ansible/test/integration/targets/docker_swarm_service/tasks/tests/secrets.yml

412 lines
12 KiB
YAML
Raw Normal View History

---
- name: Registering container name
set_fact:
service_name: "{{ name_prefix ~ '-secrets' }}"
secret_name_1: "{{ name_prefix ~ '-secret-1' }}"
secret_name_2: "{{ name_prefix ~ '-secret-2' }}"
- name: Registering container name
set_fact:
secret_names: "{{ secret_names + [secret_name_1, secret_name_2] }}"
- docker_secret:
name: "{{ secret_name_1 }}"
data: "secret1"
state: "present"
register: "secret_result_1"
when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.1.0', '>=')
- docker_secret:
name: "{{ secret_name_2 }}"
data: "secret2"
state: "present"
register: "secret_result_2"
when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.1.0', '>=')
####################################################################
## secrets #########################################################
####################################################################
- name: secrets
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
filename: "/run/secrets/{{ secret_name_1 }}.txt"
register: secrets_1
ignore_errors: yes
- name: secrets (idempotency)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_name: "{{ secret_name_1 }}"
filename: "/run/secrets/{{ secret_name_1 }}.txt"
register: secrets_2
ignore_errors: yes
- name: secrets (add)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
filename: "/run/secrets/{{ secret_name_1 }}.txt"
- secret_name: "{{ secret_name_2 }}"
filename: "/run/secrets/{{ secret_name_2 }}.txt"
register: secrets_3
ignore_errors: yes
- name: secrets (add idempotency)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_name: "{{ secret_name_1 }}"
filename: "/run/secrets/{{ secret_name_1 }}.txt"
- secret_id: "{{ secret_result_2.secret_id|default('') }}"
secret_name: "{{ secret_name_2 }}"
filename: "/run/secrets/{{ secret_name_2 }}.txt"
register: secrets_4
ignore_errors: yes
- name: secrets (add idempotency no id)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_name: "{{ secret_name_1 }}"
filename: "/run/secrets/{{ secret_name_1 }}.txt"
- secret_name: "{{ secret_name_2 }}"
filename: "/run/secrets/{{ secret_name_2 }}.txt"
register: secrets_5
ignore_errors: yes
docker_swarm_service: Sort lists when checking for changes (#63887) * docker_swarm_service: Sort lists when checking for changes When two lists are checked for changes in this module, the lists are reported changed when the order of the items is different. This PR resolves this issue. * docker_swarm_service: Minor typo fix * docker_swarm_service: Another minor typo * docker_swarm_service: Should use sorted(), not sort() * docker_swarm_service: Sort lists of dictionaries * docker_swarm_service: Fix style issues in tests * docker_swarm_service: Updates to integration tests * docker_swarm_service: Casting string types within lists when comparing * docker_swarm_service: Special handling of unordered networks with ordered aliases * docker_swarm_service: Sorting network lists * docker_swarm_serivce: Better unit test code coverage for lists and networks * docker_swarm_service: Fixed coding style for sanity tests * docker_swarm_service: More coding style fixes * docker_swarm_service: Ignoring test for Python < 3 * docker_swarm_service: Update to version info check for backwards compatibility * docker_swarm_service: Added change fragment #63887 * docker_swarm_service: Better handling of missing sort key for dictionary of lists * docker_swarm_service: Preventing sorts from modifying in-place Co-Authored-By: Felix Fontein <felix@fontein.de> * docker_swarm_service: Removed spurious import in test * docker_swarm_service: Preventing sorts from modifying more data in-place Co-Authored-By: Felix Fontein <felix@fontein.de>
2019-11-24 06:31:35 +11:00
- name: secrets (order idempotency)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_name: "{{ secret_name_2 }}"
filename: "/run/secrets/{{ secret_name_2 }}.txt"
- secret_name: "{{ secret_name_1 }}"
filename: "/run/secrets/{{ secret_name_1 }}.txt"
register: secrets_6
ignore_errors: yes
- name: secrets (empty)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets: []
docker_swarm_service: Sort lists when checking for changes (#63887) * docker_swarm_service: Sort lists when checking for changes When two lists are checked for changes in this module, the lists are reported changed when the order of the items is different. This PR resolves this issue. * docker_swarm_service: Minor typo fix * docker_swarm_service: Another minor typo * docker_swarm_service: Should use sorted(), not sort() * docker_swarm_service: Sort lists of dictionaries * docker_swarm_service: Fix style issues in tests * docker_swarm_service: Updates to integration tests * docker_swarm_service: Casting string types within lists when comparing * docker_swarm_service: Special handling of unordered networks with ordered aliases * docker_swarm_service: Sorting network lists * docker_swarm_serivce: Better unit test code coverage for lists and networks * docker_swarm_service: Fixed coding style for sanity tests * docker_swarm_service: More coding style fixes * docker_swarm_service: Ignoring test for Python < 3 * docker_swarm_service: Update to version info check for backwards compatibility * docker_swarm_service: Added change fragment #63887 * docker_swarm_service: Better handling of missing sort key for dictionary of lists * docker_swarm_service: Preventing sorts from modifying in-place Co-Authored-By: Felix Fontein <felix@fontein.de> * docker_swarm_service: Removed spurious import in test * docker_swarm_service: Preventing sorts from modifying more data in-place Co-Authored-By: Felix Fontein <felix@fontein.de>
2019-11-24 06:31:35 +11:00
register: secrets_7
ignore_errors: yes
- name: secrets (empty idempotency)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets: []
docker_swarm_service: Sort lists when checking for changes (#63887) * docker_swarm_service: Sort lists when checking for changes When two lists are checked for changes in this module, the lists are reported changed when the order of the items is different. This PR resolves this issue. * docker_swarm_service: Minor typo fix * docker_swarm_service: Another minor typo * docker_swarm_service: Should use sorted(), not sort() * docker_swarm_service: Sort lists of dictionaries * docker_swarm_service: Fix style issues in tests * docker_swarm_service: Updates to integration tests * docker_swarm_service: Casting string types within lists when comparing * docker_swarm_service: Special handling of unordered networks with ordered aliases * docker_swarm_service: Sorting network lists * docker_swarm_serivce: Better unit test code coverage for lists and networks * docker_swarm_service: Fixed coding style for sanity tests * docker_swarm_service: More coding style fixes * docker_swarm_service: Ignoring test for Python < 3 * docker_swarm_service: Update to version info check for backwards compatibility * docker_swarm_service: Added change fragment #63887 * docker_swarm_service: Better handling of missing sort key for dictionary of lists * docker_swarm_service: Preventing sorts from modifying in-place Co-Authored-By: Felix Fontein <felix@fontein.de> * docker_swarm_service: Removed spurious import in test * docker_swarm_service: Preventing sorts from modifying more data in-place Co-Authored-By: Felix Fontein <felix@fontein.de>
2019-11-24 06:31:35 +11:00
register: secrets_8
ignore_errors: yes
- name: cleanup
docker_swarm_service:
name: "{{ service_name }}"
state: absent
diff: no
- assert:
that:
- secrets_1 is changed
- secrets_2 is not changed
- secrets_3 is changed
- secrets_4 is not changed
- secrets_5 is not changed
docker_swarm_service: Sort lists when checking for changes (#63887) * docker_swarm_service: Sort lists when checking for changes When two lists are checked for changes in this module, the lists are reported changed when the order of the items is different. This PR resolves this issue. * docker_swarm_service: Minor typo fix * docker_swarm_service: Another minor typo * docker_swarm_service: Should use sorted(), not sort() * docker_swarm_service: Sort lists of dictionaries * docker_swarm_service: Fix style issues in tests * docker_swarm_service: Updates to integration tests * docker_swarm_service: Casting string types within lists when comparing * docker_swarm_service: Special handling of unordered networks with ordered aliases * docker_swarm_service: Sorting network lists * docker_swarm_serivce: Better unit test code coverage for lists and networks * docker_swarm_service: Fixed coding style for sanity tests * docker_swarm_service: More coding style fixes * docker_swarm_service: Ignoring test for Python < 3 * docker_swarm_service: Update to version info check for backwards compatibility * docker_swarm_service: Added change fragment #63887 * docker_swarm_service: Better handling of missing sort key for dictionary of lists * docker_swarm_service: Preventing sorts from modifying in-place Co-Authored-By: Felix Fontein <felix@fontein.de> * docker_swarm_service: Removed spurious import in test * docker_swarm_service: Preventing sorts from modifying more data in-place Co-Authored-By: Felix Fontein <felix@fontein.de>
2019-11-24 06:31:35 +11:00
- secrets_6 is not changed
- secrets_7 is changed
- secrets_8 is not changed
when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.4.0', '>=')
- assert:
that:
- secrets_1 is failed
- "'Minimum version required' in secrets_1.msg"
when: docker_api_version is version('1.25', '<') or docker_py_version is version('2.4.0', '<')
####################################################################
## secrets (uid) ###################################################
####################################################################
- name: secrets (uid int)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
uid: 1000
register: secrets_1
ignore_errors: yes
- name: secrets (uid int idempotency)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
uid: 1000
register: secrets_2
ignore_errors: yes
- name: secrets (uid int change)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
uid: 1002
register: secrets_3
ignore_errors: yes
- name: secrets (uid str)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
uid: "1001"
register: secrets_4
ignore_errors: yes
- name: secrets (uid str idempotency)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
uid: "1001"
register: secrets_5
ignore_errors: yes
- name: cleanup
docker_swarm_service:
name: "{{ service_name }}"
state: absent
diff: no
- assert:
that:
- secrets_1 is changed
- secrets_2 is not changed
- secrets_3 is changed
- secrets_4 is changed
- secrets_5 is not changed
when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.4.0', '>=')
- assert:
that:
- secrets_1 is failed
- "'Minimum version required' in secrets_1.msg"
when: docker_api_version is version('1.25', '<') or docker_py_version is version('2.4.0', '<')
####################################################################
## secrets (gid) ###################################################
####################################################################
- name: secrets (gid int)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
gid: 1001
register: secrets_1
ignore_errors: yes
- name: secrets (gid int idempotency)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
gid: 1001
register: secrets_2
ignore_errors: yes
- name: secrets (gid int change)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
gid: 1002
register: secrets_3
ignore_errors: yes
- name: secrets (gid str)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
gid: "1003"
register: secrets_4
ignore_errors: yes
- name: secrets (gid str idempotency)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
gid: "1003"
register: secrets_5
ignore_errors: yes
- name: cleanup
docker_swarm_service:
name: "{{ service_name }}"
state: absent
diff: no
- assert:
that:
- secrets_1 is changed
- secrets_2 is not changed
- secrets_3 is changed
- secrets_4 is changed
- secrets_5 is not changed
when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.4.0', '>=')
- assert:
that:
- secrets_1 is failed
- "'Minimum version required' in secrets_1.msg"
when: docker_api_version is version('1.25', '<') or docker_py_version is version('2.4.0', '<')
####################################################################
## secrets (mode) ##################################################
####################################################################
- name: secrets (mode)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
mode: 0600
register: secrets_1
ignore_errors: yes
- name: secrets (mode idempotency)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
mode: 0600
register: secrets_2
ignore_errors: yes
- name: secrets (mode change)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
secrets:
- secret_id: "{{ secret_result_1.secret_id|default('') }}"
secret_name: "{{ secret_name_1 }}"
mode: 0777
register: secrets_3
ignore_errors: yes
- name: cleanup
docker_swarm_service:
name: "{{ service_name }}"
state: absent
diff: no
- assert:
that:
- secrets_1 is changed
- secrets_2 is not changed
- secrets_3 is changed
when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.4.0', '>=')
- assert:
that:
- secrets_1 is failed
- "'Minimum version required' in secrets_1.msg"
when: docker_api_version is version('1.25', '<') or docker_py_version is version('2.4.0', '<')
####################################################################
####################################################################
####################################################################
- name: Delete secrets
docker_secret:
name: "{{ secret_name }}"
state: absent
force: yes
loop:
- "{{ secret_name_1 }}"
- "{{ secret_name_2 }}"
loop_control:
loop_var: secret_name
ignore_errors: yes
when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.1.0', '>=')