added logout to docker_login

also cleaned up 'actions' and minor doc issues
This commit is contained in:
Brian Coca 2016-05-19 11:52:46 -04:00 committed by Matt Clay
parent 9e931f89fb
commit 20f2fe4e91

View file

@ -24,20 +24,17 @@
DOCUMENTATION = ''' DOCUMENTATION = '''
--- ---
module: docker_login module: docker_login
short_description: Log into a Docker registry. short_description: Log into a Docker registry.
version_added: "2.0" version_added: "2.0"
description: description:
- Provides functionality similar to the "docker login" command. - Provides functionality similar to the "docker login" command.
- Authenticate with a docker registry and add the credentials to your local Docker config file. Adding the - Authenticate with a docker registry and add the credentials to your local Docker config file. Adding the
credentials to the config files allows future connections to the registry using tools such as Ansible's Docker credentials to the config files allows future connections to the registry using tools such as Ansible's Docker
modules, the Docker CLI and docker-py without needing to provide credentials. modules, the Docker CLI and docker-py without needing to provide credentials.
- Running in check mode will perform the authentication without updating the config file. - Running in check mode will perform the authentication without updating the config file.
options: options:
registry_url: registry_url:
required: False
description: description:
- The registry URL. - The registry URL.
default: "https://index.docker.io/v1/" default: "https://index.docker.io/v1/"
@ -47,40 +44,51 @@ options:
username: username:
description: description:
- The username for the registry account - The username for the registry account
required: true required: True
default: null
password: password:
description: description:
- The plaintext password for the registry account - The plaintext password for the registry account
required: true required: True
default: null
email: email:
required: False
description: description:
- "The email address for the registry account. NOTE: private registries may not require this, - "The email address for the registry account. NOTE: private registries may not require this,
but Docker Hub requires it." but Docker Hub requires it."
default: None default: None
reauthorize: reauthorize:
required: False
description: description:
- Refresh exiting authentication found in the configuration file. - Refresh exiting authentication found in the configuration file.
default: false default: no
choices: ['yes', 'no']
aliases: aliases:
- reauth - reauth
config_path: config_path:
description: description:
- Custom path to the Docker CLI configuration file. - Custom path to the Docker CLI configuration file.
default: ~/.docker/config.json default: ~/.docker/config.json
required: False
aliases: aliases:
- self.config_path - self.config_path
- dockercfg_path - dockercfg_path
state:
version_added: '2.2'
description:
- This controls the current state of the user. C(present) will login in a user, C(absent) will log him out.
- To logout you only need the registry server, which defaults to DockerHub.
- Before 2.1 you could ONLY log in.
- docker does not support 'logout' with a custom config file.
choices: ['present', 'absent']
default: 'present'
required: False
extends_documentation_fragment: extends_documentation_fragment:
- docker - docker
requirements: requirements:
- "python >= 2.6" - "python >= 2.6"
- "docker-py >= 1.7.0" - "docker-py >= 1.7.0"
- "Docker API >= 1.20" - "Docker API >= 1.20"
- 'Only to be able to logout (state=absent): the docker command line utility'
authors: authors:
- "Olaf Kilian <olaf.kilian@symanex.com>" - "Olaf Kilian <olaf.kilian@symanex.com>"
- "Chris Houseknecht (@chouseknecht)" - "Chris Houseknecht (@chouseknecht)"
@ -109,20 +117,16 @@ EXAMPLES = '''
email: docker@docker.io email: docker@docker.io
config_path: /tmp/.mydockercfg config_path: /tmp/.mydockercfg
- name: Log out of DockerHub
docker_login:
state: absent
email: docker@docker.com
''' '''
RETURN = ''' RETURN = '''
actions:
description: List of actions taken by the module.
returned: always
type: list
sample: [
"Log into https://index.docker.io/v1/",
"Updated config file /Users/chouseknecht/.docker/config.json with new authorization for https://index.docker.io/v1/"
]
login_results: login_results:
description: Results from the login. description: Results from the login.
returned: always returned: when state='present'
type: dict type: dict
sample: { sample: {
"email": "testuer@yahoo.com", "email": "testuer@yahoo.com",
@ -155,7 +159,10 @@ class LoginManager(DockerBaseClass):
self.reauthorize = parameters.get('reauthorize') self.reauthorize = parameters.get('reauthorize')
self.config_path = parameters.get('config_path') self.config_path = parameters.get('config_path')
self.login() if parameters['state'] == 'present':
self.login()
else:
self.logout()
def fail(self, msg): def fail(self, msg):
self.client.fail(msg) self.client.fail(msg)
@ -190,6 +197,24 @@ class LoginManager(DockerBaseClass):
if not self.check_mode: if not self.check_mode:
self.update_config_file() self.update_config_file()
def logout(self):
'''
Log out of the registry. On success update the config file.
TODO: port to API once docker.py supports this.
:return: None
'''
cmd = "%s logout " % self.client.module.get_bin_path('docker', True)
#TODO: docker does not support config file in logout, restore this when they do
#if self.config_path and self.config_file_exists(self.config_path):
# cmd += "--config '%s' " % self.config_path
cmd += "'%s'" % self.registry_url
(rc, out, err) = self.client.module.run_command(cmd)
if rc != 0:
self.fail("Could not log out: %s" % err)
def config_file_exists(self, path): def config_file_exists(self, path):
if os.path.exists(path): if os.path.exists(path):
self.log("Configuration file %s exists" % (path)) self.log("Configuration file %s exists" % (path))
@ -265,16 +290,16 @@ def main():
argument_spec=dict( argument_spec=dict(
registry_url=dict(type='str', required=False, default=DEFAULT_DOCKER_REGISTRY, aliases=['registry', 'url']), registry_url=dict(type='str', required=False, default=DEFAULT_DOCKER_REGISTRY, aliases=['registry', 'url']),
username=dict(type='str', required=True), username=dict(type='str', required=False),
password=dict(type='str', required=True, no_log=True), password=dict(type='str', required=False, no_log=True),
email=dict(type='str'), email=dict(type='str'),
reauthorize=dict(type='bool', default=False, aliases=['reauth']), reauthorize=dict(type='bool', default=False, aliases=['reauth']),
config_path=dict(type='str', default='~/.docker/config.json', aliases=['self.config_path', state=dict(type='str', default='present', choices=['present', 'absent']),
'dockercfg_path']), config_path=dict(type='str', default='~/.docker/config.json', aliases=['self.config_path', 'dockercfg_path']),
) )
required_if = [ required_if = [
('registry_url', DEFAULT_DOCKER_REGISTRY, ['email']) ('state', 'present', ['username', 'password']),
] ]
client = AnsibleDockerClient( client = AnsibleDockerClient(
@ -289,7 +314,12 @@ def main():
login_result={} login_result={}
) )
if module.params['state'] == 'present' and module.params['registry_url'] == DEFAULT_DOCKER_REGISTRY and not module.params['email']:
module.fail_json(msg="'email' is required when loging into DockerHub")
LoginManager(client, results) LoginManager(client, results)
if 'actions' in results:
del results['actions']
client.module.exit_json(**results) client.module.exit_json(**results)
# import module snippets # import module snippets