-collections/community\.docker/pull/698](https\://github\.com/ansible\-collections/community\.docker/pull/698)\, [https\://github\.com/ansible\-collections/community\.docker/issues/610](https\://github\.com/ansible\-collections/community\.docker/issues/610)\)\. - + ### Bugfixes * Use unix\:///var/run/docker\.sock instead of the legacy unix\://var/run/docker\.sock as default for docker\_host \([https\://github\.com/ansible\-collections/community\.docker/pull/736](https\://github\.com/ansible\-collections/community\.docker/pull/736)\)\. @@ -361,34 +451,34 @@ so the main difference is that instead of some Python requirements\, they depend ### New Modules -* docker\_compose\_v2 \- Manage multi\-container Docker applications with Docker Compose CLI plugin -* docker\_compose\_v2\_pull \- Pull a Docker compose project -* docker\_image\_build \- Build Docker images using Docker buildx -* docker\_image\_pull \- Pull Docker images from registries -* docker\_image\_push \- Push Docker images to registries -* docker\_image\_remove \- Remove Docker images -* docker\_image\_tag \- Tag Docker images with new names and/or tags +* community\.docker\.docker\_compose\_v2 \- Manage multi\-container Docker applications with Docker Compose CLI plugin +* community\.docker\.docker\_compose\_v2\_pull \- Pull a Docker compose project +* community\.docker\.docker\_image\_build \- Build Docker images using Docker buildx +* community\.docker\.docker\_image\_pull \- Pull Docker images from registries +* community\.docker\.docker\_image\_push \- Push Docker images to registries +* community\.docker\.docker\_image\_remove \- Remove Docker images +* community\.docker\.docker\_image\_tag \- Tag Docker images with new names and/or tags ## v3\.5\.0 - + ### Release Summary Bugfix and feature release\. - + ### Minor Changes * docker\_container \- implement better platform string comparisons to improve idempotency \([https\://github\.com/ansible\-collections/community\.docker/issues/654](https\://github\.com/ansible\-collections/community\.docker/issues/654)\, [https\://github\.com/ansible\-collections/community\.docker/pull/705](https\://github\.com/ansible\-collections/community\.docker/pull/705)\)\. * docker\_container \- internal refactorings which allow comparisons to use more information like details of the current image or the Docker host config \([https\://github\.com/ansible\-collections/community\.docker/pull/713](https\://github\.com/ansible\-collections/community\.docker/pull/713)\)\. - + ### Deprecated Features * docker\_container \- the default ignore for the image\_name\_mismatch parameter has been deprecated and will switch to recreate in community\.docker 4\.0\.0\. A deprecation warning will be printed in situations where the default value is used and where a behavior would change once the default changes \([https\://github\.com/ansible\-collections/community\.docker/pull/703](https\://github\.com/ansible\-collections/community\.docker/pull/703)\)\. - + ### Bugfixes * modules and plugins using the Docker SDK for Python \- remove ssl\_version from the parameters passed to Docker SDK for Python 7\.0\.0\+\. Explicitly fail with a nicer error message if it was explicitly set in this case \([https\://github\.com/ansible\-collections/community\.docker/pull/715](https\://github\.com/ansible\-collections/community\.docker/pull/715)\)\. @@ -398,12 +488,12 @@ Bugfix and feature release\. ## v3\.4\.11 - + ### Release Summary Bugfix release\. - + ### Bugfixes * docker\_volume \- fix crash caused by accessing an empty dictionary\. The has\_different\_config\(\) was raising an AttributeError because the self\.existing\_volume\[\"Labels\"\] dictionary was None \([https\://github\.com/ansible\-collections/community\.docker/pull/702](https\://github\.com/ansible\-collections/community\.docker/pull/702)\)\. @@ -411,12 +501,12 @@ Bugfix release\. ## v3\.4\.10 - + ### Release Summary Bugfix release\. - + ### Bugfixes * docker\_swarm \- make init and join operations work again with Docker SDK for Python before 4\.0\.0 \([https\://github\.com/ansible\-collections/community\.docker/issues/695](https\://github\.com/ansible\-collections/community\.docker/issues/695)\, [https\://github\.com/ansible\-collections/community\.docker/pull/696](https\://github\.com/ansible\-collections/community\.docker/pull/696)\)\. @@ -424,12 +514,12 @@ Bugfix release\. ## v3\.4\.9 - + ### Release Summary Maintenance release with updated documentation and vendored Docker SDK for Python code\. - + ### Bugfixes * vendored Docker SDK for Python code \- cherry\-pick changes from the Docker SDK for Python code to align code\. These changes should not affect the parts used by the collection\'s code \([https\://github\.com/ansible\-collections/community\.docker/pull/694](https\://github\.com/ansible\-collections/community\.docker/pull/694)\)\. @@ -437,7 +527,7 @@ Maintenance release with updated documentation and vendored Docker SDK for Pytho ## v3\.4\.8 - + ### Release Summary Maintenance release with updated documentation\. @@ -450,7 +540,7 @@ ansible\-core 2\.15 or later to see it as it is intended\. Alternatively you can look at [the devel docsite](https\://docs\.ansible\.com/ansible/devel/collections/community/docker/) for the rendered HTML version of the documentation of the latest release\. - + ### Known Issues * Ansible markup will show up in raw form on ansible\-doc text output for ansible\-core before 2\.15\. If you have trouble deciphering the documentation markup\, please upgrade to ansible\-core 2\.15 \(or newer\)\, or read the HTML documentation on [https\://docs\.ansible\.com/ansible/devel/collections/community/docker/](https\://docs\.ansible\.com/ansible/devel/collections/community/docker/)\. @@ -458,12 +548,12 @@ for the rendered HTML version of the documentation of the latest release\. ## v3\.4\.7 - + ### Release Summary Bugfix release\. - + ### Bugfixes * docker\_swarm\_info \- if service\=true is used\, do not crash when a service without an endpoint spec is encountered \([https\://github\.com/ansible\-collections/community\.docker/issues/636](https\://github\.com/ansible\-collections/community\.docker/issues/636)\, [https\://github\.com/ansible\-collections/community\.docker/pull/637](https\://github\.com/ansible\-collections/community\.docker/pull/637)\)\. @@ -471,12 +561,12 @@ Bugfix release\. ## v3\.4\.6 - + ### Release Summary Bugfix release with documentation warnings about using certain functionality when connecting to the Docker daemon with TCP TLS\. - + ### Bugfixes * socket\_handler module utils \- make sure this fully works when Docker SDK for Python is not available \([https\://github\.com/ansible\-collections/community\.docker/pull/620](https\://github\.com/ansible\-collections/community\.docker/pull/620)\)\. @@ -484,7 +574,7 @@ Bugfix release with documentation warnings about using certain functionality whe * vendored Docker SDK for Python code \- respect timeouts on Windows named pipes \([https\://github\.com/ansible\-collections/community\.docker/pull/619](https\://github\.com/ansible\-collections/community\.docker/pull/619)\)\. * vendored Docker SDK for Python code \- use poll\(\) instead of select\(\) except on Windows \([https\://github\.com/ansible\-collections/community\.docker/pull/619](https\://github\.com/ansible\-collections/community\.docker/pull/619)\)\. - + ### Known Issues * docker\_api connection plugin \- does not work with TCP TLS sockets\! This is caused by the inability to send an close\_notify TLS alert without closing the connection with Python\'s SSLSocket \([https\://github\.com/ansible\-collections/community\.docker/issues/605](https\://github\.com/ansible\-collections/community\.docker/issues/605)\, [https\://github\.com/ansible\-collections/community\.docker/pull/621](https\://github\.com/ansible\-collections/community\.docker/pull/621)\)\. @@ -493,12 +583,12 @@ Bugfix release with documentation warnings about using certain functionality whe ## v3\.4\.5 - + ### Release Summary Maintenance release which adds compatibility with requests 2\.29\.0 and 2\.30\.0 and urllib3 2\.0\. - + ### Bugfixes * Make vendored Docker SDK for Python code compatible with requests 2\.29\.0 and urllib3 2\.0 \([https\://github\.com/ansible\-collections/community\.docker/pull/613](https\://github\.com/ansible\-collections/community\.docker/pull/613)\)\. @@ -506,17 +596,17 @@ Maintenance release which adds compatibility with requests 2\.29\.0 and 2\.30\.0 ## v3\.4\.4 - + ### Release Summary Maintenance release with updated EE requirements and updated documentation\. - + ### Minor Changes * Restrict requests to versions before 2\.29\.0\, and urllib3 to versions before 2\.0\.0\. This is necessary until the vendored code from Docker SDK for Python has been fully adjusted to work with a feature of urllib3 that is used since requests 2\.29\.0 \([https\://github\.com/ansible\-collections/community\.docker/issues/611](https\://github\.com/ansible\-collections/community\.docker/issues/611)\, [https\://github\.com/ansible\-collections/community\.docker/pull/612](https\://github\.com/ansible\-collections/community\.docker/pull/612)\)\. - + ### Known Issues * The modules and plugins using the vendored code from Docker SDK for Python currently do not work with requests 2\.29\.0 and/or urllib3 2\.0\.0\. The same is currently true for the latest version of Docker SDK for Python itself \([https\://github\.com/ansible\-collections/community\.docker/issues/611](https\://github\.com/ansible\-collections/community\.docker/issues/611)\, [https\://github\.com/ansible\-collections/community\.docker/pull/612](https\://github\.com/ansible\-collections/community\.docker/pull/612)\)\. @@ -524,7 +614,7 @@ Maintenance release with updated EE requirements and updated documentation\. ## v3\.4\.3 - + ### Release Summary Maintenance release with improved documentation\. @@ -532,12 +622,12 @@ Maintenance release with improved documentation\. ## v3\.4\.2 - + ### Release Summary Bugfix release\. - + ### Bugfixes * docker\_prune \- return correct value for changed\. So far the module always claimed that nothing changed \([https\://github\.com/ansible\-collections/community\.docker/pull/593](https\://github\.com/ansible\-collections/community\.docker/pull/593)\)\. @@ -545,12 +635,12 @@ Bugfix release\. ## v3\.4\.1 - + ### Release Summary Regular bugfix release\. - + ### Bugfixes * docker\_api connection plugin\, docker\_container\_exec\, docker\_container\_copy\_into \- properly close socket to Daemon after executing commands in containers \([https\://github\.com/ansible\-collections/community\.docker/pull/582](https\://github\.com/ansible\-collections/community\.docker/pull/582)\)\. @@ -560,18 +650,18 @@ Regular bugfix release\. ## v3\.4\.0 - + ### Release Summary Regular bugfix and feature release\. - + ### Minor Changes * docker\_api connection plugin \- when copying files to/from a container\, stream the file contents instead of first reading them to memory \([https\://github\.com/ansible\-collections/community\.docker/pull/545](https\://github\.com/ansible\-collections/community\.docker/pull/545)\)\. * docker\_host\_info \- allow to list all containers with new option containers\_all \([https\://github\.com/ansible\-collections/community\.docker/issues/535](https\://github\.com/ansible\-collections/community\.docker/issues/535)\, [https\://github\.com/ansible\-collections/community\.docker/pull/538](https\://github\.com/ansible\-collections/community\.docker/pull/538)\)\. - + ### Bugfixes * docker\_api connection plugin \- fix error handling when 409 Conflict is returned by the Docker daemon in case of a stopped container \([https\://github\.com/ansible\-collections/community\.docker/pull/546](https\://github\.com/ansible\-collections/community\.docker/pull/546)\)\. @@ -582,17 +672,17 @@ Regular bugfix and feature release\. ### New Modules -* docker\_container\_copy\_into \- Copy a file into a Docker container +* community\.docker\.docker\_container\_copy\_into \- Copy a file into a Docker container ## v3\.3\.2 - + ### Release Summary Bugfix release\. - + ### Bugfixes * docker\_container \- when detach\=false\, wait indefinitely and not at most one minute\. This was the behavior with Docker SDK for Python\, and was accidentally changed in 3\.0\.0 \([https\://github\.com/ansible\-collections/community\.docker/issues/526](https\://github\.com/ansible\-collections/community\.docker/issues/526)\, [https\://github\.com/ansible\-collections/community\.docker/pull/527](https\://github\.com/ansible\-collections/community\.docker/pull/527)\)\. @@ -600,12 +690,12 @@ Bugfix release\. ## v3\.3\.1 - + ### Release Summary Bugfix release\. - + ### Bugfixes * current\_container\_facts \- make container detection work better in more cases \([https\://github\.com/ansible\-collections/community\.docker/pull/522](https\://github\.com/ansible\-collections/community\.docker/pull/522)\)\. @@ -613,18 +703,18 @@ Bugfix release\. ## v3\.3\.0 - + ### Release Summary Feature and bugfix release\. - + ### Minor Changes * current\_container\_facts \- make work with current Docker version\, also support Podman \([https\://github\.com/ansible\-collections/community\.docker/pull/510](https\://github\.com/ansible\-collections/community\.docker/pull/510)\)\. * docker\_image \- when using archive\_path\, detect whether changes are necessary based on the image ID \(hash\)\. If the existing tar archive matches the source\, do nothing\. Previously\, each task execution re\-created the archive \([https\://github\.com/ansible\-collections/community\.docker/pull/500](https\://github\.com/ansible\-collections/community\.docker/pull/500)\)\. - + ### Bugfixes * docker\_container\_exec \- fix chdir option which was ignored since community\.docker 3\.0\.0 \([https\://github\.com/ansible\-collections/community\.docker/issues/517](https\://github\.com/ansible\-collections/community\.docker/issues/517)\, [https\://github\.com/ansible\-collections/community\.docker/pull/518](https\://github\.com/ansible\-collections/community\.docker/pull/518)\)\. @@ -633,12 +723,12 @@ Feature and bugfix release\. ## v3\.2\.2 - + ### Release Summary Bugfix release\. - + ### Bugfixes * docker\_container \- the kill\_signal option erroneously did not accept strings anymore since 3\.0\.0 \([https\://github\.com/ansible\-collections/community\.docker/issues/505](https\://github\.com/ansible\-collections/community\.docker/issues/505)\, [https\://github\.com/ansible\-collections/community\.docker/pull/506](https\://github\.com/ansible\-collections/community\.docker/pull/506)\)\. @@ -646,7 +736,7 @@ Bugfix release\. ## v3\.2\.1 - + ### Release Summary Maintenance release with improved documentation\. @@ -654,17 +744,17 @@ Maintenance release with improved documentation\. ## v3\.2\.0 - + ### Release Summary Feature and deprecation release\. - + ### Minor Changes * docker\_container \- added image\_name\_mismatch option which allows to control the behavior if the container uses the image specified\, but the container\'s configuration uses a different name for the image than the one provided to the module \([https\://github\.com/ansible\-collections/community\.docker/issues/485](https\://github\.com/ansible\-collections/community\.docker/issues/485)\, [https\://github\.com/ansible\-collections/community\.docker/pull/488](https\://github\.com/ansible\-collections/community\.docker/pull/488)\)\. - + ### Deprecated Features * docker\_container \- the ignore\_image option is deprecated and will be removed in community\.docker 4\.0\.0\. Use image\: ignore in comparisons instead \([https\://github\.com/ansible\-collections/community\.docker/pull/487](https\://github\.com/ansible\-collections/community\.docker/pull/487)\)\. @@ -673,12 +763,12 @@ Feature and deprecation release\. ## v3\.1\.0 - + ### Release Summary Feature release\. - + ### Minor Changes * The collection repository conforms to the [REUSE specification](https\://reuse\.software/spec/) except for the changelog fragments \([https\://github\.com/ansible\-collections/community\.docker/pull/462](https\://github\.com/ansible\-collections/community\.docker/pull/462)\)\. @@ -687,12 +777,12 @@ Feature release\. ## v3\.0\.2 - + ### Release Summary Bugfix release\. - + ### Bugfixes * docker\_image \- fix build argument handling \([https\://github\.com/ansible\-collections/community\.docker/issues/455](https\://github\.com/ansible\-collections/community\.docker/issues/455)\, [https\://github\.com/ansible\-collections/community\.docker/pull/456](https\://github\.com/ansible\-collections/community\.docker/pull/456)\)\. @@ -700,12 +790,12 @@ Bugfix release\. ## v3\.0\.1 - + ### Release Summary Bugfix release\. - + ### Bugfixes * docker\_container \- fix handling of env\_file \([https\://github\.com/ansible\-collections/community\.docker/issues/451](https\://github\.com/ansible\-collections/community\.docker/issues/451)\, [https\://github\.com/ansible\-collections/community\.docker/pull/452](https\://github\.com/ansible\-collections/community\.docker/pull/452)\)\. @@ -713,7 +803,7 @@ Bugfix release\. ## v3\.0\.0 - + ### Release Summary The 3\.0\.0 release features a rewrite of the docker\_container module\, and many modules and plugins no longer depend on the Docker SDK for Python\. @@ -740,7 +830,7 @@ The 3\.0\.0 release features a rewrite of the docker\_container mod * docker\_volume \- no longer uses the Docker SDK for Python\. It requires requests to be installed\, and depending on the features used has some more requirements\. If the Docker SDK for Python is installed\, these requirements are likely met \([https\://github\.com/ansible\-collections/community\.docker/pull/411](https\://github\.com/ansible\-collections/community\.docker/pull/411)\)\. * docker\_volume\_info \- no longer uses the Docker SDK for Python\. It requires requests to be installed\, and depending on the features used has some more requirements\. If the Docker SDK for Python is installed\, these requirements are likely met \([https\://github\.com/ansible\-collections/community\.docker/pull/412](https\://github\.com/ansible\-collections/community\.docker/pull/412)\)\. - + ### Minor Changes * All software licenses are now in the LICENSES/ directory of the collection root\. Moreover\, SPDX\-License\-Identifier\: is used to declare the applicable license for every file that is not automatically generated \([https\://github\.com/ansible\-collections/community\.docker/pull/430](https\://github\.com/ansible\-collections/community\.docker/pull/430)\)\. @@ -780,7 +870,7 @@ The 3\.0\.0 release features a rewrite of the docker\_container mod * modules and plugins communicating directly with the Docker daemon \- when connecting by SSH and not using use\_ssh\_client\=true\, reject unknown host keys instead of accepting them\. This is only a change relative to older community\.docker 3\.0\.0 pre\-releases or with respect to Docker SDK for Python \< 6\.0\.0\. Docker SDK for Python 6\.0\.0 will also include this change \([https\://github\.com/ansible\-collections/community\.docker/pull/434](https\://github\.com/ansible\-collections/community\.docker/pull/434)\)\. - + ### Bugfixes * docker\_image \- when composing the build context\, trim trailing whitespace from \.dockerignore entries\. This is only a change relative to older community\.docker 3\.0\.0 pre\-releases or with respect to Docker SDK for Python \< 6\.0\.0\. Docker SDK for Python 6\.0\.0 will also include this change \([https\://github\.com/ansible\-collections/community\.docker/pull/434](https\://github\.com/ansible\-collections/community\.docker/pull/434)\)\. @@ -794,23 +884,23 @@ The 3\.0\.0 release features a rewrite of the docker\_container mod ## v2\.7\.0 - + ### Release Summary Bugfix and deprecation release\. The next 2\.x\.y releases will only be bugfix releases\, the next expect minor/major release will be 3\.0\.0 with some major changes\. - + ### Minor Changes * Move common utility functions from the common module\_util to a new module\_util called util\. This should not have any user\-visible effect \([https\://github\.com/ansible\-collections/community\.docker/pull/390](https\://github\.com/ansible\-collections/community\.docker/pull/390)\)\. - + ### Deprecated Features * Support for Docker API version 1\.20 to 1\.24 has been deprecated and will be removed in community\.docker 3\.0\.0\. The first Docker version supporting API version 1\.25 was Docker 1\.13\, released in January 2017\. This affects the modules docker\_container\, docker\_container\_exec\, docker\_container\_info\, docker\_compose\, docker\_login\, docker\_image\, docker\_image\_info\, docker\_image\_load\, docker\_host\_info\, docker\_network\, docker\_network\_info\, docker\_node\_info\, docker\_swarm\_info\, docker\_swarm\_service\, docker\_swarm\_service\_info\, docker\_volume\_info\, and docker\_volume\, whose minimally supported API version is between 1\.20 and 1\.24 \([https\://github\.com/ansible\-collections/community\.docker/pull/396](https\://github\.com/ansible\-collections/community\.docker/pull/396)\)\. * Support for Python 2\.6 is deprecated and will be removed in the next major release \(community\.docker 3\.0\.0\)\. Some modules might still work with Python 2\.6\, but we will no longer try to ensure compatibility \([https\://github\.com/ansible\-collections/community\.docker/pull/388](https\://github\.com/ansible\-collections/community\.docker/pull/388)\)\. - + ### Bugfixes * Docker SDK for Python based modules and plugins \- if the API version is specified as an option\, use that one to validate API version requirements of module/plugin options instead of the latest API version supported by the Docker daemon\. This also avoids one unnecessary API call per module/plugin \([https\://github\.com/ansible\-collections/community\.docker/pull/389](https\://github\.com/ansible\-collections/community\.docker/pull/389)\)\. @@ -818,17 +908,17 @@ Bugfix and deprecation release\. The next 2\.x\.y releases will only be bugfix r ## v2\.6\.0 - + ### Release Summary Bugfix and feature release\. - + ### Minor Changes * docker\_container \- added image\_label\_mismatch parameter \([https\://github\.com/ansible\-collections/community\.docker/issues/314](https\://github\.com/ansible\-collections/community\.docker/issues/314)\, [https\://github\.com/ansible\-collections/community\.docker/pull/370](https\://github\.com/ansible\-collections/community\.docker/pull/370)\)\. - + ### Deprecated Features * Support for Ansible 2\.9 and ansible\-base 2\.10 is deprecated\, and will be removed in the next major release \(community\.docker 3\.0\.0\)\. Some modules might still work with these versions afterwards\, but we will no longer keep compatibility code that was needed to support them \([https\://github\.com/ansible\-collections/community\.docker/pull/361](https\://github\.com/ansible\-collections/community\.docker/pull/361)\)\. @@ -836,7 +926,7 @@ Bugfix and feature release\. * Various modules \- the default of tls\_hostname that was supposed to be removed in community\.docker 2\.0\.0 will now be removed in version 3\.0\.0 \([https\://github\.com/ansible\-collections/community\.docker/pull/362](https\://github\.com/ansible\-collections/community\.docker/pull/362)\)\. * docker\_stack \- the return values out and err that were supposed to be removed in community\.docker 2\.0\.0 will now be removed in version 3\.0\.0 \([https\://github\.com/ansible\-collections/community\.docker/pull/362](https\://github\.com/ansible\-collections/community\.docker/pull/362)\)\. - + ### Bugfixes * docker\_container \- fail with a meaningful message instead of crashing if a port is specified with more than three colon\-separated parts \([https\://github\.com/ansible\-collections/community\.docker/pull/367](https\://github\.com/ansible\-collections/community\.docker/pull/367)\, [https\://github\.com/ansible\-collections/community\.docker/issues/365](https\://github\.com/ansible\-collections/community\.docker/issues/365)\)\. @@ -845,12 +935,12 @@ Bugfix and feature release\. ## v2\.5\.1 - + ### Release Summary Maintenance release\. - + ### Bugfixes * Include PSF\-license\.txt file for plugins/module\_utils/\_version\.py\. @@ -858,12 +948,12 @@ Maintenance release\. ## v2\.5\.0 - + ### Release Summary Regular feature release\. - + ### Minor Changes * docker\_config \- add support for template\_driver with one option golang \([https\://github\.com/ansible\-collections/community\.docker/issues/332](https\://github\.com/ansible\-collections/community\.docker/issues/332)\, [https\://github\.com/ansible\-collections/community\.docker/pull/345](https\://github\.com/ansible\-collections/community\.docker/pull/345)\)\. @@ -872,19 +962,19 @@ Regular feature release\. ## v2\.4\.0 - + ### Release Summary Regular feature and bugfix release\. - + ### Minor Changes * Prepare collection for inclusion in an Execution Environment by declaring its dependencies\. The docker\_stack\* modules are not supported \([https\://github\.com/ansible\-collections/community\.docker/pull/336](https\://github\.com/ansible\-collections/community\.docker/pull/336)\)\. * current\_container\_facts \- add detection for GitHub Actions \([https\://github\.com/ansible\-collections/community\.docker/pull/336](https\://github\.com/ansible\-collections/community\.docker/pull/336)\)\. * docker\_container \- support returning Docker container log output when using Docker\'s local logging driver\, an optimized local logging driver introduced in Docker 18\.09 \([https\://github\.com/ansible\-collections/community\.docker/pull/337](https\://github\.com/ansible\-collections/community\.docker/pull/337)\)\. - + ### Bugfixes * docker connection plugin \- make sure that docker\_extra\_args is used for querying the Docker version\. Also ensures that the Docker version is only queried when needed\. This is currently the case if a remote user is specified \([https\://github\.com/ansible\-collections/community\.docker/issues/325](https\://github\.com/ansible\-collections/community\.docker/issues/325)\, [https\://github\.com/ansible\-collections/community\.docker/pull/327](https\://github\.com/ansible\-collections/community\.docker/pull/327)\)\. @@ -892,12 +982,12 @@ Regular feature and bugfix release\. ## v2\.3\.0 - + ### Release Summary Regular feature and bugfix release\. - + ### Minor Changes * docker connection plugin \- implement connection reset by clearing internal container user cache \([https\://github\.com/ansible\-collections/community\.docker/pull/312](https\://github\.com/ansible\-collections/community\.docker/pull/312)\)\. @@ -906,7 +996,7 @@ Regular feature and bugfix release\. * docker\_api connection plugin \- implement connection reset by clearing internal container user/group ID cache \([https\://github\.com/ansible\-collections/community\.docker/pull/312](https\://github\.com/ansible\-collections/community\.docker/pull/312)\)\. * docker\_api connection plugin \- the plugin supports new ways to define the timeout\. These are the ANSIBLE\_DOCKER\_TIMEOUT environment variable\, the timeout setting in the docker\_connection section of ansible\.cfg\, and the ansible\_docker\_timeout variable \([https\://github\.com/ansible\-collections/community\.docker/pull/308](https\://github\.com/ansible\-collections/community\.docker/pull/308)\)\. - + ### Bugfixes * docker connection plugin \- fix option handling to be compatible with ansible\-core 2\.13 \([https\://github\.com/ansible\-collections/community\.docker/pull/297](https\://github\.com/ansible\-collections/community\.docker/pull/297)\, [https\://github\.com/ansible\-collections/community\.docker/issues/307](https\://github\.com/ansible\-collections/community\.docker/issues/307)\)\. @@ -915,12 +1005,12 @@ Regular feature and bugfix release\. ## v2\.2\.1 - + ### Release Summary Regular bugfix release\. - + ### Bugfixes * docker\_compose \- fix Python 3 type error when extracting warnings or errors from docker\-compose\'s output \([https\://github\.com/ansible\-collections/community\.docker/pull/305](https\://github\.com/ansible\-collections/community\.docker/pull/305)\)\. @@ -928,19 +1018,19 @@ Regular bugfix release\. ## v2\.2\.0 - + ### Release Summary Regular feature and bugfix release\. - + ### Minor Changes * docker\_config \- add support for rolling update\, set rolling\_versions to true to enable \([https\://github\.com/ansible\-collections/community\.docker/pull/295](https\://github\.com/ansible\-collections/community\.docker/pull/295)\, [https\://github\.com/ansible\-collections/community\.docker/issues/109](https\://github\.com/ansible\-collections/community\.docker/issues/109)\)\. * docker\_secret \- add support for rolling update\, set rolling\_versions to true to enable \([https\://github\.com/ansible\-collections/community\.docker/pull/293](https\://github\.com/ansible\-collections/community\.docker/pull/293)\, [https\://github\.com/ansible\-collections/community\.docker/issues/21](https\://github\.com/ansible\-collections/community\.docker/issues/21)\)\. * docker\_swarm\_service \- add support for setting capabilities with the cap\_add and cap\_drop parameters\. Usage is the same as with the capabilities and cap\_drop parameters for docker\_container \([https\://github\.com/ansible\-collections/community\.docker/pull/294](https\://github\.com/ansible\-collections/community\.docker/pull/294)\)\. - + ### Bugfixes * docker\_container\, docker\_image \- adjust image finding code to peculiarities of podman\-docker\'s API emulation when Docker short names like redis are used \([https\://github\.com/ansible\-collections/community\.docker/issues/292](https\://github\.com/ansible\-collections/community\.docker/issues/292)\)\. @@ -948,12 +1038,12 @@ Regular feature and bugfix release\. ## v2\.1\.1 - + ### Release Summary Emergency release to amend breaking change in previous release\. - + ### Bugfixes * Fix unintended breaking change caused by [an earlier fix](https\://github\.com/ansible\-collections/community\.docker/pull/258) by vendoring the deprecated Python standard library distutils\.version until this collection stops supporting Ansible 2\.9 and ansible\-base 2\.10 \([https\://github\.com/ansible\-collections/community\.docker/issues/267](https\://github\.com/ansible\-collections/community\.docker/issues/267)\, [https\://github\.com/ansible\-collections/community\.docker/pull/269](https\://github\.com/ansible\-collections/community\.docker/pull/269)\)\. @@ -961,18 +1051,18 @@ Emergency release to amend breaking change in previous release\. ## v2\.1\.0 - + ### Release Summary Feature and bugfix release\. - + ### Minor Changes * docker\_container\_exec \- add detach parameter \([https\://github\.com/ansible\-collections/community\.docker/issues/250](https\://github\.com/ansible\-collections/community\.docker/issues/250)\, [https\://github\.com/ansible\-collections/community\.docker/pull/255](https\://github\.com/ansible\-collections/community\.docker/pull/255)\)\. * docker\_container\_exec \- add env option \([https\://github\.com/ansible\-collections/community\.docker/issues/248](https\://github\.com/ansible\-collections/community\.docker/issues/248)\, [https\://github\.com/ansible\-collections/community\.docker/pull/254](https\://github\.com/ansible\-collections/community\.docker/pull/254)\)\. - + ### Bugfixes * Various modules and plugins \- use vendored version of distutils\.version included in ansible\-core 2\.12 if available\. This avoids breakage when distutils is removed from the standard library of Python 3\.12\. Note that ansible\-core 2\.11\, ansible\-base 2\.10 and Ansible 2\.9 are right now not compatible with Python 3\.12\, hence this fix does not target these ansible\-core/\-base/2\.9 versions \([https\://github\.com/ansible\-collections/community\.docker/pull/258](https\://github\.com/ansible\-collections/community\.docker/pull/258)\)\. @@ -982,12 +1072,12 @@ Feature and bugfix release\. ## v2\.0\.2 - + ### Release Summary Bugfix release\. - + ### Bugfixes * docker\_api connection plugin \- avoid passing an unnecessary argument to a Docker SDK for Python call that is only supported by version 3\.0\.0 or later \([https\://github\.com/ansible\-collections/community\.docker/pull/243](https\://github\.com/ansible\-collections/community\.docker/pull/243)\)\. @@ -998,7 +1088,7 @@ Bugfix release\. ## v2\.0\.1 - + ### Release Summary Maintenance release with some documentation fixes\. @@ -1006,7 +1096,7 @@ Maintenance release with some documentation fixes\. ## v2\.0\.0 - + ### Release Summary New major release with some deprecations removed and a breaking change in the docker\_compose module regarding the timeout parameter\. @@ -1016,7 +1106,7 @@ New major release with some deprecations removed and a breaking change in the timeout defaulting behavior so that stop\_grace\_period\, if defined in the compose file\, will be used if timeout is not specified \([https\://github\.com/ansible\-collections/community\.docker/pull/163](https\://github\.com/ansible\-collections/community\.docker/pull/163)\)\. - + ### Deprecated Features * docker\_container \- using the special value all in published\_ports has been deprecated\. Use publish\_all\_ports\=true instead \([https\://github\.com/ansible\-collections/community\.docker/pull/210](https\://github\.com/ansible\-collections/community\.docker/pull/210)\)\. @@ -1032,12 +1122,12 @@ New major release with some deprecations removed and a breaking change in the ## v1\.10\.0 - + ### Release Summary Regular feature and bugfix release\. - + ### Minor Changes * Add the modules docker\_container\_exec\, docker\_image\_load and docker\_plugin to the docker module defaults group \([https\://github\.com/ansible\-collections/community\.docker/pull/209](https\://github\.com/ansible\-collections/community\.docker/pull/209)\)\. @@ -1047,12 +1137,12 @@ Regular feature and bugfix release\. ## v1\.9\.1 - + ### Release Summary Regular bugfix release\. - + ### Bugfixes * docker\_compose \- fixed incorrect changed status for services with profiles defined\, but none enabled \([https\://github\.com/ansible\-collections/community\.docker/pull/192](https\://github\.com/ansible\-collections/community\.docker/pull/192)\)\. @@ -1060,12 +1150,12 @@ Regular bugfix release\. ## v1\.9\.0 - + ### Release Summary New bugfixes and features release\. - + ### Minor Changes * docker\_\* modules \- include ImportError traceback when reporting that Docker SDK for Python could not be found \([https\://github\.com/ansible\-collections/community\.docker/pull/188](https\://github\.com/ansible\-collections/community\.docker/pull/188)\)\. @@ -1074,12 +1164,12 @@ New bugfixes and features release\. * docker\_container \- added new command\_handling option with current deprecated default value compatibility which allows to control how the module handles shell quoting when interpreting lists\, and how the module handles empty lists/strings\. The default will switch to correct in community\.docker 3\.0\.0 \([https\://github\.com/ansible\-collections/community\.docker/pull/186](https\://github\.com/ansible\-collections/community\.docker/pull/186)\)\. * docker\_container \- lifted restriction preventing the creation of anonymous volumes with the mounts option \([https\://github\.com/ansible\-collections/community\.docker/pull/181](https\://github\.com/ansible\-collections/community\.docker/pull/181)\)\. - + ### Deprecated Features * docker\_container \- the new command\_handling\'s default value\, compatibility\, is deprecated and will change to correct in community\.docker 3\.0\.0\. A deprecation warning is emitted by the module in cases where the behavior will change\. Please note that ansible\-core will output a deprecation warning only once\, so if it is shown for an earlier task\, there could be more tasks with this warning where it is not shown \([https\://github\.com/ansible\-collections/community\.docker/pull/186](https\://github\.com/ansible\-collections/community\.docker/pull/186)\)\. - + ### Bugfixes * docker\_compose \- fixes task failures when bringing up services while using docker\-compose \<1\.17\.0 \([https\://github\.com/ansible\-collections/community\.docker/issues/180](https\://github\.com/ansible\-collections/community\.docker/issues/180)\)\. @@ -1093,17 +1183,17 @@ New bugfixes and features release\. #### Connection -* nsenter \- execute on host running controller container +* community\.docker\.nsenter \- execute on host running controller container ## v1\.8\.0 - + ### Release Summary Regular bugfix and feature release\. - + ### Minor Changes * Avoid internal ansible\-core module\_utils in favor of equivalent public API available since at least Ansible 2\.9 \([https\://github\.com/ansible\-collections/community\.docker/pull/164](https\://github\.com/ansible\-collections/community\.docker/pull/164)\)\. @@ -1112,7 +1202,7 @@ Regular bugfix and feature release\. * docker\_host\_info \- allow values for keys in containers\_filters\, images\_filters\, networks\_filters\, and volumes\_filters to be passed as YAML lists \([https\://github\.com/ansible\-collections/community\.docker/pull/160](https\://github\.com/ansible\-collections/community\.docker/pull/160)\)\. * docker\_plugin \- added alias option to specify local names for docker plugins \([https\://github\.com/ansible\-collections/community\.docker/pull/161](https\://github\.com/ansible\-collections/community\.docker/pull/161)\)\. - + ### Bugfixes * docker\_compose \- fix idempotence bug when using stopped\: true \([https\://github\.com/ansible\-collections/community\.docker/issues/142](https\://github\.com/ansible\-collections/community\.docker/issues/142)\, [https\://github\.com/ansible\-collections/community\.docker/pull/159](https\://github\.com/ansible\-collections/community\.docker/pull/159)\)\. @@ -1120,12 +1210,12 @@ Regular bugfix and feature release\. ## v1\.7\.0 - + ### Release Summary Small feature and bugfix release\. - + ### Minor Changes * docker\_image \- allow to tag images by ID \([https\://github\.com/ansible\-collections/community\.docker/pull/149](https\://github\.com/ansible\-collections/community\.docker/pull/149)\)\. @@ -1133,12 +1223,12 @@ Small feature and bugfix release\. ## v1\.6\.1 - + ### Release Summary Bugfix release to reduce deprecation warning spam\. - + ### Bugfixes * docker\_\* modules and plugins\, except docker\_swarm connection plugin and docker\_compose and docker\_stack\*\` modules \- only emit \`\`tls\_hostname deprecation message if TLS is actually used \([https\://github\.com/ansible\-collections/community\.docker/pull/143](https\://github\.com/ansible\-collections/community\.docker/pull/143)\)\. @@ -1146,23 +1236,23 @@ Bugfix release to reduce deprecation warning spam\. ## v1\.6\.0 - + ### Release Summary Regular bugfix and feature release\. - + ### Minor Changes * common module utils \- correct error messages for guiding to install proper Docker SDK for Python module \([https\://github\.com/ansible\-collections/community\.docker/pull/125](https\://github\.com/ansible\-collections/community\.docker/pull/125)\)\. * docker\_container \- allow memory\_swap\: \-1 to set memory swap limit to unlimited\. This is useful when the user cannot set memory swap limits due to cgroup limitations or other reasons\, as by default Docker will try to set swap usage to two times the value of memory \([https\://github\.com/ansible\-collections/community\.docker/pull/138](https\://github\.com/ansible\-collections/community\.docker/pull/138)\)\. - + ### Deprecated Features * docker\_\* modules and plugins\, except docker\_swarm connection plugin and docker\_compose and docker\_stack\*\` modules \- the current default \`\`localhost for tls\_hostname is deprecated\. In community\.docker 2\.0\.0 it will be computed from docker\_host instead \([https\://github\.com/ansible\-collections/community\.docker/pull/134](https\://github\.com/ansible\-collections/community\.docker/pull/134)\)\. - + ### Bugfixes * docker\-compose \- fix not pulling when state\: present and stopped\: true \([https\://github\.com/ansible\-collections/community\.docker/issues/12](https\://github\.com/ansible\-collections/community\.docker/issues/12)\, [https\://github\.com/ansible\-collections/community\.docker/pull/119](https\://github\.com/ansible\-collections/community\.docker/pull/119)\)\. @@ -1172,17 +1262,17 @@ Regular bugfix and feature release\. ## v1\.5\.0 - + ### Release Summary Regular feature release\. - + ### Minor Changes * Add the use\_ssh\_client option to most docker modules and plugins \([https\://github\.com/ansible\-collections/community\.docker/issues/108](https\://github\.com/ansible\-collections/community\.docker/issues/108)\, [https\://github\.com/ansible\-collections/community\.docker/pull/114](https\://github\.com/ansible\-collections/community\.docker/pull/114)\)\. - + ### Bugfixes * all modules \- use to\_native to convert exceptions to strings \([https\://github\.com/ansible\-collections/community\.docker/pull/121](https\://github\.com/ansible\-collections/community\.docker/pull/121)\)\. @@ -1190,17 +1280,17 @@ Regular feature release\. ### New Modules -* docker\_container\_exec \- Execute command in a docker container +* community\.docker\.docker\_container\_exec \- Execute command in a docker container ## v1\.4\.0 - + ### Release Summary Security release to address another potential secret leak\. Also includes regular bugfixes and features\. - + ### Minor Changes * docker\_swarm\_service \- change publish\.published\_port option from mandatory to optional\. Docker will assign random high port if not specified \([https\://github\.com/ansible\-collections/community\.docker/issues/99](https\://github\.com/ansible\-collections/community\.docker/issues/99)\)\. @@ -1215,7 +1305,7 @@ Security release to address another potential secret leak\. Also includes regula * docker\_swarm \- the join\_token option is now marked as no\_log so it is no longer written into logs \([https\://github\.com/ansible\-collections/community\.docker/pull/103](https\://github\.com/ansible\-collections/community\.docker/pull/103)\)\. - + ### Bugfixes * docker\_swarm\_service \- fix KeyError on caused by reference to deprecated option update\_failure\_action \([https\://github\.com/ansible\-collections/community\.docker/pull/100](https\://github\.com/ansible\-collections/community\.docker/pull/100)\)\. @@ -1224,12 +1314,12 @@ Security release to address another potential secret leak\. Also includes regula ## v1\.3\.0 - + ### Release Summary Regular feature and bugfix release\. - + ### Minor Changes * docker\_container \- add storage\_opts option to specify storage options \([https\://github\.com/ansible\-collections/community\.docker/issues/91](https\://github\.com/ansible\-collections/community\.docker/issues/91)\, [https\://github\.com/ansible\-collections/community\.docker/pull/93](https\://github\.com/ansible\-collections/community\.docker/pull/93)\)\. @@ -1237,7 +1327,7 @@ Regular feature and bugfix release\. * docker\_image \- properly support image IDs \(hashes\) for loading and tagging images \([https\://github\.com/ansible\-collections/community\.docker/issues/86](https\://github\.com/ansible\-collections/community\.docker/issues/86)\, [https\://github\.com/ansible\-collections/community\.docker/pull/87](https\://github\.com/ansible\-collections/community\.docker/pull/87)\)\. * docker\_swarm\_service \- adding support for maximum number of tasks per node \(replicas\_max\_per\_node\) when running swarm service in replicated mode\. Introduced in API 1\.40 \([https\://github\.com/ansible\-collections/community\.docker/issues/7](https\://github\.com/ansible\-collections/community\.docker/issues/7)\, [https\://github\.com/ansible\-collections/community\.docker/pull/92](https\://github\.com/ansible\-collections/community\.docker/pull/92)\)\. - + ### Bugfixes * docker\_container \- fix healthcheck disabling idempotency issue with strict comparison \([https\://github\.com/ansible\-collections/community\.docker/issues/85](https\://github\.com/ansible\-collections/community\.docker/issues/85)\)\. @@ -1249,13 +1339,13 @@ Regular feature and bugfix release\. ### New Modules -* docker\_image\_load \- Load docker image\(s\) from archives -* docker\_plugin \- Manage Docker plugins +* community\.docker\.docker\_image\_load \- Load docker image\(s\) from archives +* community\.docker\.docker\_plugin \- Manage Docker plugins ## v1\.2\.2 - + ### Release Summary Security bugfix release to address CVE\-2021\-20191\. @@ -1268,12 +1358,12 @@ Security bugfix release to address CVE\-2021\-20191\. ## v1\.2\.1 - + ### Release Summary Bugfix release\. - + ### Bugfixes * docker connection plugin \- fix Docker version parsing\, as some docker versions have a leading v in the output of the command docker version \-\-format \"\{\{\.Server\.Version\}\}\" \([https\://github\.com/ansible\-collections/community\.docker/pull/76](https\://github\.com/ansible\-collections/community\.docker/pull/76)\)\. @@ -1281,17 +1371,17 @@ Bugfix release\. ## v1\.2\.0 - + ### Release Summary Feature release with one new feature and two bugfixes\. - + ### Minor Changes * docker\_container \- added default\_host\_ip option which allows to explicitly set the default IP string for published ports without explicitly specified IPs\. When using IPv6 binds with Docker 20\.10\.2 or newer\, this needs to be set to an empty string \(\"\"\) \([https\://github\.com/ansible\-collections/community\.docker/issues/70](https\://github\.com/ansible\-collections/community\.docker/issues/70)\, [https\://github\.com/ansible\-collections/community\.docker/pull/71](https\://github\.com/ansible\-collections/community\.docker/pull/71)\)\. - + ### Bugfixes * docker\_container \- allow IPv6 zones \(RFC 4007\) in bind IPs \([https\://github\.com/ansible\-collections/community\.docker/pull/66](https\://github\.com/ansible\-collections/community\.docker/pull/66)\)\. @@ -1300,24 +1390,24 @@ Feature release with one new feature and two bugfixes\. ## v1\.1\.0 - + ### Release Summary Feature release with three new plugins and modules\. - + ### Minor Changes * docker\_container \- support specifying cgroup\_parent \([https\://github\.com/ansible\-collections/community\.docker/issues/6](https\://github\.com/ansible\-collections/community\.docker/issues/6)\, [https\://github\.com/ansible\-collections/community\.docker/pull/59](https\://github\.com/ansible\-collections/community\.docker/pull/59)\)\. * docker\_container \- when a container is started with detached\=false\, status is now also returned when it is 0 \([https\://github\.com/ansible\-collections/community\.docker/issues/26](https\://github\.com/ansible\-collections/community\.docker/issues/26)\, [https\://github\.com/ansible\-collections/community\.docker/pull/58](https\://github\.com/ansible\-collections/community\.docker/pull/58)\)\. * docker\_image \- support platform when building images \([https\://github\.com/ansible\-collections/community\.docker/issues/22](https\://github\.com/ansible\-collections/community\.docker/issues/22)\, [https\://github\.com/ansible\-collections/community\.docker/pull/54](https\://github\.com/ansible\-collections/community\.docker/pull/54)\)\. - + ### Deprecated Features * docker\_container \- currently published\_ports can contain port mappings next to the special value all\, in which case the port mappings are ignored\. This behavior is deprecated for community\.docker 2\.0\.0\, at which point it will either be forbidden\, or this behavior will be properly implemented similar to how the Docker CLI tool handles this \([https\://github\.com/ansible\-collections/community\.docker/issues/8](https\://github\.com/ansible\-collections/community\.docker/issues/8)\, [https\://github\.com/ansible\-collections/community\.docker/pull/60](https\://github\.com/ansible\-collections/community\.docker/pull/60)\)\. - + ### Bugfixes * docker\_image \- if push\=true is used with repository\, and the image does not need to be tagged\, still push\. This can happen if repository and name are equal \([https\://github\.com/ansible\-collections/community\.docker/issues/52](https\://github\.com/ansible\-collections/community\.docker/issues/52)\, [https\://github\.com/ansible\-collections/community\.docker/pull/53](https\://github\.com/ansible\-collections/community\.docker/pull/53)\)\. @@ -1330,27 +1420,27 @@ Feature release with three new plugins and modules\. #### Connection -* docker\_api \- Run tasks in docker containers +* community\.docker\.docker\_api \- Run tasks in docker containers #### Inventory -* docker\_containers \- Ansible dynamic inventory plugin for Docker containers\. +* community\.docker\.docker\_containers \- Ansible dynamic inventory plugin for Docker containers\. ### New Modules -* current\_container\_facts \- Return facts about whether the module runs in a Docker container +* community\.docker\.current\_container\_facts \- Return facts about whether the module runs in a Docker container ## v1\.0\.1 - + ### Release Summary Maintenance release with a bugfix for docker\_container\. - + ### Bugfixes * docker\_container \- the validation for capabilities in device\_requests was incorrect \([https\://github\.com/ansible\-collections/community\.docker/issues/42](https\://github\.com/ansible\-collections/community\.docker/issues/42)\, [https\://github\.com/ansible\-collections/community\.docker/pull/43](https\://github\.com/ansible\-collections/community\.docker/pull/43)\)\. @@ -1358,12 +1448,12 @@ Maintenance release with a bugfix for docker\_container\. ## v1\.0\.0 - + ### Release Summary This is the first production \(non\-prerelease\) release of community\.docker\. - + ### Minor Changes * Add collection\-side support of the docker action group / module defaults group \([https\://github\.com/ansible\-collections/community\.docker/pull/17](https\://github\.com/ansible\-collections/community\.docker/pull/17)\)\. @@ -1373,14 +1463,14 @@ This is the first production \(non\-prerelease\) release of community\.doc ## v0\.1\.0 - + ### Release Summary The community\.docker continues the work on the Ansible docker modules and plugins from their state in community\.general 1\.2\.0\. The changes listed here are thus relative to the modules and plugins community\.general\.docker\*\. All deprecation removals planned for community\.general 2\.0\.0 have been applied\. All deprecation removals scheduled for community\.general 3\.0\.0 have been re\-scheduled for community\.docker 2\.0\.0\. - + ### Minor Changes * docker\_container \- now supports the device\_requests option\, which allows to request additional resources such as GPUs \([https\://github\.com/ansible/ansible/issues/65748](https\://github\.com/ansible/ansible/issues/65748)\, [https\://github\.com/ansible\-collections/community\.general/pull/1119](https\://github\.com/ansible\-collections/community\.general/pull/1119)\)\. @@ -1411,7 +1501,7 @@ All deprecation removals planned for community\.general 2\.0\.0 hav * docker\_volume \- no longer returns ansible\_facts \([https\://github\.com/ansible\-collections/community\.docker/pull/1](https\://github\.com/ansible\-collections/community\.docker/pull/1)\)\. * docker\_volume \- the force option has been removed\. Use recreate instead \([https\://github\.com/ansible\-collections/community\.docker/pull/1](https\://github\.com/ansible\-collections/community\.docker/pull/1)\)\. - + ### Bugfixes * docker\_login \- fix internal config file storage to handle credentials for more than one registry \([https\://github\.com/ansible\-collections/community\.general/issues/1117](https\://github\.com/ansible\-collections/community\.general/issues/1117)\)\. diff --git a/ansible_collections/community/docker/CHANGELOG.rst b/ansible_collections/community/docker/CHANGELOG.rst index 1e2ef58a6..dff8b150b 100644 --- a/ansible_collections/community/docker/CHANGELOG.rst +++ b/ansible_collections/community/docker/CHANGELOG.rst @@ -4,6 +4,82 @@ Docker Community Collection Release Notes .. contents:: Topics +v3.10.3 +======= + +Release Summary +--------------- + +Bugfix release. + +Bugfixes +-------- + +- docker and nsenter connection plugins, docker_container_exec module - avoid using the deprecated ``ansible.module_utils.compat.selectors`` module util with Python 3 (https://github.com/ansible-collections/community.docker/issues/870, https://github.com/ansible-collections/community.docker/pull/871). + +v3.10.2 +======= + +Release Summary +--------------- + +Bugfix release. + +Bugfixes +-------- + +- vendored Docker SDK for Python - include a fix requests 2.32.2+ compatibility (https://github.com/ansible-collections/community.docker/issues/860, https://github.com/psf/requests/issues/6707, https://github.com/ansible-collections/community.docker/pull/864). + +v3.10.1 +======= + +Release Summary +--------------- + +Hotfix release for requests 2.32.0 compatibility. + +Bugfixes +-------- + +- vendored Docker SDK for Python - include a hotfix for requests 2.32.0 compatibility (https://github.com/ansible-collections/community.docker/issues/860, https://github.com/docker/docker-py/issues/3256, https://github.com/ansible-collections/community.docker/pull/861). + +Known Issues +------------ + +- Please note that the fix for requests 2.32.0 included in community.docker 3.10.1 only + fixes problems with the *vendored* Docker SDK for Python code. Modules and plugins that + use Docker SDK for Python can still fail due to the SDK currently being incompatible + with requests 2.32.0. + + If you still experience problems with requests 2.32.0, such as error messages like + ``Not supported URL scheme http+docker``, please restrict requests to ``<2.32.0``. + +v3.10.0 +======= + +Release Summary +--------------- + +Feature release. + +Minor Changes +------------- + +- docker_container - adds ``healthcheck.start_interval`` to support healthcheck start interval setting on containers (https://github.com/ansible-collections/community.docker/pull/848). +- docker_container - adds ``healthcheck.test_cli_compatible`` to allow omit test option on containers without remove existing image test (https://github.com/ansible-collections/community.docker/pull/847). +- docker_image_build - add ``outputs`` option to allow configuring outputs for the build (https://github.com/ansible-collections/community.docker/pull/852). +- docker_image_build - add ``secrets`` option to allow passing secrets to the build (https://github.com/ansible-collections/community.docker/pull/852). +- docker_image_build - allow ``platform`` to be a list of platforms instead of only a single platform for multi-platform builds (https://github.com/ansible-collections/community.docker/pull/852). +- docker_network - adds ``config_only`` and ``config_from`` to support creating and using config only networks (https://github.com/ansible-collections/community.docker/issues/395). +- docker_prune - add new options ``builder_cache_all``, ``builder_cache_filters``, and ``builder_cache_keep_storage``, and a new return value ``builder_cache_caches_deleted`` for pruning build caches (https://github.com/ansible-collections/community.docker/issues/844, https://github.com/ansible-collections/community.docker/issues/845). +- docker_swarm_service - adds ``sysctls`` to support sysctl settings on swarm services (https://github.com/ansible-collections/community.docker/issues/190). + +Deprecated Features +------------------- + +- docker_compose - the Docker Compose v1 module is deprecated and will be removed from community.docker 4.0.0. Please migrate to the ``community.docker.docker_compose_v2`` module, which works with Docker Compose v2 (https://github.com/ansible-collections/community.docker/issues/823, https://github.com/ansible-collections/community.docker/pull/833). +- various modules and plugins - the ``ssl_version`` option has been deprecated and will be removed from community.docker 4.0.0. It has already been removed from Docker SDK for Python 7.0.0, and was only necessary in the past to work around SSL/TLS issues (https://github.com/ansible-collections/community.docker/pull/853). + v3.9.0 ====== @@ -93,7 +169,7 @@ Bugfixes New Modules ----------- -- docker_image_export - Export (archive) Docker images +- community.docker.docker_image_export - Export (archive) Docker images v3.6.0 ====== @@ -137,13 +213,13 @@ Bugfixes New Modules ----------- -- docker_compose_v2 - Manage multi-container Docker applications with Docker Compose CLI plugin -- docker_compose_v2_pull - Pull a Docker compose project -- docker_image_build - Build Docker images using Docker buildx -- docker_image_pull - Pull Docker images from registries -- docker_image_push - Push Docker images to registries -- docker_image_remove - Remove Docker images -- docker_image_tag - Tag Docker images with new names and/or tags +- community.docker.docker_compose_v2 - Manage multi-container Docker applications with Docker Compose CLI plugin +- community.docker.docker_compose_v2_pull - Pull a Docker compose project +- community.docker.docker_image_build - Build Docker images using Docker buildx +- community.docker.docker_image_pull - Pull Docker images from registries +- community.docker.docker_image_push - Push Docker images to registries +- community.docker.docker_image_remove - Remove Docker images +- community.docker.docker_image_tag - Tag Docker images with new names and/or tags v3.5.0 ====== @@ -359,7 +435,7 @@ Bugfixes New Modules ----------- -- docker_container_copy_into - Copy a file into a Docker container +- community.docker.docker_container_copy_into - Copy a file into a Docker container v3.3.2 ====== @@ -870,7 +946,7 @@ New Plugins Connection ~~~~~~~~~~ -- nsenter - execute on host running controller container +- community.docker.nsenter - execute on host running controller container v1.8.0 ====== @@ -967,7 +1043,7 @@ Bugfixes New Modules ----------- -- docker_container_exec - Execute command in a docker container +- community.docker.docker_container_exec - Execute command in a docker container v1.4.0 ====== @@ -1026,8 +1102,8 @@ Bugfixes New Modules ----------- -- docker_image_load - Load docker image(s) from archives -- docker_plugin - Manage Docker plugins +- community.docker.docker_image_load - Load docker image(s) from archives +- community.docker.docker_plugin - Manage Docker plugins v1.2.2 ====== @@ -1107,17 +1183,17 @@ New Plugins Connection ~~~~~~~~~~ -- docker_api - Run tasks in docker containers +- community.docker.docker_api - Run tasks in docker containers Inventory ~~~~~~~~~ -- docker_containers - Ansible dynamic inventory plugin for Docker containers. +- community.docker.docker_containers - Ansible dynamic inventory plugin for Docker containers. New Modules ----------- -- current_container_facts - Return facts about whether the module runs in a Docker container +- community.docker.current_container_facts - Return facts about whether the module runs in a Docker container v1.0.1 ====== diff --git a/ansible_collections/community/docker/FILES.json b/ansible_collections/community/docker/FILES.json index da52548f1..c2f6a28c3 100644 --- a/ansible_collections/community/docker/FILES.json +++ b/ansible_collections/community/docker/FILES.json @@ -109,7 +109,7 @@ "name": ".azure-pipelines/azure-pipelines.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "84dc585b738c2bfea68ee8e9cd6d4417f36627bd96a67f92b6f8073449b2d7af", + "chksum_sha256": "eed726931f1b030bc5f6c4165c0251704a098760de49fe58cad4c56aa91522e0", "format": 1 }, { @@ -130,7 +130,7 @@ "name": ".github/workflows/ansible-test.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "4082845558609060198c2628d77b14eb18b28f48faf0fc08116fee817b4e056c", + "chksum_sha256": "b36f9ccf4acf3c6d9358268de4c973d43406516c7f2b09f4303fa7c9672ae69a", "format": 1 }, { @@ -242,7 +242,7 @@ "name": "changelogs/changelog.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "d3068c91410e1c891056bfdefa3812fb91ed3ccd41fe97b6aaa428debcd5b663", + "chksum_sha256": "e678850bfb28299b51297b445b2319e25d84b492364f236ee0154baefcb7d8ce", "format": 1 }, { @@ -256,7 +256,7 @@ "name": "changelogs/config.yaml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "89ca51ecae2759b4987976d346e16fa930be4a4e05062a1385764626e3aca951", + "chksum_sha256": "21105a71a6783da90a5b108563acfeadf066ef571db64d0d36d55c5886ba1dcd", "format": 1 }, { @@ -284,7 +284,7 @@ "name": "docs/docsite/rst/scenario_guide.rst", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "b7460de972dad8dba6ffbaacd46a84f2b673a74e78f5eb3db617fd3eb574ba6d", + "chksum_sha256": "dcbef6d865e38902c5a8b88e7bddf940f62cf31067f29cd041a215cd6a0a6f19", "format": 1 }, { @@ -340,7 +340,7 @@ "name": "meta/runtime.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "edcb1bfa37eaf30f16b8a081dcd80ac6406972a894d4f3f5f7fd320e4f309c38", + "chksum_sha256": "9c6256715af06a03c0a93beac94757d47be3b0125ccce5d874ffd9227890d09f", "format": 1 }, { @@ -375,21 +375,21 @@ "name": "plugins/connection/docker.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "499dc980904433196409bc04a10faf38801123c8a22871026037f4bad6d13bab", + "chksum_sha256": "4d013442683d88f48c73695a8cf5d6acb11b4528db1d195c41209a641dd9ebda", "format": 1 }, { "name": "plugins/connection/docker_api.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "eb3275f36134a45b5acc0620f5b0b849c9cde8cf1975c7cd45b683d56e2e4258", + "chksum_sha256": "f04f25bf107d119641444104cf76284c7bb42d6407de0b881eb5b554ae147edd", "format": 1 }, { "name": "plugins/connection/nsenter.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "2f246a2f8dcb35feb42d2a1d7f28ead845ae4854da097781489233f5a5920e94", + "chksum_sha256": "0b3e97b145df0862f75ea03ead386929d6e4faae67123e0421b19a2fa3575347", "format": 1 }, { @@ -417,7 +417,7 @@ "name": "plugins/doc_fragments/docker.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "89dae4973d0a843ba52d8ac81197045dcdc136df4ca685210efe815366dbb70f", + "chksum_sha256": "15bc8148d241ed95343e15632933a9d6d15b53d690c2f1b7b8a0d7cf56c2adc2", "format": 1 }, { @@ -431,7 +431,7 @@ "name": "plugins/inventory/docker_containers.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "a4feea030c92ca0b3541d679ad49ae060430c0f5a3994fb589485a330613941a", + "chksum_sha256": "a4571bbd61633d474b092157351d19ce4ca99893402cb9bfeb316e03427eb357", "format": 1 }, { @@ -445,7 +445,7 @@ "name": "plugins/inventory/docker_swarm.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "04e5cf494bac339905130787fbdfe0ca23ab7caad8fec2f784d014937f86eeb1", + "chksum_sha256": "73d1a797b773c037c755480b245ad7cfc11b6eb7310c1f015c52729c4e842dab", "format": 1 }, { @@ -529,7 +529,7 @@ "name": "plugins/module_utils/_api/transport/basehttpadapter.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "73da87364c86548cdf16f52608349443f02f9926b52e736649a417f1238376ea", + "chksum_sha256": "2e88df15eeb6be839c78e777bc093d3f2c727b185395d2616d0cd6d92a4675f5", "format": 1 }, { @@ -697,14 +697,14 @@ "name": "plugins/module_utils/module_container/base.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "3ef56885b8746ef1ae068412cd9a608dcb83f5b7aa06670d5ae6216aa845a940", + "chksum_sha256": "3a1b4d8958005daf4724c037e7419ddbba384eda142a55c6088f5045617f2672", "format": 1 }, { "name": "plugins/module_utils/module_container/docker_api.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "2d0e757e6b3439e7445531b1be278c283e2a442747f86f51ef831739ddf158c5", + "chksum_sha256": "c21b7f1c3d8e1d188ffec2b460589da857ec44d550874f0fb7016e083e7071c2", "format": 1 }, { @@ -777,6 +777,13 @@ "chksum_sha256": "26073983bafd86ccadb1f197f2a55188f208145db066bbc02ea9bf59aaf30085", "format": 1 }, + { + "name": "plugins/module_utils/selectors.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "a48ff68d6dd79eb5d9509e3acae79a6179c9646c51654108ca6873d1eafdb817", + "format": 1 + }, { "name": "plugins/module_utils/socket_handler.py", "ftype": "file", @@ -802,7 +809,7 @@ "name": "plugins/module_utils/util.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "cd9d4863ea58408543821688b7093aed25a1323109de82c13c8489f6cd45651a", + "chksum_sha256": "b300136bb10e2a9a51862b6b10eb5ce9032c551a13cebba97200ccb501e1a450", "format": 1 }, { @@ -830,7 +837,7 @@ "name": "plugins/modules/docker_compose.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "ae76fdb37a3517ffcdc50047d900d33a94a9c5e85dcc76ebdd1bbc6dfa9c3b8b", + "chksum_sha256": "973b8aee68fcb76dd620c243904c64dee7f234ca1f69019b87c83ca72a8efc48", "format": 1 }, { @@ -858,7 +865,7 @@ "name": "plugins/modules/docker_container.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "20ff6513c8c1d81c477c58c1cbe943e383005bcf8c110cfb3b58f96240339da7", + "chksum_sha256": "24722b19a3ea8c32bdade25e9f5e061ede3fed5bb01c3db238a5cb45e28b2a1b", "format": 1 }, { @@ -872,7 +879,7 @@ "name": "plugins/modules/docker_container_exec.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "088ebb7b7c11d7d7ee8a9e30a9813dc7acfd0bac32782a8a128ac3fe613ab797", + "chksum_sha256": "9828790f19f268519de01fa41df37adf89f5a6af88438b4dab5fd225b7a68a88", "format": 1 }, { @@ -900,7 +907,7 @@ "name": "plugins/modules/docker_image_build.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "0c56e7842f5681b3ca5081ee263fc33ee2a677ce07d19407c04be97f66352720", + "chksum_sha256": "ced5bedc7d1ad287717dc2ea39357db5ca584973d04b4f2225180c8fd20ece22", "format": 1 }, { @@ -963,7 +970,7 @@ "name": "plugins/modules/docker_network.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "d8f6a678e09487346b7ab007dcef3d8c5cb494ede7ccadc43be42c205902de40", + "chksum_sha256": "f0b7ab1dd6aac89762fd6ab9b30267eb48bb0906ade41805ff5df79d5e3685c0", "format": 1 }, { @@ -998,7 +1005,7 @@ "name": "plugins/modules/docker_prune.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "83107f0243ee1c6706686da15f65e8aa2e5fc96e0d346934210557a97ca38292", + "chksum_sha256": "57a0ca1bfd08ac4f16afcaf8a925697bd8cd53a4aa33d1c07b53992174e3eeab", "format": 1 }, { @@ -1047,7 +1054,7 @@ "name": "plugins/modules/docker_swarm_service.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "a123422ef5020a31efc1f19872e62bd1374af3352640a62df3f01dc8a4c0a3df", + "chksum_sha256": "355ed4ec943f881394333a58cc442803c36c85c0e2232374bc9970be977444bd", "format": 1 }, { @@ -1096,7 +1103,7 @@ "name": "plugins/plugin_utils/socket_handler.py", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "35cd4e8636a9d7bc209996b7a384c183f14f205485939744d2164d86a70c8e9b", + "chksum_sha256": "56157c15e13defbde6a392ba2804bdb2734316d559c2e61c08361d65deae3ae0", "format": 1 }, { @@ -1586,7 +1593,7 @@ "name": "tests/integration/targets/docker_compose_v2/tasks/main.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "375f957e7348b7c72fac3e7ce7634b9424daf98122537ff7b803b56aa4b3079d", + "chksum_sha256": "c2a2b069e45658c6089293227752efeb565e01191414706424ce74de797120f2", "format": 1 }, { @@ -1649,7 +1656,7 @@ "name": "tests/integration/targets/docker_compose_v2_pull/tasks/main.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "375f957e7348b7c72fac3e7ce7634b9424daf98122537ff7b803b56aa4b3079d", + "chksum_sha256": "8e6319cebc310a53e60a30c57416f87baf55918cb8264ae0cf1a070821cb63ba", "format": 1 }, { @@ -2237,7 +2244,7 @@ "name": "tests/integration/targets/docker_image_build/tasks/tests/options.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "175cbbaf36639ee9c054d814400835d571416b48df606c9ed7ccaf009f98032c", + "chksum_sha256": "8fe987d38f4065b152a05d845709946504903321342d99184c10aa7cf86ae74b", "format": 1 }, { @@ -2258,7 +2265,7 @@ "name": "tests/integration/targets/docker_image_build/tasks/test.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "d96b8ee07ced0cad104066cce1c1ccbd8569008924dc2669c43f363dcfec9c6f", + "chksum_sha256": "4ee523d71f919551cb6c11ae760fe05d24990867ab5a08be86e554a3a8fed861", "format": 1 }, { @@ -2296,6 +2303,13 @@ "chksum_sha256": "7d9039d8165a7c7170c5f1466438e9c27d6380abb329609d7601d34325709858", "format": 1 }, + { + "name": "tests/integration/targets/docker_image_build/templates/SecretsDockerfile", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "d65014cfb0da5082a68731d539360be8b0e522df6da3d8054dfa216910ba63a6", + "format": 1 + }, { "name": "tests/integration/targets/docker_image_build/templates/StagedDockerfile", "ftype": "file", @@ -3147,7 +3161,7 @@ "name": "tests/integration/targets/docker_prune/tasks/main.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "277ac80b8d8597c2654bac67cd19434f0c478efe5f97cd341a5c90e1214c0463", + "chksum_sha256": "e1128cf980ee7ef055acc2d4e41f36e4b7d798f6e73a22ba34f3be0b261b2ca1", "format": 1 }, { @@ -3763,7 +3777,7 @@ "name": "tests/integration/targets/docker_swarm_service/vars/main.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "fe5d12fec25ef974db885fd92993fc20baf102c5db843c58dd4263fc80c46ccf", + "chksum_sha256": "380d6716f8abcfa414e9174dffc3bb2b86aafc97ec7594f473b2ac1a3ffa9974", "format": 1 }, { @@ -3987,7 +4001,7 @@ "name": "tests/integration/targets/generic_connection_tests/tasks/main.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "880a774a7c576b4d4f18dc7308387997278fadb052687da474dfe4c060922cff", + "chksum_sha256": "da42f5ed16ff85517f2feb4316aa384d68c3a69f1ba3b3402b472ebc5b771f43", "format": 1 }, { @@ -4442,7 +4456,7 @@ "name": "tests/integration/targets/setup_docker/tasks/main.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "3e5d213ee69aa2b33302bc83ce9d56fde52956a4070fde9c3e2de3c7564ad88c", + "chksum_sha256": "55ce15cf1ed1c55a7819cccd60385f8368b79ee831c8c458fab6eaef4d4f7f28", "format": 1 }, { @@ -4736,7 +4750,7 @@ "name": "tests/integration/targets/setup_docker_cli_compose/tasks/main.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "4c8d8ec38064dacd5357eee4cab893855454ebe75e9f30c638071735a596776e", + "chksum_sha256": "574619bac82e7a65751db428c58b2c44a12e827c723289dc0dcaaef2a97867cf", "format": 1 }, { @@ -4883,7 +4897,7 @@ "name": "tests/integration/targets/setup_docker_compose_v1/vars/Alpine.yml", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "0554ad7767703892ec32552f8d6119dcc9015f694aa90e4aa4dc4d65a069840e", + "chksum_sha256": "95ea3c984062c116932d4d4608d7f25d9e0f9a328c98b5be8ff135ccf3c9ffc7", "format": 1 }, { @@ -5814,7 +5828,7 @@ "name": "tests/sanity/ignore-2.11.txt", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "9a24bca3a941c3895d8443f5467ad500972776bf79973430315dc60666ca395d", + "chksum_sha256": "9e75ee9b11ed3f5847b55c01cf200d637634bb9a81a8dcfa491bf100ac21d1e2", "format": 1 }, { @@ -5828,7 +5842,7 @@ "name": "tests/sanity/ignore-2.12.txt", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "253e2f40d466107ec1ec5ec4a936056f7a25a47c9eff9c1541faed239e954847", + "chksum_sha256": "8c94911e1d8e017201a95be684853df3667c9c2dcbd5a8b975925abbccb411f2", "format": 1 }, { @@ -5842,7 +5856,7 @@ "name": "tests/sanity/ignore-2.13.txt", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "7633370c8868422bb5746752325d5799c4054b89347bfe284a5d562f1aa1ca75", + "chksum_sha256": "6d447377ca8ae39bbcce6dd990637444a59444529537371720003f13da4f5fd4", "format": 1 }, { @@ -5856,7 +5870,7 @@ "name": "tests/sanity/ignore-2.14.txt", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "ccc7d836b365401a29253c3db1fef85f976a8977eb57332de1136187ac45f39a", + "chksum_sha256": "66b5d2222c0ea982efa4ccbc5fffad980cfbc17001a6cf39b072297715cc22b8", "format": 1 }, { @@ -5870,7 +5884,7 @@ "name": "tests/sanity/ignore-2.15.txt", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "ccc7d836b365401a29253c3db1fef85f976a8977eb57332de1136187ac45f39a", + "chksum_sha256": "66b5d2222c0ea982efa4ccbc5fffad980cfbc17001a6cf39b072297715cc22b8", "format": 1 }, { @@ -5884,7 +5898,7 @@ "name": "tests/sanity/ignore-2.16.txt", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "77e2580c039e9062bb354b79bad043392a7e343f11e1797b35b3d28b6955de79", + "chksum_sha256": "6a8d217bd175553fa6b355e3a2ce4d891d6593ffcacc639d44f6c84a45feaaa1", "format": 1 }, { @@ -6251,6 +6265,20 @@ "chksum_sha256": "5326d0c5adf3f14fbb623ac5efdb75b6f9dd7cd7e6fb5d8c8d099bc6ab58049c", "format": 1 }, + { + "name": "tests/unit/plugins/plugin_utils", + "ftype": "dir", + "chksum_type": null, + "chksum_sha256": null, + "format": 1 + }, + { + "name": "tests/unit/plugins/plugin_utils/test_unsafe.py", + "ftype": "file", + "chksum_type": "sha256", + "chksum_sha256": "1568c3ce2e4607a182d8fcafd8d70a78000eec9bd4577ac943af0ab09ef30243", + "format": 1 + }, { "name": "tests/unit/plugins/test_support", "ftype": "dir", @@ -6388,7 +6416,7 @@ "name": "CHANGELOG.md", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "b7838b371ac49712b398b2cc47e2959e020fbe727275fc1052c8e49489bc3596", + "chksum_sha256": "42e61d2b2354fbf9c5f2da9873c0477a1c16afede7b23e7fa222f25a158f7590", "format": 1 }, { @@ -6402,7 +6430,7 @@ "name": "CHANGELOG.rst", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "8593cb523e7f0bfece19e9dd82a25d06277269451d1334d15c15a868272bcb63", + "chksum_sha256": "5f823c49d14587f6dfa983c8f2359a9a5ff36e0e34c73615f01eb6504d9d0f9b", "format": 1 }, { @@ -6423,7 +6451,7 @@ "name": "README.md", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "18391f2b88eae674b860ad2cd1ac1426dc64299c91965aa4d30b69ff269aac5f", + "chksum_sha256": "12a411f378daee55c2ac25a7a41f2ee0884183830ff2df254a54ebe58f188c62", "format": 1 } ], diff --git a/ansible_collections/community/docker/MANIFEST.json b/ansible_collections/community/docker/MANIFEST.json index 447bfc1ce..69ffc1b62 100644 --- a/ansible_collections/community/docker/MANIFEST.json +++ b/ansible_collections/community/docker/MANIFEST.json @@ -2,7 +2,7 @@ "collection_info": { "namespace": "community", "name": "docker", - "version": "3.9.0", + "version": "3.10.3", "authors": [ "Ansible Docker Working Group" ], @@ -28,7 +28,7 @@ "name": "FILES.json", "ftype": "file", "chksum_type": "sha256", - "chksum_sha256": "f1b0cee31d5d2e869134e845593489c03632024171cd300f35688fb089e7bf2d", + "chksum_sha256": "c5b11456e6a1ea1ee5144451aa5a1c46f7f835b3102db5ad06d16a005b4af551", "format": 1 }, "format": 1 diff --git a/ansible_collections/community/docker/README.md b/ansible_collections/community/docker/README.md index 0d169c54a..2a2a9cc3f 100644 --- a/ansible_collections/community/docker/README.md +++ b/ansible_collections/community/docker/README.md @@ -9,6 +9,7 @@ SPDX-License-Identifier: GPL-3.0-or-later [![Doc](https://img.shields.io/badge/docs-brightgreen.svg)](https://docs.ansible.com/ansible/latest/collections/community/docker/) [![Build Status](https://dev.azure.com/ansible/community.docker/_apis/build/status/CI?branchName=main)](https://dev.azure.com/ansible/community.docker/_build?definitionId=25) [![Codecov](https://img.shields.io/codecov/c/github/ansible-collections/community.docker)](https://codecov.io/gh/ansible-collections/community.docker) +[![REUSE status](https://api.reuse.software/badge/github.com/ansible-collections/community.docker)](https://api.reuse.software/info/github.com/ansible-collections/community.docker) This repo contains the `community.docker` Ansible Collection. The collection includes many modules and plugins to work with Docker. @@ -78,7 +79,7 @@ If you use the Ansible package and do not update collections independently, use - community.docker.docker_volume: manage Docker volumes - community.docker.docker_volume_info: retrieve information on Docker volumes * Docker Compose: - - community.docker.docker_compose: manage Docker Compose files (legacy Docker Compose v1) + - community.docker.docker_compose: manage Docker Compose files (legacy Docker Compose v1; the module is deprecated and will be removed from community.docker 4.0.0) - community.docker.docker_compose_v2: manage Docker Compose files (Docker compose CLI plugin) - community.docker.docker_compose_v2_pull: pull a Docker compose project * Docker Swarm: diff --git a/ansible_collections/community/docker/changelogs/changelog.yaml b/ansible_collections/community/docker/changelogs/changelog.yaml index fc22ba446..ba40629e7 100644 --- a/ansible_collections/community/docker/changelogs/changelog.yaml +++ b/ansible_collections/community/docker/changelogs/changelog.yaml @@ -1002,6 +1002,102 @@ releases: - 466-add-data-path-port.yml - licenses.yml release_date: '2022-09-08' + 3.10.0: + changes: + deprecated_features: + - docker_compose - the Docker Compose v1 module is deprecated and will be removed + from community.docker 4.0.0. Please migrate to the ``community.docker.docker_compose_v2`` + module, which works with Docker Compose v2 (https://github.com/ansible-collections/community.docker/issues/823, + https://github.com/ansible-collections/community.docker/pull/833). + - various modules and plugins - the ``ssl_version`` option has been deprecated + and will be removed from community.docker 4.0.0. It has already been removed + from Docker SDK for Python 7.0.0, and was only necessary in the past to work + around SSL/TLS issues (https://github.com/ansible-collections/community.docker/pull/853). + minor_changes: + - docker_container - adds ``healthcheck.start_interval`` to support healthcheck + start interval setting on containers (https://github.com/ansible-collections/community.docker/pull/848). + - docker_container - adds ``healthcheck.test_cli_compatible`` to allow omit + test option on containers without remove existing image test (https://github.com/ansible-collections/community.docker/pull/847). + - docker_image_build - add ``outputs`` option to allow configuring outputs for + the build (https://github.com/ansible-collections/community.docker/pull/852). + - docker_image_build - add ``secrets`` option to allow passing secrets to the + build (https://github.com/ansible-collections/community.docker/pull/852). + - docker_image_build - allow ``platform`` to be a list of platforms instead + of only a single platform for multi-platform builds (https://github.com/ansible-collections/community.docker/pull/852). + - docker_network - adds ``config_only`` and ``config_from`` to support creating + and using config only networks (https://github.com/ansible-collections/community.docker/issues/395). + - docker_prune - add new options ``builder_cache_all``, ``builder_cache_filters``, + and ``builder_cache_keep_storage``, and a new return value ``builder_cache_caches_deleted`` + for pruning build caches (https://github.com/ansible-collections/community.docker/issues/844, + https://github.com/ansible-collections/community.docker/issues/845). + - docker_swarm_service - adds ``sysctls`` to support sysctl settings on swarm + services (https://github.com/ansible-collections/community.docker/issues/190). + release_summary: Feature release. + fragments: + - 3.10.0.yml + - 836-docker_swarm_service-sysctls.yml + - 843-docker_network-config-from-config-only.yml + - 845-docker_prune.yml + - 847-docker_container-heackcheck-test_cli_compatible.yml + - 848-docker_api-healthcheck-start-interval.yml + - 852-docker_image_build.yml + - 853-ssl_version.yml + - deprecate-compose-v1.yml + release_date: '2024-05-19' + 3.10.1: + changes: + bugfixes: + - vendored Docker SDK for Python - include a hotfix for requests 2.32.0 compatibility + (https://github.com/ansible-collections/community.docker/issues/860, https://github.com/docker/docker-py/issues/3256, + https://github.com/ansible-collections/community.docker/pull/861). + known_issues: + - 'Please note that the fix for requests 2.32.0 included in community.docker + 3.10.1 only + + fixes problems with the *vendored* Docker SDK for Python code. Modules and + plugins that + + use Docker SDK for Python can still fail due to the SDK currently being incompatible + + with requests 2.32.0. + + + If you still experience problems with requests 2.32.0, such as error messages + like + + ``Not supported URL scheme http+docker``, please restrict requests to ``<2.32.0``. + + ' + release_summary: 'Hotfix release for requests 2.32.0 compatibility. + + ' + fragments: + - 3.10.1.yml + - 862-requests.yml + release_date: '2024-05-20' + 3.10.2: + changes: + bugfixes: + - vendored Docker SDK for Python - include a fix requests 2.32.2+ compatibility + (https://github.com/ansible-collections/community.docker/issues/860, https://github.com/psf/requests/issues/6707, + https://github.com/ansible-collections/community.docker/pull/864). + release_summary: Bugfix release. + fragments: + - 3.10.2.yml + - 864-requests.yml + release_date: '2024-05-21' + 3.10.3: + changes: + bugfixes: + - docker and nsenter connection plugins, docker_container_exec module - avoid + using the deprecated ``ansible.module_utils.compat.selectors`` module util + with Python 3 (https://github.com/ansible-collections/community.docker/issues/870, + https://github.com/ansible-collections/community.docker/pull/871). + release_summary: Bugfix release. + fragments: + - 3.10.3.yml + - 871-selectors.yml + release_date: '2024-05-26' 3.2.0: changes: deprecated_features: diff --git a/ansible_collections/community/docker/changelogs/config.yaml b/ansible_collections/community/docker/changelogs/config.yaml index 1fd1d794d..2959c161e 100644 --- a/ansible_collections/community/docker/changelogs/config.yaml +++ b/ansible_collections/community/docker/changelogs/config.yaml @@ -35,3 +35,5 @@ sections: - Known Issues title: Docker Community Collection trivial_section_name: trivial +use_fqcn: true +add_plugin_period: true diff --git a/ansible_collections/community/docker/docs/docsite/rst/scenario_guide.rst b/ansible_collections/community/docker/docs/docsite/rst/scenario_guide.rst index 203aa57d2..395b71003 100644 --- a/ansible_collections/community/docker/docs/docsite/rst/scenario_guide.rst +++ b/ansible_collections/community/docker/docs/docsite/rst/scenario_guide.rst @@ -272,12 +272,13 @@ No further requirements next to to the CLI tool and its Docker Compose plugin ar Docker Compose v1 ................. -The :ansplugin:`community.docker.docker_compose module ` +The deprecated :ansplugin:`community.docker.docker_compose module ` allows you to use your existing Docker compose files to orchestrate containers on a single Docker daemon or on Swarm. This module uses the out-dated and End of Life version 1.x of Docker Compose. It should mainly be used for legacy systems -which still have to use that version of Docker Compose. +which still have to use that version of Docker Compose. **The module is deprecated and will be removed from community.docker 4.0.0.** +Please use the Docker Compose v2 modules instead. -You need to install the `old Python docker-compose `_ on the remote machines to use the module. +You need to install the `old Python docker-compose `_ on the remote machines to use the Docker Compose v1 module. Docker Machine diff --git a/ansible_collections/community/docker/meta/runtime.yml b/ansible_collections/community/docker/meta/runtime.yml index 0ddd09fa3..e29f84be1 100644 --- a/ansible_collections/community/docker/meta/runtime.yml +++ b/ansible_collections/community/docker/meta/runtime.yml @@ -41,3 +41,10 @@ action_groups: - docker_swarm_service_info - docker_volume - docker_volume_info + +plugin_routing: + modules: + docker_compose: + deprecation: + removal_version: 4.0.0 + warning_text: This module uses docker-compose v1, which is End of Life since July 2022. Please migrate to community.docker.docker_compose_v2. diff --git a/ansible_collections/community/docker/plugins/connection/docker.py b/ansible_collections/community/docker/plugins/connection/docker.py index 68247dae2..133fe6a75 100644 --- a/ansible_collections/community/docker/plugins/connection/docker.py +++ b/ansible_collections/community/docker/plugins/connection/docker.py @@ -83,7 +83,6 @@ import os.path import subprocess import re -from ansible.compat import selectors from ansible.errors import AnsibleError, AnsibleFileNotFound from ansible.module_utils.six.moves import shlex_quote from ansible.module_utils.common.process import get_bin_path @@ -91,6 +90,7 @@ from ansible.module_utils.common.text.converters import to_bytes, to_native, to_ from ansible.plugins.connection import ConnectionBase, BUFSIZE from ansible.utils.display import Display +from ansible_collections.community.docker.plugins.module_utils.selectors import selectors from ansible_collections.community.docker.plugins.module_utils.version import LooseVersion display = Display() diff --git a/ansible_collections/community/docker/plugins/connection/docker_api.py b/ansible_collections/community/docker/plugins/connection/docker_api.py index 3b99281c3..a6dec85aa 100644 --- a/ansible_collections/community/docker/plugins/connection/docker_api.py +++ b/ansible_collections/community/docker/plugins/connection/docker_api.py @@ -21,6 +21,7 @@ notes: with Python's C(SSLSocket)s. See U(https://github.com/ansible-collections/community.docker/issues/605) for more information. extends_documentation_fragment: - community.docker.docker.api_documentation + - community.docker.docker.ssl_version_deprecation - community.docker.docker.var_names options: remote_user: diff --git a/ansible_collections/community/docker/plugins/connection/nsenter.py b/ansible_collections/community/docker/plugins/connection/nsenter.py index f429f8cef..ccc660b99 100644 --- a/ansible_collections/community/docker/plugins/connection/nsenter.py +++ b/ansible_collections/community/docker/plugins/connection/nsenter.py @@ -50,13 +50,15 @@ import fcntl import ansible.constants as C from ansible.errors import AnsibleError -from ansible.module_utils.compat import selectors from ansible.module_utils.six import binary_type, text_type from ansible.module_utils.common.text.converters import to_bytes, to_native, to_text from ansible.plugins.connection import ConnectionBase from ansible.utils.display import Display from ansible.utils.path import unfrackpath +from ansible_collections.community.docker.plugins.module_utils.selectors import selectors + + display = Display() diff --git a/ansible_collections/community/docker/plugins/doc_fragments/docker.py b/ansible_collections/community/docker/plugins/doc_fragments/docker.py index 92989a97b..2c78c5fae 100644 --- a/ansible_collections/community/docker/plugins/doc_fragments/docker.py +++ b/ansible_collections/community/docker/plugins/doc_fragments/docker.py @@ -392,3 +392,12 @@ notes: - This module does B(not) use the L(Docker SDK for Python,https://docker-py.readthedocs.io/en/stable/) to communicate with the Docker daemon. It directly calls the Docker CLI program. ''' + + # DEPRECATED: this will be removed from community.docker 4.0.0! Use with care! + SSL_VERSION_DEPRECATION = ''' +options: + ssl_version: + deprecated: + why: This was necessary a long time ago to handle problems with older TLS/SSL versions. It is no longer necessary nowadays. + version: 4.0.0 +''' diff --git a/ansible_collections/community/docker/plugins/inventory/docker_containers.py b/ansible_collections/community/docker/plugins/inventory/docker_containers.py index 0cae05472..f353b03bd 100644 --- a/ansible_collections/community/docker/plugins/inventory/docker_containers.py +++ b/ansible_collections/community/docker/plugins/inventory/docker_containers.py @@ -21,6 +21,7 @@ author: extends_documentation_fragment: - ansible.builtin.constructed - community.docker.docker.api_documentation + - community.docker.docker.ssl_version_deprecation - community.library_inventory_filtering_v1.inventory_filter description: - Reads inventories from the Docker API. diff --git a/ansible_collections/community/docker/plugins/inventory/docker_swarm.py b/ansible_collections/community/docker/plugins/inventory/docker_swarm.py index acceac86c..6d1556ff5 100644 --- a/ansible_collections/community/docker/plugins/inventory/docker_swarm.py +++ b/ansible_collections/community/docker/plugins/inventory/docker_swarm.py @@ -78,6 +78,9 @@ DOCUMENTATION = ''' - Provide a valid SSL version number. Default value determined by L(SSL Python module, https://docs.python.org/3/library/ssl.html). type: str + deprecated: + why: This was necessary a long time ago to handle problems with SSL versions. It is no longer necessary nowadays. + version: 4.0.0 api_version: description: - The version of the Docker API running on the Docker Host. diff --git a/ansible_collections/community/docker/plugins/module_utils/_api/transport/basehttpadapter.py b/ansible_collections/community/docker/plugins/module_utils/_api/transport/basehttpadapter.py index 2afa60aea..14062a0ba 100644 --- a/ansible_collections/community/docker/plugins/module_utils/_api/transport/basehttpadapter.py +++ b/ansible_collections/community/docker/plugins/module_utils/_api/transport/basehttpadapter.py @@ -18,3 +18,15 @@ class BaseHTTPAdapter(_HTTPAdapter): super(BaseHTTPAdapter, self).close() if hasattr(self, 'pools'): self.pools.clear() + + # Hotfix for requests 2.32.0 and 2.32.1: its commit + # https://github.com/psf/requests/commit/c0813a2d910ea6b4f8438b91d315b8d181302356 + # changes requests.adapters.HTTPAdapter to no longer call get_connection() from + # send(), but instead call _get_connection(). + def _get_connection(self, request, *args, **kwargs): + return self.get_connection(request.url, kwargs.get('proxies')) + + # Fix for requests 2.32.2+: + # https://github.com/psf/requests/commit/c98e4d133ef29c46a9b68cd783087218a8075e05 + def get_connection_with_tls_context(self, request, verify, proxies=None, cert=None): + return self.get_connection(request.url, proxies) diff --git a/ansible_collections/community/docker/plugins/module_utils/module_container/base.py b/ansible_collections/community/docker/plugins/module_utils/module_container/base.py index 0f776aa5c..410ffb153 100644 --- a/ansible_collections/community/docker/plugins/module_utils/module_container/base.py +++ b/ansible_collections/community/docker/plugins/module_utils/module_container/base.py @@ -935,9 +935,11 @@ OPTION_HEALTHCHECK = ( OptionGroup(preprocess=_preprocess_healthcheck) .add_option('healthcheck', type='dict', ansible_suboptions=dict( test=dict(type='raw'), + test_cli_compatible=dict(type='bool', default=False), interval=dict(type='str'), timeout=dict(type='str'), start_period=dict(type='str'), + start_interval=dict(type='str'), retries=dict(type='int'), )) ) diff --git a/ansible_collections/community/docker/plugins/module_utils/module_container/docker_api.py b/ansible_collections/community/docker/plugins/module_utils/module_container/docker_api.py index 61a5500c9..d3da84fe5 100644 --- a/ansible_collections/community/docker/plugins/module_utils/module_container/docker_api.py +++ b/ansible_collections/community/docker/plugins/module_utils/module_container/docker_api.py @@ -436,6 +436,7 @@ class DockerAPIEngine(Engine): min_api_version=None, preprocess_value=None, update_parameter=None, + extra_option_minimal_versions=None, ): def preprocess_value_(module, client, api_version, options, values): if len(options) != 1: @@ -499,6 +500,7 @@ class DockerAPIEngine(Engine): set_value=set_value, min_api_version=min_api_version, update_value=update_value, + extra_option_minimal_versions=extra_option_minimal_versions, ) @classmethod @@ -512,6 +514,7 @@ class DockerAPIEngine(Engine): min_api_version=None, preprocess_value=None, update_parameter=None, + extra_option_minimal_versions=None, ): def preprocess_value_(module, client, api_version, options, values): if len(options) != 1: @@ -577,6 +580,7 @@ class DockerAPIEngine(Engine): set_value=set_value, min_api_version=min_api_version, update_value=update_value, + extra_option_minimal_versions=extra_option_minimal_versions, ) @@ -742,7 +746,7 @@ def _preprocess_etc_hosts(module, client, api_version, value): def _preprocess_healthcheck(module, client, api_version, value): if value is None: return value - if not value or not value.get('test'): + if not value or not (value.get('test') or (value.get('test_cli_compatible') and value.get('test') is None)): value = {'test': ['NONE']} elif 'test' in value: value['test'] = normalize_healthcheck_test(value['test']) @@ -751,6 +755,7 @@ def _preprocess_healthcheck(module, client, api_version, value): 'Interval': value.get('interval'), 'Timeout': value.get('timeout'), 'StartPeriod': value.get('start_period'), + 'StartInterval': value.get('start_interval'), 'Retries': value.get('retries'), }) @@ -1300,7 +1305,16 @@ OPTION_ETC_HOSTS.add_engine('docker_api', DockerAPIEngine.host_config_value('Ext OPTION_GROUPS.add_engine('docker_api', DockerAPIEngine.host_config_value('GroupAdd')) OPTION_HEALTHCHECK.add_engine('docker_api', DockerAPIEngine.config_value( - 'Healthcheck', preprocess_value=_preprocess_healthcheck, postprocess_for_get=_postprocess_healthcheck_get_value)) + 'Healthcheck', + preprocess_value=_preprocess_healthcheck, + postprocess_for_get=_postprocess_healthcheck_get_value, + extra_option_minimal_versions={ + 'healthcheck.start_interval': { + 'docker_api_version': '1.44', + 'detect_usage': lambda c: c.module.params['healthcheck'] and c.module.params['healthcheck']['start_interval'] is not None, + }, + }, +)) OPTION_HOSTNAME.add_engine('docker_api', DockerAPIEngine.config_value('Hostname')) diff --git a/ansible_collections/community/docker/plugins/module_utils/selectors.py b/ansible_collections/community/docker/plugins/module_utils/selectors.py new file mode 100644 index 000000000..ca52cc877 --- /dev/null +++ b/ansible_collections/community/docker/plugins/module_utils/selectors.py @@ -0,0 +1,21 @@ +# -*- coding: utf-8 -*- + +# Copyright (c) 2024, Felix Fontein +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +"""Provide selectors import.""" + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +# Once we drop support for ansible-core 2.16, we can remove the try/except. + +from sys import version_info as _python_version_info + + +if _python_version_info < (3, 4): + from ansible.module_utils.compat import selectors # noqa: F401, pylint: disable=unused-import +else: + import selectors # noqa: F401, pylint: disable=unused-import diff --git a/ansible_collections/community/docker/plugins/module_utils/util.py b/ansible_collections/community/docker/plugins/module_utils/util.py index efd3301f1..9235e34d7 100644 --- a/ansible_collections/community/docker/plugins/module_utils/util.py +++ b/ansible_collections/community/docker/plugins/module_utils/util.py @@ -29,7 +29,12 @@ DOCKER_COMMON_ARGS = dict( ca_path=dict(type='path', aliases=['ca_cert', 'tls_ca_cert', 'cacert_path']), client_cert=dict(type='path', aliases=['tls_client_cert', 'cert_path']), client_key=dict(type='path', aliases=['tls_client_key', 'key_path']), - ssl_version=dict(type='str', fallback=(env_fallback, ['DOCKER_SSL_VERSION'])), + ssl_version=dict( + type='str', + fallback=(env_fallback, ['DOCKER_SSL_VERSION']), + removed_in_version='4.0.0', + removed_from_collection='community.docker', + ), tls=dict(type='bool', default=DEFAULT_TLS, fallback=(env_fallback, ['DOCKER_TLS'])), use_ssh_client=dict(type='bool', default=False), validate_certs=dict(type='bool', default=DEFAULT_TLS_VERIFY, fallback=(env_fallback, ['DOCKER_TLS_VERIFY']), aliases=['tls_verify']), @@ -348,9 +353,9 @@ def normalize_healthcheck(healthcheck, normalize_test=False): result = dict() # All supported healthcheck parameters - options = ('test', 'interval', 'timeout', 'start_period', 'retries') + options = ('test', 'test_cli_compatible', 'interval', 'timeout', 'start_period', 'start_interval', 'retries') - duration_options = ('interval', 'timeout', 'start_period') + duration_options = ('interval', 'timeout', 'start_period', 'start_interval') for key in options: if key in healthcheck: @@ -361,7 +366,7 @@ def normalize_healthcheck(healthcheck, normalize_test=False): continue if key in duration_options: value = convert_duration_to_nanosecond(value) - if not value: + if not value and not (healthcheck.get('test_cli_compatible') and key == 'test'): continue if key == 'retries': try: @@ -371,7 +376,7 @@ def normalize_healthcheck(healthcheck, normalize_test=False): 'Cannot parse number of retries for healthcheck. ' 'Expected an integer, got "{0}".'.format(value) ) - if key == 'test' and normalize_test: + if key == 'test' and value and normalize_test: value = normalize_healthcheck_test(value) result[key] = value diff --git a/ansible_collections/community/docker/plugins/modules/docker_compose.py b/ansible_collections/community/docker/plugins/modules/docker_compose.py index f8edbee4b..3af3bebb1 100644 --- a/ansible_collections/community/docker/plugins/modules/docker_compose.py +++ b/ansible_collections/community/docker/plugins/modules/docker_compose.py @@ -14,6 +14,11 @@ module: docker_compose short_description: Manage multi-container Docker applications with Docker Compose V1 +deprecated: + removed_in: 4.0.0 + why: This module uses docker-compose v1, which is End of Life since July 2022. + alternative: Migrate to M(community.docker.docker_compose_v2) + author: "Chris Houseknecht (@chouseknecht)" description: diff --git a/ansible_collections/community/docker/plugins/modules/docker_container.py b/ansible_collections/community/docker/plugins/modules/docker_container.py index d7dbc3780..60768637f 100644 --- a/ansible_collections/community/docker/plugins/modules/docker_container.py +++ b/ansible_collections/community/docker/plugins/modules/docker_container.py @@ -369,7 +369,7 @@ options: - Configure a check that is run to determine whether or not containers for this service are "healthy". - "See the docs for the L(HEALTHCHECK Dockerfile instruction,https://docs.docker.com/engine/reference/builder/#healthcheck) for details on how healthchecks work." - - "O(healthcheck.interval), O(healthcheck.timeout) and O(healthcheck.start_period) are specified as durations. + - "O(healthcheck.interval), O(healthcheck.timeout), O(healthcheck.start_period), and O(healthcheck.start_interval) are specified as durations. They accept duration as a string in a format that look like: V(5h34m56s), V(1m30s), and so on. The supported units are V(us), V(ms), V(s), V(m) and V(h)." type: dict @@ -379,6 +379,16 @@ options: - Command to run to check health. - Must be either a string or a list. If it is a list, the first item must be one of V(NONE), V(CMD) or V(CMD-SHELL). type: raw + test_cli_compatible: + description: + - If set to V(true), omitting O(healthcheck.test) while providing O(healthcheck) does not disable healthchecks, + but simply overwrites the image's values by the ones specified in O(healthcheck). This is + the behavior used by the Docker CLI. + - If set to V(false), omitting O(healthcheck.test) will disable the container's health check. + This is the classical behavior of the module and currently the default behavior. + default: false + type: bool + version_added: 3.10.0 interval: description: - Time between running the check. @@ -399,6 +409,12 @@ options: - Start period for the container to initialize before starting health-retries countdown. - The default used by the Docker daemon is V(0s). type: str + start_interval: + description: + - Time between health checks during the start period. This option requires Docker Engine version 25.0 or later. + - The default used by the Docker daemon is V(5s). + type: str + version_added: 3.10.0 hostname: description: - The container's hostname. @@ -1196,6 +1212,7 @@ EXAMPLES = ''' timeout: 10s retries: 3 start_period: 30s + start_interval: 10s - name: Remove healthcheck from container community.docker.docker_container: diff --git a/ansible_collections/community/docker/plugins/modules/docker_container_exec.py b/ansible_collections/community/docker/plugins/modules/docker_container_exec.py index 0d92dad96..251af5bcd 100644 --- a/ansible_collections/community/docker/plugins/modules/docker_container_exec.py +++ b/ansible_collections/community/docker/plugins/modules/docker_container_exec.py @@ -162,7 +162,6 @@ import shlex import traceback from ansible.module_utils.common.text.converters import to_text, to_bytes, to_native -from ansible.module_utils.compat import selectors from ansible.module_utils.six import string_types from ansible_collections.community.docker.plugins.module_utils.common_api import ( @@ -170,6 +169,8 @@ from ansible_collections.community.docker.plugins.module_utils.common_api import RequestException, ) +from ansible_collections.community.docker.plugins.module_utils.selectors import selectors + from ansible_collections.community.docker.plugins.module_utils.socket_handler import ( DockerSocketHandlerModule, ) diff --git a/ansible_collections/community/docker/plugins/modules/docker_image_build.py b/ansible_collections/community/docker/plugins/modules/docker_image_build.py index 7f9502098..48478b550 100644 --- a/ansible_collections/community/docker/plugins/modules/docker_image_build.py +++ b/ansible_collections/community/docker/plugins/modules/docker_image_build.py @@ -18,6 +18,9 @@ version_added: 3.6.0 description: - This module allows you to build Docker images using Docker's buildx plugin (BuildKit). + - Note that the module is B(not idempotent) in the sense of classical Ansible modules. + The only idempotence check is whether the built image already exists. This check can + be disabled with the O(rebuild) option. extends_documentation_fragment: - community.docker.docker.cli_documentation @@ -89,8 +92,10 @@ options: type: str platform: description: - - Platform in the format C(os[/arch[/variant]]). - type: str + - Platforms in the format C(os[/arch[/variant]]). + - Since community.docker 3.10.0 this can be a list of platforms, instead of just a single platform. + type: list + elements: str shm_size: description: - "Size of C(/dev/shm) in format C([]). Number is positive integer. @@ -110,7 +115,121 @@ options: - never - always default: never - + secrets: + description: + - Secrets to expose to the build. + type: list + elements: dict + version_added: 3.10.0 + suboptions: + id: + description: + - The secret identifier. + - The secret will be made available as a file in the container under C(/run/secrets/). + type: str + required: true + type: + description: + - Type of the secret. + type: str + choices: + file: + - Reads the secret from a file on the target. + - The file must be specified in O(secrets[].src). + env: + - Reads the secret from an environment variable on the target. + - The environment variable must be named in O(secrets[].env). + - Note that this requires the Buildkit plugin to have version 0.6.0 or newer. + value: + - Provides the secret from a given value O(secrets[].value). + - B(Note) that the secret will be passed as an environment variable to C(docker compose). + Use another mean of transport if you consider this not safe enough. + - Note that this requires the Buildkit plugin to have version 0.6.0 or newer. + required: true + src: + description: + - Source path of the secret. + - Only supported and required for O(secrets[].type=file). + type: path + env: + description: + - Environment value of the secret. + - Only supported and required for O(secrets[].type=env). + type: str + value: + description: + - Value of the secret. + - B(Note) that the secret will be passed as an environment variable to C(docker compose). + Use another mean of transport if you consider this not safe enough. + - Only supported and required for O(secrets[].type=value). + type: str + outputs: + description: + - Output destinations. + - You can provide a list of exporters to export the built image in various places. + Note that not all exporters might be supported by the build driver used. + - Note that depending on how this option is used, no image with name O(name) and tag O(tag) might + be created, which can cause the basic idempotency this module offers to not work. + - Providing an empty list to this option is equivalent to not specifying it at all. + The default behavior is a single entry with O(outputs[].type=image). + type: list + elements: dict + version_added: 3.10.0 + suboptions: + type: + description: + - The type of exporter to use. + type: str + choices: + local: + - This export type writes all result files to a directory on the client. + The new files will be owned by the current user. + On multi-platform builds, all results will be put in subdirectories by their platform. + - The destination has to be provided in O(outputs[].dest). + tar: + - This export type export type writes all result files as a single tarball on the client. + On multi-platform builds, all results will be put in subdirectories by their platform. + - The destination has to be provided in O(outputs[].dest). + oci: + - This export type writes the result image or manifest list as an + L(OCI image layout, https://github.com/opencontainers/image-spec/blob/v1.0.1/image-layout.md) + tarball on the client. + - The destination has to be provided in O(outputs[].dest). + docker: + - This export type writes the single-platform result image as a Docker image specification tarball on the client. + Tarballs created by this exporter are also OCI compatible. + - The destination can be provided in O(outputs[].dest). + If not specified, the tar will be loaded automatically to the local image store. + - The Docker context where to import the result can be provided in O(outputs[].context). + image: + - This exporter writes the build result as an image or a manifest list. + When using this driver, the image will appear in C(docker images). + - The image name can be provided in O(outputs[].name). If it is not provided, the + - Optionally, image can be automatically pushed to a registry by setting O(outputs[].push=true). + required: true + dest: + description: + - The destination path. + - Required for O(outputs[].type=local), O(outputs[].type=tar), O(outputs[].type=oci). + - Optional for O(outputs[].type=docker). + type: path + context: + description: + - Name for the Docker context where to import the result. + - Optional for O(outputs[].type=docker). + type: str + name: + description: + - Name under which the image is stored under. + - If not provided, O(name) and O(tag) will be used. + - Optional for O(outputs[].type=image). + type: str + push: + description: + - Whether to push the built image to a registry. + - Only used for O(outputs[].type=image). + type: bool + default: false requirements: - "Docker CLI with Docker buildx plugin" @@ -128,6 +247,15 @@ EXAMPLES = ''' name: localhost/python/3.12:latest path: /home/user/images/python dockerfile: Dockerfile-3.12 + +- name: Build multi-platform image + community.docker.docker_image_build: + name: multi-platform-image + tag: "1.5.2" + path: /home/user/images/multi-platform + platform: + - linux/amd64 + - linux/arm64/v8 ''' RETURN = ''' @@ -138,6 +266,7 @@ image: sample: {} ''' +import base64 import os import traceback @@ -156,6 +285,8 @@ from ansible_collections.community.docker.plugins.module_utils.util import ( is_valid_tag, ) +from ansible_collections.community.docker.plugins.module_utils.version import LooseVersion + from ansible_collections.community.docker.plugins.module_utils._api.utils.utils import ( parse_repository_tag, ) @@ -194,10 +325,26 @@ class ImageBuilder(DockerBaseClass): self.shm_size = convert_to_bytes(parameters['shm_size'], self.client.module, 'shm_size') self.labels = clean_dict_booleans_for_docker_api(parameters['labels']) self.rebuild = parameters['rebuild'] + self.secrets = parameters['secrets'] + self.outputs = parameters['outputs'] buildx = self.client.get_client_plugin_info('buildx') if buildx is None: self.fail('Docker CLI {0} does not have the buildx plugin installed'.format(self.client.get_cli())) + buildx_version = buildx['Version'].lstrip('v') + + if self.secrets: + for secret in self.secrets: + if secret['type'] in ('env', 'value'): + if LooseVersion(buildx_version) < LooseVersion('0.6.0'): + self.fail('The Docker buildx plugin has version {version}, but 0.6.0 is needed for secrets of type=env and type=value'.format( + version=buildx_version, + )) + if self.outputs and len(self.outputs) > 1: + if LooseVersion(buildx_version) < LooseVersion('0.13.0'): + self.fail('The Docker buildx plugin has version {version}, but 0.13.0 is needed to specify more than one output'.format( + version=buildx_version, + )) self.path = parameters['path'] if not os.path.isdir(self.path): @@ -230,6 +377,7 @@ class ImageBuilder(DockerBaseClass): args.extend([option, value]) def add_args(self, args): + environ_update = {} args.extend(['--tag', '%s:%s' % (self.name, self.tag)]) if self.dockerfile: args.extend(['--file', os.path.join(self.path, self.dockerfile)]) @@ -248,11 +396,54 @@ class ImageBuilder(DockerBaseClass): if self.target: args.extend(['--target', self.target]) if self.platform: - args.extend(['--platform', self.platform]) + for platform in self.platform: + args.extend(['--platform', platform]) if self.shm_size: args.extend(['--shm-size', str(self.shm_size)]) if self.labels: self.add_list_arg(args, '--label', dict_to_list(self.labels)) + if self.secrets: + random_prefix = None + for index, secret in enumerate(self.secrets): + if secret['type'] == 'file': + args.extend(['--secret', 'id={id},type=file,src={src}'.format(id=secret['id'], src=secret['src'])]) + if secret['type'] == 'env': + args.extend(['--secret', 'id={id},type=env,env={env}'.format(id=secret['id'], env=secret['src'])]) + if secret['type'] == 'value': + # We pass values on using environment variables. The user has been warned in the documentation + # that they should only use this mechanism when being comfortable with it. + if random_prefix is None: + # Use /dev/urandom to generate some entropy to make the environment variable's name unguessable + random_prefix = base64.b64encode(os.urandom(16)).decode('utf-8').replace('=', '') + env_name = 'ANSIBLE_DOCKER_COMPOSE_ENV_SECRET_{random}_{id}'.format( + random=random_prefix, + id=index, + ) + environ_update[env_name] = secret['value'] + args.extend(['--secret', 'id={id},type=env,env={env}'.format(id=secret['id'], env=env_name)]) + if self.outputs: + for output in self.outputs: + if output['type'] == 'local': + args.extend(['--output', 'type=local,dest={dest}'.format(dest=output['dest'])]) + if output['type'] == 'tar': + args.extend(['--output', 'type=tar,dest={dest}'.format(dest=output['dest'])]) + if output['type'] == 'oci': + args.extend(['--output', 'type=oci,dest={dest}'.format(dest=output['dest'])]) + if output['type'] == 'docker': + more = [] + if output['dest'] is not None: + more.append('dest={dest}'.format(dest=output['dest'])) + if output['dest'] is not None: + more.append('context={context}'.format(context=output['context'])) + args.extend(['--output', 'type=docker,{more}'.format(more=','.join(more))]) + if output['type'] == 'image': + more = [] + if output['name'] is not None: + more.append('name={name}'.format(name=output['name'])) + if output['push']: + more.append('push=true') + args.extend(['--output', 'type=image,{more}'.format(more=','.join(more))]) + return environ_update def build_image(self): image = self.client.find_image(self.name, self.tag) @@ -269,9 +460,9 @@ class ImageBuilder(DockerBaseClass): results['changed'] = True if not self.check_mode: args = ['buildx', 'build', '--progress', 'plain'] - self.add_args(args) + environ_update = self.add_args(args) args.extend(['--', self.path]) - rc, stdout, stderr = self.client.call_cli(*args) + rc, stdout, stderr = self.client.call_cli(*args, environ_update=environ_update) if rc != 0: self.fail('Building %s:%s failed' % (self.name, self.tag), stdout=to_native(stdout), stderr=to_native(stderr)) results['stdout'] = to_native(stdout) @@ -294,10 +485,52 @@ def main(): etc_hosts=dict(type='dict'), args=dict(type='dict'), target=dict(type='str'), - platform=dict(type='str'), + platform=dict(type='list', elements='str'), shm_size=dict(type='str'), labels=dict(type='dict'), rebuild=dict(type='str', choices=['never', 'always'], default='never'), + secrets=dict( + type='list', + elements='dict', + options=dict( + id=dict(type='str', required=True), + type=dict(type='str', choices=['file', 'env', 'value'], required=True), + src=dict(type='path'), + env=dict(type='str'), + value=dict(type='str', no_log=True), + ), + required_if=[ + ('type', 'file', ['src']), + ('type', 'env', ['env']), + ('type', 'value', ['value']), + ], + mutually_exclusive=[ + ('src', 'env', 'value'), + ], + no_log=False, + ), + outputs=dict( + type='list', + elements='dict', + options=dict( + type=dict(type='str', choices=['local', 'tar', 'oci', 'docker', 'image'], required=True), + dest=dict(type='path'), + context=dict(type='str'), + name=dict(type='str'), + push=dict(type='bool', default=False), + ), + required_if=[ + ('type', 'local', ['dest']), + ('type', 'tar', ['dest']), + ('type', 'oci', ['dest']), + ], + mutually_exclusive=[ + ('dest', 'name'), + ('dest', 'push'), + ('context', 'name'), + ('context', 'push'), + ], + ), ) client = AnsibleModuleDockerClient( diff --git a/ansible_collections/community/docker/plugins/modules/docker_network.py b/ansible_collections/community/docker/plugins/modules/docker_network.py index 5670ceea0..c5dd3b229 100644 --- a/ansible_collections/community/docker/plugins/modules/docker_network.py +++ b/ansible_collections/community/docker/plugins/modules/docker_network.py @@ -35,6 +35,18 @@ options: aliases: - network_name + config_from: + description: + - Specifies the config only network to use the config from. + type: str + version_added: 3.10.0 + + config_only: + description: + - Sets that this is a config only network. + type: bool + version_added: 3.10.0 + connected: description: - List of container names or container IDs to connect to a network. @@ -283,6 +295,8 @@ class TaskParameters(DockerBaseClass): self.name = None self.connected = None + self.config_from = None + self.config_only = None self.driver = None self.driver_options = None self.ipam_driver = None @@ -300,6 +314,11 @@ class TaskParameters(DockerBaseClass): for key, value in client.module.params.items(): setattr(self, key, value) + # config_only sets driver to 'null' (and scope to 'local') so force that here. Otherwise we get + # diffs of 'null' --> 'bridge' given that the driver option defaults to 'bridge'. + if self.config_only: + self.driver = 'null' + def container_names_in_network(network): return [c['Name'] for c in network['Containers'].values()] if network['Containers'] else [] @@ -401,6 +420,14 @@ class DockerNetworkManager(object): :return: (bool, list) ''' differences = DifferenceTracker() + if self.parameters.config_only is not None and self.parameters.config_only != net.get('ConfigOnly', False): + differences.add('config_only', + parameter=self.parameters.config_only, + active=net.get('ConfigOnly', False)) + if self.parameters.config_from is not None and self.parameters.config_from != net.get('ConfigFrom', {}).get('Network', ''): + differences.add('config_from', + parameter=self.parameters.config_from, + active=net.get('ConfigFrom', {}).get('Network', '')) if self.parameters.driver and self.parameters.driver != net['Driver']: differences.add('driver', parameter=self.parameters.driver, @@ -503,6 +530,10 @@ class DockerNetworkManager(object): 'CheckDuplicate': None, } + if self.parameters.config_only is not None: + data['ConfigOnly'] = self.parameters.config_only + if self.parameters.config_from: + data['ConfigFrom'] = {'Network': self.parameters.config_from} if self.parameters.enable_ipv6: data['EnableIPv6'] = True if self.parameters.internal: @@ -630,6 +661,8 @@ class DockerNetworkManager(object): def main(): argument_spec = dict( name=dict(type='str', required=True, aliases=['network_name']), + config_from=dict(type='str'), + config_only=dict(type='bool'), connected=dict(type='list', default=[], elements='str', aliases=['containers']), state=dict(type='str', default='present', choices=['present', 'absent']), driver=dict(type='str', default='bridge'), @@ -653,6 +686,8 @@ def main(): ) option_minimal_versions = dict( + config_from=dict(docker_api_version='1.30'), + config_only=dict(docker_api_version='1.30'), scope=dict(docker_api_version='1.30'), attachable=dict(docker_api_version='1.26'), ) diff --git a/ansible_collections/community/docker/plugins/modules/docker_prune.py b/ansible_collections/community/docker/plugins/modules/docker_prune.py index 1dfbf290e..a333c52fe 100644 --- a/ansible_collections/community/docker/plugins/modules/docker_prune.py +++ b/ansible_collections/community/docker/plugins/modules/docker_prune.py @@ -81,6 +81,28 @@ options: - Whether to prune the builder cache. type: bool default: false + builder_cache_all: + description: + - Whether to remove all types of build cache. + type: bool + default: false + version_added: 3.10.0 + builder_cache_filters: + description: + - A dictionary of filter values used for selecting images to delete. + - "For example, C(until: 10m)." + - See L(the API documentation,https://docs.docker.com/engine/api/v1.44/#tag/Image/operation/BuildPrune) + for more information on possible filters. + type: dict + version_added: 3.10.0 + builder_cache_keep_storage: + description: + - Amount of disk space to keep for cache in format C([])." + - "Number is a positive integer. Unit can be one of V(B) (byte), V(K) (kibibyte, 1024B), V(M) (mebibyte), V(G) (gibibyte), + V(T) (tebibyte), or V(P) (pebibyte)." + - "Omitting the unit defaults to bytes." + type: str + version_added: 3.10.0 author: - "Felix Fontein (@felixfontein)" @@ -181,11 +203,20 @@ builder_cache_space_reclaimed: returned: O(builder_cache=true) type: int sample: 0 +builder_cache_caches_deleted: + description: + - The build caches that were deleted. + returned: O(builder_cache=true) and API version is 1.39 or later + type: list + elements: str + sample: [] + version_added: 3.10.0 ''' import traceback from ansible.module_utils.common.text.converters import to_native +from ansible.module_utils.common.text.formatters import human_to_bytes from ansible_collections.community.docker.plugins.module_utils.common_api import ( AnsibleDockerClient, @@ -209,13 +240,29 @@ def main(): volumes=dict(type='bool', default=False), volumes_filters=dict(type='dict'), builder_cache=dict(type='bool', default=False), + builder_cache_all=dict(type='bool', default=False), + builder_cache_filters=dict(type='dict'), + builder_cache_keep_storage=dict(type='str'), # convert to bytes ) client = AnsibleDockerClient( argument_spec=argument_spec, + option_minimal_versions=dict( + builder_cache=dict(docker_py_version='1.31'), + builder_cache_all=dict(docker_py_version='1.39'), + builder_cache_filters=dict(docker_py_version='1.31'), + builder_cache_keep_storage=dict(docker_py_version='1.39'), + ), # supports_check_mode=True, ) + builder_cache_keep_storage = None + if client.module.params.get('builder_cache_keep_storage') is not None: + try: + builder_cache_keep_storage = human_to_bytes(client.module.params.get('builder_cache_keep_storage')) + except ValueError as exc: + client.module.fail_json(msg='Error while parsing value of builder_cache_keep_storage: {0}'.format(exc)) + try: result = dict() changed = False @@ -256,10 +303,21 @@ def main(): changed = True if client.module.params['builder_cache']: - res = client.post_to_json('/build/prune') + filters = clean_dict_booleans_for_docker_api(client.module.params.get('builder_cache_filters')) + params = {'filters': convert_filters(filters)} + if client.module.params.get('builder_cache_all'): + params['all'] = 'true' + if builder_cache_keep_storage is not None: + params['keep-storage'] = builder_cache_keep_storage + res = client.post_to_json('/build/prune', params=params) result['builder_cache_space_reclaimed'] = res['SpaceReclaimed'] if result['builder_cache_space_reclaimed']: changed = True + if 'CachesDeleted' in res: + # API version 1.39+: return value CachesDeleted (list of str) + result['builder_cache_caches_deleted'] = res['CachesDeleted'] + if result['builder_cache_caches_deleted']: + changed = True result['changed'] = changed client.module.exit_json(**result) diff --git a/ansible_collections/community/docker/plugins/modules/docker_swarm_service.py b/ansible_collections/community/docker/plugins/modules/docker_swarm_service.py index 95cc10366..4660d1138 100644 --- a/ansible_collections/community/docker/plugins/modules/docker_swarm_service.py +++ b/ansible_collections/community/docker/plugins/modules/docker_swarm_service.py @@ -83,6 +83,11 @@ options: - Dictionary of key value pairs. - Corresponds to the C(--container-label) option of C(docker service create). type: dict + sysctls: + description: + - Dictionary of key, value pairs. + version_added: 3.10.0 + type: dict dns: description: - List of custom DNS servers. @@ -681,6 +686,7 @@ swarm_service: "engine.labels.operatingsystem == ubuntu 14.04" ], "container_labels": null, + "sysctls": null, "dns": null, "dns_options": null, "dns_search": null, @@ -1226,6 +1232,7 @@ class DockerService(DockerBaseClass): self.log_driver_options = None self.labels = None self.container_labels = None + self.sysctls = None self.limit_cpu = None self.limit_memory = None self.reserve_cpu = None @@ -1292,6 +1299,7 @@ class DockerService(DockerBaseClass): 'placement_preferences': self.placement_preferences, 'labels': self.labels, 'container_labels': self.container_labels, + 'sysctls': self.sysctls, 'mode': self.mode, 'replicas': self.replicas, 'endpoint_mode': self.endpoint_mode, @@ -1539,6 +1547,7 @@ class DockerService(DockerBaseClass): s.tty = ap['tty'] s.labels = ap['labels'] s.container_labels = ap['container_labels'] + s.sysctls = ap['sysctls'] s.mode = ap['mode'] s.stop_signal = ap['stop_signal'] s.user = ap['user'] @@ -1740,6 +1749,8 @@ class DockerService(DockerBaseClass): differences.add('reserve_memory', parameter=self.reserve_memory, active=os.reserve_memory) if self.container_labels is not None and self.container_labels != (os.container_labels or {}): differences.add('container_labels', parameter=self.container_labels, active=os.container_labels) + if self.sysctls is not None and self.sysctls != (os.sysctls or {}): + differences.add('sysctls', parameter=self.sysctls, active=os.sysctls) if self.stop_signal is not None and self.stop_signal != os.stop_signal: differences.add('stop_signal', parameter=self.stop_signal, active=os.stop_signal) if self.stop_grace_period is not None and self.stop_grace_period != os.stop_grace_period: @@ -1934,6 +1945,8 @@ class DockerService(DockerBaseClass): container_spec_args['user'] = self.user if self.container_labels is not None: container_spec_args['labels'] = self.container_labels + if self.sysctls is not None: + container_spec_args['sysctls'] = self.sysctls if self.healthcheck is not None: container_spec_args['healthcheck'] = types.Healthcheck(**self.healthcheck) elif self.healthcheck_disabled: @@ -2163,6 +2176,7 @@ class DockerServiceManager(object): ds.read_only = task_template_data['ContainerSpec'].get('ReadOnly') ds.cap_add = task_template_data['ContainerSpec'].get('CapabilityAdd') ds.cap_drop = task_template_data['ContainerSpec'].get('CapabilityDrop') + ds.sysctls = task_template_data['ContainerSpec'].get('Sysctls') healthcheck_data = task_template_data['ContainerSpec'].get('Healthcheck') if healthcheck_data: @@ -2676,6 +2690,7 @@ def main(): hosts=dict(type='dict'), labels=dict(type='dict'), container_labels=dict(type='dict'), + sysctls=dict(type='dict'), mode=dict( type='str', default='replicated', @@ -2751,6 +2766,7 @@ def main(): init=dict(docker_py_version='4.0.0', docker_api_version='1.37'), cap_add=dict(docker_py_version='5.0.3', docker_api_version='1.41'), cap_drop=dict(docker_py_version='5.0.3', docker_api_version='1.41'), + sysctls=dict(docker_py_version='6.0.0', docker_api_version='1.40'), # specials publish_mode=dict( docker_py_version='3.0.0', diff --git a/ansible_collections/community/docker/plugins/plugin_utils/socket_handler.py b/ansible_collections/community/docker/plugins/plugin_utils/socket_handler.py index 204996f24..e8fd266c8 100644 --- a/ansible_collections/community/docker/plugins/plugin_utils/socket_handler.py +++ b/ansible_collections/community/docker/plugins/plugin_utils/socket_handler.py @@ -6,7 +6,7 @@ from __future__ import (absolute_import, division, print_function) __metaclass__ = type -from ansible.compat import selectors +from ansible_collections.community.docker.plugins.module_utils.selectors import selectors from ansible_collections.community.docker.plugins.module_utils.socket_handler import ( DockerSocketHandlerBase, diff --git a/ansible_collections/community/docker/tests/integration/targets/docker_compose_v2/tasks/main.yml b/ansible_collections/community/docker/tests/integration/targets/docker_compose_v2/tasks/main.yml index 8813f0e71..dbb2ece71 100644 --- a/ansible_collections/community/docker/tests/integration/targets/docker_compose_v2/tasks/main.yml +++ b/ansible_collections/community/docker/tests/integration/targets/docker_compose_v2/tasks/main.yml @@ -20,7 +20,8 @@ # Run the tests - block: - - command: docker compose --help + - name: Show docker compose --help output + command: docker compose --help - include_tasks: run-test.yml with_fileglob: diff --git a/ansible_collections/community/docker/tests/integration/targets/docker_compose_v2_pull/tasks/main.yml b/ansible_collections/community/docker/tests/integration/targets/docker_compose_v2_pull/tasks/main.yml index 8813f0e71..d2c8497b1 100644 --- a/ansible_collections/community/docker/tests/integration/targets/docker_compose_v2_pull/tasks/main.yml +++ b/ansible_collections/community/docker/tests/integration/targets/docker_compose_v2_pull/tasks/main.yml @@ -18,9 +18,13 @@ - debug: msg: "Using name prefix {{ name_prefix }}" +- name: Show images + command: docker images --all --digests + # Run the tests - block: - - command: docker compose --help + - name: Show docker compose --help output + command: docker compose --help - include_tasks: run-test.yml with_fileglob: diff --git a/ansible_collections/community/docker/tests/integration/targets/docker_image_build/tasks/test.yml b/ansible_collections/community/docker/tests/integration/targets/docker_image_build/tasks/test.yml index af6e75b22..57130ef1a 100644 --- a/ansible_collections/community/docker/tests/integration/targets/docker_image_build/tasks/test.yml +++ b/ansible_collections/community/docker/tests/integration/targets/docker_image_build/tasks/test.yml @@ -28,12 +28,24 @@ - Dockerfile - EtcHostsDockerfile - MyDockerfile + - SecretsDockerfile - StagedDockerfile - debug: msg: "Has buildx plugin: {{ docker_has_buildx }}" - block: + - name: Determine plugin versions + command: docker info -f '{{ "{{" }}json .ClientInfo.Plugins{{ "}}" }}' + register: plugin_versions + + - name: Determine buildx plugin version + set_fact: + buildx_version: >- + {{ + (plugin_versions.stdout | from_json | selectattr('Name', 'eq', 'buildx') | map(attribute='Version') | first).lstrip('v') + }} + - include_tasks: run-test.yml with_fileglob: - "tests/*.yml" diff --git a/ansible_collections/community/docker/tests/integration/targets/docker_image_build/tasks/tests/options.yml b/ansible_collections/community/docker/tests/integration/targets/docker_image_build/tasks/tests/options.yml index 990035788..5c1211c71 100644 --- a/ansible_collections/community/docker/tests/integration/targets/docker_image_build/tasks/tests/options.yml +++ b/ansible_collections/community/docker/tests/integration/targets/docker_image_build/tasks/tests/options.yml @@ -202,3 +202,88 @@ - labels_1 is changed - labels_1.image.Config.Labels.FOO == 'BAR' - labels_1.image.Config.Labels["this is a label"] == "this is the label's value" + +#################################################################### +## secrets ######################################################### +#################################################################### + +- name: Generate secret + set_fact: + docker_image_build_secret_value: this is my secret {{ '%0x' % ((2**32) | random) }} + +- when: buildx_version is version('0.6.0', '>=') + block: + - name: Build image with secrets via environment variables + docker_image_build: + name: "{{ iname }}" + path: "{{ remote_tmp_dir }}/files" + dockerfile: "SecretsDockerfile" + pull: false + secrets: + - id: my-awesome-secret + type: value + value: '{{ docker_image_build_secret_value }}' + nocache: true # using a cache can result in the output step being CACHED + register: secrets_1 + + - name: cleanup + docker_image_remove: + name: "{{ iname }}" + + - name: Show image information + debug: + var: secrets_1.stderr_lines + + - assert: + that: + - secrets_1 is changed + - (docker_image_build_secret_value | b64encode) in secrets_1.stderr + +#################################################################### +## outputs ######################################################### +#################################################################### + +- name: Make sure the image is not there + docker_image_remove: + name: "{{ iname }}" + +- name: Make sure the image tarball is not there + file: + path: "{{ remote_tmp_dir }}/container.tar" + state: absent + +- name: Build image with outputs + docker_image_build: + name: "{{ iname }}" + path: "{{ remote_tmp_dir }}/files" + dockerfile: "Dockerfile" + pull: false + outputs: + - type: tar + dest: "{{ remote_tmp_dir }}/container.tar" + register: outputs_1 + +- name: cleanup (should not be changed) + docker_image_remove: + name: "{{ iname }}" + register: outputs_1_cleanup + +- name: Gather information on tarball + stat: + path: "{{ remote_tmp_dir }}/container.tar" + register: outputs_1_stat + +- name: Show image information + debug: + var: outputs_1.image + +- name: Show tarball information + debug: + var: outputs_1_stat.stat + +- assert: + that: + - outputs_1 is changed + - outputs_1.image | length == 0 + - outputs_1_cleanup is not changed + - outputs_1_stat.stat.exists diff --git a/ansible_collections/community/docker/tests/integration/targets/docker_image_build/templates/SecretsDockerfile b/ansible_collections/community/docker/tests/integration/targets/docker_image_build/templates/SecretsDockerfile new file mode 100644 index 000000000..31bec8262 --- /dev/null +++ b/ansible_collections/community/docker/tests/integration/targets/docker_image_build/templates/SecretsDockerfile @@ -0,0 +1,7 @@ +# Copyright (c) 2024, Felix Fontein +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +FROM {{ docker_test_image_busybox }} +RUN --mount=type=secret,id=my-awesome-secret \ + cat /run/secrets/my-awesome-secret | base64 diff --git a/ansible_collections/community/docker/tests/integration/targets/docker_prune/tasks/main.yml b/ansible_collections/community/docker/tests/integration/targets/docker_prune/tasks/main.yml index b2160ef0e..8c1309bc4 100644 --- a/ansible_collections/community/docker/tests/integration/targets/docker_prune/tasks/main.yml +++ b/ansible_collections/community/docker/tests/integration/targets/docker_prune/tasks/main.yml @@ -126,6 +126,28 @@ debug: var: result + - name: Prune build cache (API version 1.39+) + when: docker_api_version is version('1.39', '>=') + block: + - name: Prune build cache with option + docker_prune: + builder_cache: true + builder_cache_all: true + builder_cache_filters: + until: 10m + builder_cache_keep_storage: 1MB + register: result + + - name: Show results + debug: + var: result + + - name: Check results + assert: + that: + - "'builder_cache_space_reclaimed' in result" + - "'builder_cache_caches_deleted' in result" + - name: Prune volumes with all filter (API version 1.42+) when: docker_api_version is version('1.42', '>=') block: diff --git a/ansible_collections/community/docker/tests/integration/targets/docker_swarm_service/vars/main.yml b/ansible_collections/community/docker/tests/integration/targets/docker_swarm_service/vars/main.yml index 836ee41c4..bd8c799e2 100644 --- a/ansible_collections/community/docker/tests/integration/targets/docker_swarm_service/vars/main.yml +++ b/ansible_collections/community/docker/tests/integration/targets/docker_swarm_service/vars/main.yml @@ -58,3 +58,4 @@ service_expected_output: user: null working_dir: null init: null + sysctls: null diff --git a/ansible_collections/community/docker/tests/integration/targets/generic_connection_tests/tasks/main.yml b/ansible_collections/community/docker/tests/integration/targets/generic_connection_tests/tasks/main.yml index abbb02956..e43833b8d 100644 --- a/ansible_collections/community/docker/tests/integration/targets/generic_connection_tests/tasks/main.yml +++ b/ansible_collections/community/docker/tests/integration/targets/generic_connection_tests/tasks/main.yml @@ -174,7 +174,8 @@ - (output_direct.host_info | sanitize_host_info) == (output_https.host_info | sanitize_host_info) always: - - command: docker logs {{ daemon_nginx_frontend }} + - name: Obtain logs from the nginx frontend + command: docker logs {{ daemon_nginx_frontend }} register: output ignore_errors: true - debug: diff --git a/ansible_collections/community/docker/tests/integration/targets/setup_docker/tasks/main.yml b/ansible_collections/community/docker/tests/integration/targets/setup_docker/tasks/main.yml index e3d7c413f..54c27e43e 100644 --- a/ansible_collections/community/docker/tests/integration/targets/setup_docker/tasks/main.yml +++ b/ansible_collections/community/docker/tests/integration/targets/setup_docker/tasks/main.yml @@ -91,7 +91,8 @@ - block: # Cleanup docker daemon - - command: 'docker ps --no-trunc --format {% raw %}"{{.Names}}"{% endraw %}' + - name: Show all containers + command: 'docker ps --no-trunc --format {% raw %}"{{.Names}}"{% endraw %}' - name: "Remove all ansible-docker-test-* docker containers" shell: 'docker ps --no-trunc --format {% raw %}"{{.Names}}"{% endraw %} | grep "^ansible-docker-test-" | xargs -r docker rm -f' diff --git a/ansible_collections/community/docker/tests/integration/targets/setup_docker_cli_compose/tasks/main.yml b/ansible_collections/community/docker/tests/integration/targets/setup_docker_cli_compose/tasks/main.yml index 7a971c229..5a58c982c 100644 --- a/ansible_collections/community/docker/tests/integration/targets/setup_docker_cli_compose/tasks/main.yml +++ b/ansible_collections/community/docker/tests/integration/targets/setup_docker_cli_compose/tasks/main.yml @@ -52,7 +52,8 @@ - name: Obtain Docker Compose version when: docker_has_compose block: - - command: + - name: Obtain docker info + command: cmd: docker info --format '{% raw %}{{ json .ClientInfo.Plugins }}{% endraw %}' register: docker_cli_plugins_stdout - set_fact: diff --git a/ansible_collections/community/docker/tests/integration/targets/setup_docker_compose_v1/vars/Alpine.yml b/ansible_collections/community/docker/tests/integration/targets/setup_docker_compose_v1/vars/Alpine.yml index fb03ae738..65f6f4326 100644 --- a/ansible_collections/community/docker/tests/integration/targets/setup_docker_compose_v1/vars/Alpine.yml +++ b/ansible_collections/community/docker/tests/integration/targets/setup_docker_compose_v1/vars/Alpine.yml @@ -9,3 +9,5 @@ docker_compose_pip_packages: - docker-compose # Force PyYAML to 5.3.1 - PyYAML==5.3.1 + # Force requests to < 2.32.0 (https://github.com/docker/docker-py/issues/3256) + - requests<2.32.0 diff --git a/ansible_collections/community/docker/tests/sanity/ignore-2.11.txt b/ansible_collections/community/docker/tests/sanity/ignore-2.11.txt index 2bc38ac22..8dce572fc 100644 --- a/ansible_collections/community/docker/tests/sanity/ignore-2.11.txt +++ b/ansible_collections/community/docker/tests/sanity/ignore-2.11.txt @@ -11,3 +11,4 @@ plugins/modules/docker_compose_v2.py validate-modules:return-syntax-error plugins/modules/docker_compose_v2_pull.py validate-modules:return-syntax-error plugins/modules/docker_container.py import-2.6!skip # Import uses Python 2.7+ syntax plugins/modules/docker_container_copy_into.py validate-modules:undocumented-parameter # _max_file_size_for_diff is used by the action plugin +plugins/modules/docker_image_build.py validate-modules:invalid-documentation diff --git a/ansible_collections/community/docker/tests/sanity/ignore-2.12.txt b/ansible_collections/community/docker/tests/sanity/ignore-2.12.txt index f3c4575fb..a3d961e4d 100644 --- a/ansible_collections/community/docker/tests/sanity/ignore-2.12.txt +++ b/ansible_collections/community/docker/tests/sanity/ignore-2.12.txt @@ -3,3 +3,4 @@ plugins/modules/current_container_facts.py validate-modules:return-syntax-error plugins/modules/docker_compose_v2.py validate-modules:return-syntax-error plugins/modules/docker_compose_v2_pull.py validate-modules:return-syntax-error plugins/modules/docker_container_copy_into.py validate-modules:undocumented-parameter # _max_file_size_for_diff is used by the action plugin +plugins/modules/docker_image_build.py validate-modules:invalid-documentation diff --git a/ansible_collections/community/docker/tests/sanity/ignore-2.13.txt b/ansible_collections/community/docker/tests/sanity/ignore-2.13.txt index c0d5c549c..ef8aab6c4 100644 --- a/ansible_collections/community/docker/tests/sanity/ignore-2.13.txt +++ b/ansible_collections/community/docker/tests/sanity/ignore-2.13.txt @@ -1,3 +1,4 @@ .azure-pipelines/scripts/publish-codecov.py replace-urlopen plugins/modules/docker_compose_v2.py validate-modules:return-syntax-error plugins/modules/docker_container_copy_into.py validate-modules:undocumented-parameter # _max_file_size_for_diff is used by the action plugin +plugins/modules/docker_image_build.py validate-modules:invalid-documentation diff --git a/ansible_collections/community/docker/tests/sanity/ignore-2.14.txt b/ansible_collections/community/docker/tests/sanity/ignore-2.14.txt index 2a06013da..f717d24a7 100644 --- a/ansible_collections/community/docker/tests/sanity/ignore-2.14.txt +++ b/ansible_collections/community/docker/tests/sanity/ignore-2.14.txt @@ -1,2 +1,3 @@ .azure-pipelines/scripts/publish-codecov.py replace-urlopen plugins/modules/docker_container_copy_into.py validate-modules:undocumented-parameter # _max_file_size_for_diff is used by the action plugin +plugins/modules/docker_image_build.py validate-modules:invalid-documentation diff --git a/ansible_collections/community/docker/tests/sanity/ignore-2.15.txt b/ansible_collections/community/docker/tests/sanity/ignore-2.15.txt index 2a06013da..f717d24a7 100644 --- a/ansible_collections/community/docker/tests/sanity/ignore-2.15.txt +++ b/ansible_collections/community/docker/tests/sanity/ignore-2.15.txt @@ -1,2 +1,3 @@ .azure-pipelines/scripts/publish-codecov.py replace-urlopen plugins/modules/docker_container_copy_into.py validate-modules:undocumented-parameter # _max_file_size_for_diff is used by the action plugin +plugins/modules/docker_image_build.py validate-modules:invalid-documentation diff --git a/ansible_collections/community/docker/tests/sanity/ignore-2.16.txt b/ansible_collections/community/docker/tests/sanity/ignore-2.16.txt index 12e0b26f9..b60ad3445 100644 --- a/ansible_collections/community/docker/tests/sanity/ignore-2.16.txt +++ b/ansible_collections/community/docker/tests/sanity/ignore-2.16.txt @@ -1 +1,2 @@ plugins/modules/docker_container_copy_into.py validate-modules:undocumented-parameter # _max_file_size_for_diff is used by the action plugin +plugins/modules/docker_image_build.py validate-modules:invalid-documentation diff --git a/ansible_collections/community/docker/tests/unit/plugins/plugin_utils/test_unsafe.py b/ansible_collections/community/docker/tests/unit/plugins/plugin_utils/test_unsafe.py new file mode 100644 index 000000000..286c51cfe --- /dev/null +++ b/ansible_collections/community/docker/tests/unit/plugins/plugin_utils/test_unsafe.py @@ -0,0 +1,133 @@ +# -*- coding: utf-8 -*- +# Copyright (c) 2024, Felix Fontein +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +# Make coding more python3-ish +from __future__ import absolute_import, division, print_function + +__metaclass__ = type + + +import pytest + +from ansible.utils.unsafe_proxy import AnsibleUnsafe + +from ansible_collections.community.docker.plugins.plugin_utils.unsafe import ( + make_unsafe, +) + + +TEST_MAKE_UNSAFE = [ + ( + u'text', + [], + [ + (), + ], + ), + ( + u'{{text}}', + [ + (), + ], + [], + ), + ( + b'text', + [], + [ + (), + ], + ), + ( + b'{{text}}', + [ + (), + ], + [], + ), + ( + { + 'skey': 'value', + 'ukey': '{{value}}', + 1: [ + 'value', + '{{value}}', + { + 1.0: '{{value}}', + 2.0: 'value', + }, + ], + }, + [ + ('ukey', ), + (1, 1), + (1, 2, 1.0), + ], + [ + ('skey', ), + (1, 0), + (1, 2, 2.0), + ], + ), + ( + ['value', '{{value}}'], + [ + (1, ), + ], + [ + (0, ), + ], + ), +] + + +@pytest.mark.parametrize("value, check_unsafe_paths, check_safe_paths", TEST_MAKE_UNSAFE) +def test_make_unsafe(value, check_unsafe_paths, check_safe_paths): + unsafe_value = make_unsafe(value) + assert unsafe_value == value + for check_path in check_unsafe_paths: + obj = unsafe_value + for elt in check_path: + obj = obj[elt] + assert isinstance(obj, AnsibleUnsafe) + for check_path in check_safe_paths: + obj = unsafe_value + for elt in check_path: + obj = obj[elt] + assert not isinstance(obj, AnsibleUnsafe) + + +def test_make_unsafe_dict_key(): + value = { + b'test': 1, + u'test': 2, + } + unsafe_value = make_unsafe(value) + assert unsafe_value == value + for obj in unsafe_value: + assert not isinstance(obj, AnsibleUnsafe) + + value = { + b'{{test}}': 1, + u'{{test}}': 2, + } + unsafe_value = make_unsafe(value) + assert unsafe_value == value + for obj in unsafe_value: + assert isinstance(obj, AnsibleUnsafe) + + +def test_make_unsafe_set(): + value = set([b'test', u'test']) + unsafe_value = make_unsafe(value) + assert unsafe_value == value + for obj in unsafe_value: + assert not isinstance(obj, AnsibleUnsafe) + + value = set([b'{{test}}', u'{{test}}']) + unsafe_value = make_unsafe(value) + assert unsafe_value == value + for obj in unsafe_value: + assert isinstance(obj, AnsibleUnsafe) -- cgit v1.2.3