docker_swarm_service: Add read_only option (#53482)

* Add read_only option

* Add changelog fragment

* Add version_added

* Fix broken test
This commit is contained in:
Hannes Ljungberg 2019-03-08 09:34:49 +01:00 committed by ansibot
parent 13ab9a61a8
commit f5faf8211d
4 changed files with 72 additions and 0 deletions

View file

@ -0,0 +1,2 @@
bugfixes:
- "docker_swarm_service - Added support for ``read_only`` parameter."

View file

@ -470,6 +470,12 @@ options:
choices:
- ingress
- host
read_only:
description:
- Mount the containers root filesystem as read only.
- Corresponds to the C(--read-only) option of C(docker service create).
type: bool
version_added: "2.8"
replicas:
description:
- Number of containers instantiated in the service. Valid only if I(mode) is C(replicated).
@ -747,6 +753,7 @@ swarm_service:
}
],
"publish": null,
"read_only": null,
"replicas": 1,
"reserve_cpu": 0.25,
"reserve_memory": 20971520,
@ -1055,6 +1062,7 @@ class DockerService(DockerBaseClass):
self.replicas = -1
self.service_id = False
self.service_version = False
self.read_only = None
self.restart_policy = None
self.restart_policy_attempts = None
self.restart_policy_delay = None
@ -1103,6 +1111,7 @@ class DockerService(DockerBaseClass):
'stop_signal': self.stop_signal,
'limit_cpu': self.limit_cpu,
'limit_memory': self.limit_memory,
'read_only': self.read_only,
'reserve_cpu': self.reserve_cpu,
'reserve_memory': self.reserve_memory,
'restart_policy_delay': self.restart_policy_delay,
@ -1307,6 +1316,7 @@ class DockerService(DockerBaseClass):
s.stop_signal = ap['stop_signal']
s.user = ap['user']
s.working_dir = ap['working_dir']
s.read_only = ap['read_only']
s.command = ap['command']
if isinstance(s.command, string_types):
@ -1482,6 +1492,8 @@ class DockerService(DockerBaseClass):
differences.add('stop_grace_period', parameter=self.stop_grace_period, active=os.stop_grace_period)
if self.has_publish_changed(os.publish):
differences.add('publish', parameter=self.publish, active=os.publish)
if self.read_only is not None and self.read_only != os.read_only:
differences.add('read_only', parameter=self.read_only, active=os.read_only)
if self.restart_policy is not None and self.restart_policy != os.restart_policy:
differences.add('restart_policy', parameter=self.restart_policy, active=os.restart_policy)
if self.restart_policy_attempts is not None and self.restart_policy_attempts != os.restart_policy_attempts:
@ -1645,6 +1657,8 @@ class DockerService(DockerBaseClass):
container_spec_args['hostname'] = self.hostname
if self.hosts is not None:
container_spec_args['hosts'] = self.hosts
if self.read_only is not None:
container_spec_args['read_only'] = self.read_only
if self.stop_grace_period is not None:
container_spec_args['stop_grace_period'] = self.stop_grace_period
if self.stop_signal is not None:
@ -1837,6 +1851,7 @@ class DockerServiceManager(object):
ds.stop_grace_period = task_template_data['ContainerSpec'].get('StopGracePeriod')
ds.stop_signal = task_template_data['ContainerSpec'].get('StopSignal')
ds.working_dir = task_template_data['ContainerSpec'].get('Dir')
ds.read_only = task_template_data['ContainerSpec'].get('ReadOnly')
healthcheck_data = task_template_data['ContainerSpec'].get('Healthcheck')
if healthcheck_data:
@ -2243,6 +2258,7 @@ def main():
)),
limit_cpu=dict(type='float', removed_in_version='2.12'),
limit_memory=dict(type='str', removed_in_version='2.12'),
read_only=dict(type='bool'),
reservations=dict(type='dict', options=dict(
cpus=dict(type='float'),
memory=dict(type='str'),
@ -2309,6 +2325,7 @@ def main():
update_order=dict(docker_py_version='2.7.0', docker_api_version='1.29'),
stop_signal=dict(docker_py_version='2.6.0', docker_api_version='1.28'),
publish=dict(docker_py_version='3.0.0', docker_api_version='1.25'),
read_only=dict(docker_py_version='2.6.0', docker_api_version='1.28'),
# specials
publish_mode=dict(
docker_py_version='3.0.0',

View file

@ -1820,6 +1820,58 @@
- "'Minimum version required' in publish_1.msg"
when: docker_api_version is version('1.25', '<') or docker_py_version is version('3.0.0', '<')
###################################################################
## read_only ######################################################
###################################################################
- name: read_only
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
read_only: true
register: read_only_1
ignore_errors: yes
- name: read_only (idempotency)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
read_only: true
register: read_only_2
ignore_errors: yes
- name: read_only (change)
docker_swarm_service:
name: "{{ service_name }}"
image: alpine:3.8
resolve_image: no
command: '/bin/sh -v -c "sleep 10m"'
read_only: false
register: read_only_3
ignore_errors: yes
- name: cleanup
docker_swarm_service:
name: "{{ service_name }}"
state: absent
diff: no
- assert:
that:
- read_only_1 is changed
- read_only_2 is not changed
- read_only_3 is changed
when: docker_api_version is version('1.28', '>=') and docker_py_version is version('2.6.0', '>=')
- assert:
that:
- read_only_1 is failed
- "'Minimum version required' in read_only_1.msg"
when: docker_api_version is version('1.28', '<') or docker_py_version is version('2.6.0', '<')
###################################################################
## replicas #######################################################
###################################################################

View file

@ -33,6 +33,7 @@ service_expected_output:
publish:
- {mode: null, protocol: tcp, published_port: 60001, target_port: 60001}
- {mode: null, protocol: udp, published_port: 60001, target_port: 60001}
read_only: null
replicas: null
reserve_cpu: null
reserve_memory: null