Vendor Galaxy Roles and Collections

ansible_collections/community/docker/tests/integration/targets/docker_config/aliases

@@ -0,0 +1,6 @@
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+azp/3
+destructive

ansible_collections/community/docker/tests/integration/targets/docker_config/meta/main.yml

@@ -0,0 +1,9 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+dependencies:
+  - setup_docker
+  - setup_docker_sdk_for_python
+  - setup_remote_tmp_dir

ansible_collections/community/docker/tests/integration/targets/docker_config/tasks/main.yml

@@ -0,0 +1,15 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+####################################################################
+# WARNING: These are designed specifically for Ansible tests       #
+# and should not be used as examples of how to write Ansible roles #
+####################################################################
+
+- ansible.builtin.include_tasks: test_docker_config.yml
+  when: docker_py_version is version('2.6.0', '>=') and docker_api_version is version('1.30', '>=')
+
+- ansible.builtin.fail: msg="Too old docker / docker-py version to run docker_config tests!"
+  when: not(docker_py_version is version('2.6.0', '>=') and docker_api_version is version('1.30', '>=')) and (ansible_distribution != 'CentOS' or ansible_distribution_major_version|int > 6)

ansible_collections/community/docker/tests/integration/targets/docker_config/tasks/test_docker_config.yml

@@ -0,0 +1,334 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+- block:
+    - ansible.builtin.shell: "docker info --format '{% raw %}{{json .}}{% endraw %}' | {{ ansible_python_interpreter }} -m json.tool"
+
+    - name: Make sure we're not already using Docker swarm
+      community.docker.docker_swarm:
+        state: absent
+        force: true
+
+    - ansible.builtin.shell: "docker info --format '{% raw %}{{json .}}{% endraw %}' | {{ ansible_python_interpreter }} -m json.tool"
+
+    - name: Create a Swarm cluster
+      community.docker.docker_swarm:
+        name: default
+        state: present
+        advertise_addr: "{{ ansible_default_ipv4.address | default('127.0.0.1') }}"
+
+    - name: Parameter name should be required
+      community.docker.docker_config:  # noqa: args[module]
+        state: present
+      ignore_errors: true
+      register: output
+
+    - name: Assert failure when called with no name
+      ansible.builtin.assert:
+        that:
+          - 'output is failed'
+          - 'output.msg == "missing required arguments: name"'
+
+    - name: Test parameters
+      community.docker.docker_config:  # noqa: args[module]
+        name: foo
+        state: present
+      ignore_errors: true
+      register: output
+
+    - name: Assert failure when called with no data
+      ansible.builtin.assert:
+        that:
+          - 'output is failed'
+          - 'output.msg == "state is present but any of the following are missing: data, data_src"'
+
+    - name: Create config
+      community.docker.docker_config:
+        name: db_password
+        data: opensesame!
+        state: present
+      register: output
+
+    - name: Create variable config_id
+      ansible.builtin.set_fact:
+        config_id: "{{ output.config_id }}"
+
+    - name: Inspect config
+      ansible.builtin.command: "docker config inspect {{ config_id }}"
+      register: inspect
+      ignore_errors: true
+
+    - ansible.builtin.debug:
+        var: inspect
+
+    - name: Assert config creation succeeded
+      ansible.builtin.assert:
+        that:
+          - "'db_password' in inspect.stdout"
+          - "'ansible_key' in inspect.stdout"
+      when: inspect is not failed
+    - ansible.builtin.assert:
+        that:
+          - "'is too new. Maximum supported API version is' in inspect.stderr"
+      when: inspect is failed
+
+    - name: Create config again
+      community.docker.docker_config:
+        name: db_password
+        data: opensesame!
+        state: present
+      register: output
+
+    - name: Assert create config is idempotent
+      ansible.builtin.assert:
+        that:
+          - output is not changed
+
+    - name: Write config into file
+      ansible.builtin.copy:
+        dest: "{{ remote_tmp_dir }}/data"
+        content: |-
+          opensesame!
+
+    - name: Create config again (from file)
+      community.docker.docker_config:
+        name: db_password
+        data_src: "{{ remote_tmp_dir }}/data"
+        state: present
+      register: output
+
+    - name: Assert create config is idempotent
+      ansible.builtin.assert:
+        that:
+          - output is not changed
+
+    - name: Create config again (base64)
+      community.docker.docker_config:
+        name: db_password
+        data: b3BlbnNlc2FtZSE=
+        data_is_b64: true
+        state: present
+      register: output
+
+    - name: Assert create config (base64) is idempotent
+      ansible.builtin.assert:
+        that:
+          - output is not changed
+
+    - name: Update config
+      community.docker.docker_config:
+        name: db_password
+        data: newpassword!
+        state: present
+      register: output
+
+    - name: Assert config was updated
+      ansible.builtin.assert:
+        that:
+          - output is changed
+          - output.config_id != config_id
+
+    - name: Remove config
+      community.docker.docker_config:
+        name: db_password
+        state: absent
+
+    - name: Check that config is removed
+      ansible.builtin.command: "docker config inspect {{ config_id }}"
+      register: output
+      ignore_errors: true
+
+    - name: Assert config was removed
+      ansible.builtin.assert:
+        that:
+          - output is failed
+
+    - name: Remove config
+      community.docker.docker_config:
+        name: db_password
+        state: absent
+      register: output
+
+    - name: Assert remove config is idempotent
+      ansible.builtin.assert:
+        that:
+          - output is not changed
+
+  # Rolling update
+
+    - name: Create rolling config
+      community.docker.docker_config:
+        name: rolling_password
+        data: opensesame!
+        rolling_versions: true
+        state: present
+      register: original_output
+
+    - name: Create variable config_id
+      ansible.builtin.set_fact:
+        config_id: "{{ original_output.config_id }}"
+
+    - name: Inspect config
+      ansible.builtin.command: "docker config inspect {{ config_id }}"
+      register: inspect
+      ignore_errors: true
+
+    - ansible.builtin.debug:
+        var: inspect
+
+    - name: Assert config creation succeeded
+      ansible.builtin.assert:
+        that:
+          - "'rolling_password' in inspect.stdout"
+          - "'ansible_key' in inspect.stdout"
+          - "'ansible_version' in inspect.stdout"
+          - original_output.config_name == 'rolling_password_v1'
+      when: inspect is not failed
+    - ansible.builtin.assert:
+        that:
+          - "'is too new. Maximum supported API version is' in inspect.stderr"
+      when: inspect is failed
+
+    - name: Create config again
+      community.docker.docker_config:
+        name: rolling_password
+        data: newpassword!
+        rolling_versions: true
+        state: present
+      register: new_output
+
+    - name: Assert that new version is created
+      ansible.builtin.assert:
+        that:
+          - new_output is changed
+          - new_output.config_id != original_output.config_id
+          - new_output.config_name != original_output.config_name
+          - new_output.config_name == 'rolling_password_v2'
+
+    - name: Remove rolling configs
+      community.docker.docker_config:
+        name: rolling_password
+        rolling_versions: true
+        state: absent
+
+    - name: Check that config is removed
+      ansible.builtin.command: "docker config inspect {{ original_output.config_id }}"
+      register: output
+      ignore_errors: true
+
+    - name: Assert config was removed
+      ansible.builtin.assert:
+        that:
+          - output is failed
+
+    - name: Check that config is removed
+      ansible.builtin.command: "docker config inspect {{ new_output.config_id }}"
+      register: output
+      ignore_errors: true
+
+    - name: Assert config was removed
+      ansible.builtin.assert:
+        that:
+          - output is failed
+
+  # template_driver tests
+
+    - when: docker_py_version is version('5.0.3', '>=') and docker_api_version is version('1.37', '>=')
+      block:
+
+        - name: Create regular config
+          community.docker.docker_config:
+            name: db_password
+            data: opensesame!
+            state: present
+
+        - name: Update config with template_driver
+          community.docker.docker_config:
+            name: db_password
+            data: opensesame!
+            template_driver: golang
+            state: present
+          register: output
+
+        - name: Assert config was updated
+          ansible.builtin.assert:
+            that:
+              - output is changed
+
+        - name: Invalid template_driver
+          community.docker.docker_config:
+            name: db_password
+            data: opensesame!
+            template_driver: "not a template driver"  # noqa: args[module]
+            state: present
+          ignore_errors: true
+          register: output
+
+        - name: Assert failure when called with invalid template_driver
+          ansible.builtin.assert:
+            that:
+              - 'output is failed'
+              - 'output.msg == "value of template_driver must be one of: golang, got: not a template driver"'
+
+        - name: Create config again
+          community.docker.docker_config:
+            name: db_password
+            data: opensesame!
+            template_driver: golang
+            state: present
+          register: output
+
+        - name: Assert create config is idempotent
+          ansible.builtin.assert:
+            that:
+              - output is not changed
+
+        # data is the docker swarm's name
+        - name: Update config with template data
+          community.docker.docker_config:
+            name: db_password
+            data: "{{ '{{' }} .Service.Name {{ '}}' }}"
+            template_driver: golang
+            state: present
+          register: output
+
+        - name: Inspect config
+          ansible.builtin.command: "docker config inspect {{ output.config_id }}"
+          register: inspect
+
+        - name: Show inspection result
+          ansible.builtin.debug:
+            var: inspect
+
+        - name: Assert config creation succeeded
+          ansible.builtin.assert:
+            that:
+              - "'db_password' in inspect.stdout"
+              - "'ansible_key' in inspect.stdout"
+              # According to the API docs, 'Data' is "Base64-url-safe-encoded (RFC 4648) config data."
+              - "'\"Data\": \"e3sgLlNlcnZpY2UuTmFtZSB9fQ==\"' in inspect.stdout"
+              - "'Templating' in inspect.stdout"
+              - "'\"Name\": \"golang\"' in inspect.stdout"
+
+        - name: Remove config
+          community.docker.docker_config:
+            name: db_password
+            state: absent
+
+        - name: Check that config is removed
+          ansible.builtin.command: "docker config inspect {{ output.config_id }}"
+          register: output
+          ignore_errors: true
+
+        - name: Assert config was removed
+          ansible.builtin.assert:
+            that:
+              - output is failed
+
+  always:
+    - name: Remove a Swarm cluster
+      community.docker.docker_swarm:
+        state: absent
+        force: true