ansible/ansible-podman-collections
1
0
Fork 0
mirror of https://github.com/containers/ansible-podman-collections.git synced 2026-04-30 04:48:49 +00:00
Code Activity

Run black -l 120 on all Python files to unify the style (#939)

Browse source 
Signed-off-by: Sagi Shnaidman <sshnaidm@redhat.com>
This commit is contained in:
Sergey 2025-06-15 18:25:48 +03:00 committed by GitHub
parent 50c5a2549d
commit 4c682e170c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
39 changed files with 3828 additions and 3129 deletions
Download patch file Download diff file Expand all files Collapse all files

353
plugins/module_utils/podman/common.py
View file

@ -2,6 +2,7 @@
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
import json
@ -9,37 +10,45 @@ import os
import shutil
from ansible.module_utils.six import raise_from
try:
from ansible.module_utils.compat.version import LooseVersion # noqa: F401
except ImportError:
try:
from distutils.version import LooseVersion # noqa: F401
except ImportError as exc:
raise_from(ImportError('To use this plugin or module with ansible-core'
' < 2.11, you need to use Python < 3.12 with '
'distutils.version present'), exc)
raise_from(
ImportError(
"To use this plugin or module with ansible-core"
" < 2.11, you need to use Python < 3.12 with "
"distutils.version present"
),
exc,
)
ARGUMENTS_OPTS_DICT = {
'--attach': ['--attach', '-a'],
'--cpu-shares': ['--cpu-shares', '-c'],
'--detach': ['--detach', '-d'],
'--env': ['--env', '-e'],
'--hostname': ['--hostname', '-h'],
'--interactive': ['--interactive', '-i'],
'--label': ['--label', '-l'],
'--memory': ['--memory', '-m'],
'--network': ['--network', '--net'],
'--publish': ['--publish', '-p'],
'--publish-all': ['--publish-all', '-P'],
'--quiet': ['--quiet', '-q'],
'--tty': ['--tty', '-t'],
'--user': ['--user', '-u'],
'--volume': ['--volume', '-v'],
'--workdir': ['--workdir', '-w'],
"--attach": ["--attach", "-a"],
"--cpu-shares": ["--cpu-shares", "-c"],
"--detach": ["--detach", "-d"],
"--env": ["--env", "-e"],
"--hostname": ["--hostname", "-h"],
"--interactive": ["--interactive", "-i"],
"--label": ["--label", "-l"],
"--memory": ["--memory", "-m"],
"--network": ["--network", "--net"],
"--publish": ["--publish", "-p"],
"--publish-all": ["--publish-all", "-P"],
"--quiet": ["--quiet", "-q"],
"--tty": ["--tty", "-t"],
"--user": ["--user", "-u"],
"--volume": ["--volume", "-v"],
"--workdir": ["--workdir", "-w"],
}
def run_podman_command(module, executable='podman', args=None, expected_rc=0, ignore_errors=False):
def run_podman_command(
module, executable="podman", args=None, expected_rc=0, ignore_errors=False
):
if not isinstance(executable, list):
command = [executable]
if args is not None:
@ -47,77 +56,94 @@ def run_podman_command(module, executable='podman', args=None, expected_rc=0, ig
rc, out, err = module.run_command(command)
if not ignore_errors and rc != expected_rc:
module.fail_json(
msg='Failed to run {command} {args}: {err}'.format(
command=command, args=args, err=err))
msg="Failed to run {command} {args}: {err}".format(
command=command, args=args, err=err
)
)
return rc, out, err
def run_generate_systemd_command(module, module_params, name, version):
"""Generate systemd unit file."""
command = [module_params['executable'], 'generate', 'systemd',
name, '--format', 'json']
sysconf = module_params['generate_systemd']
gt4ver = LooseVersion(version) >= LooseVersion('4.0.0')
if sysconf.get('restart_policy'):
if sysconf.get('restart_policy') not in [
"no", "on-success", "on-failure", "on-abnormal", "on-watchdog",
"on-abort", "always"]:
command = [
module_params["executable"],
"generate",
"systemd",
name,
"--format",
"json",
]
sysconf = module_params["generate_systemd"]
gt4ver = LooseVersion(version) >= LooseVersion("4.0.0")
if sysconf.get("restart_policy"):
if sysconf.get("restart_policy") not in [
"no",
"on-success",
"on-failure",
"on-abnormal",
"on-watchdog",
"on-abort",
"always",
]:
module.fail_json(
'Restart policy for systemd unit file is "%s" and must be one of: '
'"no", "on-success", "on-failure", "on-abnormal", "on-watchdog", "on-abort", or "always"' %
sysconf.get('restart_policy'))
command.extend([
'--restart-policy',
sysconf['restart_policy']])
if sysconf.get('restart_sec') is not None:
command.extend(['--restart-sec=%s' % sysconf['restart_sec']])
if (sysconf.get('stop_timeout') is not None) or (sysconf.get('time') is not None):
'"no", "on-success", "on-failure", "on-abnormal", "on-watchdog", "on-abort", or "always"'
% sysconf.get("restart_policy")
)
command.extend(["--restart-policy", sysconf["restart_policy"]])
if sysconf.get("restart_sec") is not None:
command.extend(["--restart-sec=%s" % sysconf["restart_sec"]])
if (sysconf.get("stop_timeout") is not None) or (sysconf.get("time") is not None):
# Select correct parameter name based on version
arg_name = 'stop-timeout' if gt4ver else 'time'
arg_value = sysconf.get('stop_timeout') if sysconf.get('stop_timeout') is not None else sysconf.get('time')
command.extend(['--%s=%s' % (arg_name, arg_value)])
if sysconf.get('start_timeout') is not None:
command.extend(['--start-timeout=%s' % sysconf['start_timeout']])
if sysconf.get('no_header'):
command.extend(['--no-header'])
if sysconf.get('names', True):
command.extend(['--name'])
arg_name = "stop-timeout" if gt4ver else "time"
arg_value = (
sysconf.get("stop_timeout")
if sysconf.get("stop_timeout") is not None
else sysconf.get("time")
)
command.extend(["--%s=%s" % (arg_name, arg_value)])
if sysconf.get("start_timeout") is not None:
command.extend(["--start-timeout=%s" % sysconf["start_timeout"]])
if sysconf.get("no_header"):
command.extend(["--no-header"])
if sysconf.get("names", True):
command.extend(["--name"])
if sysconf.get("new"):
command.extend(["--new"])
if sysconf.get('container_prefix') is not None:
command.extend(['--container-prefix=%s' % sysconf['container_prefix']])
if sysconf.get('pod_prefix') is not None:
command.extend(['--pod-prefix=%s' % sysconf['pod_prefix']])
if sysconf.get('separator') is not None:
command.extend(['--separator=%s' % sysconf['separator']])
if sysconf.get('after') is not None:
if sysconf.get("container_prefix") is not None:
command.extend(["--container-prefix=%s" % sysconf["container_prefix"]])
if sysconf.get("pod_prefix") is not None:
command.extend(["--pod-prefix=%s" % sysconf["pod_prefix"]])
if sysconf.get("separator") is not None:
command.extend(["--separator=%s" % sysconf["separator"]])
if sysconf.get("after") is not None:
sys_after = sysconf['after']
sys_after = sysconf["after"]
if isinstance(sys_after, str):
sys_after = [sys_after]
for after in sys_after:
command.extend(['--after=%s' % after])
if sysconf.get('wants') is not None:
sys_wants = sysconf['wants']
command.extend(["--after=%s" % after])
if sysconf.get("wants") is not None:
sys_wants = sysconf["wants"]
if isinstance(sys_wants, str):
sys_wants = [sys_wants]
for want in sys_wants:
command.extend(['--wants=%s' % want])
if sysconf.get('requires') is not None:
sys_req = sysconf['requires']
command.extend(["--wants=%s" % want])
if sysconf.get("requires") is not None:
sys_req = sysconf["requires"]
if isinstance(sys_req, str):
sys_req = [sys_req]
for require in sys_req:
command.extend(['--requires=%s' % require])
for param in ['after', 'wants', 'requires']:
command.extend(["--requires=%s" % require])
for param in ["after", "wants", "requires"]:
if sysconf.get(param) is not None and not gt4ver:
module.fail_json(msg="Systemd parameter '%s' is supported from "
"podman version 4 only! Current version is %s" % (
param, version))
module.fail_json(
msg="Systemd parameter '%s' is supported from "
"podman version 4 only! Current version is %s" % (param, version)
)
if module.params['debug'] or module_params['debug']:
module.log("PODMAN-CONTAINER-DEBUG: systemd command: %s" %
" ".join(command))
if module.params["debug"] or module_params["debug"]:
module.log("PODMAN-CONTAINER-DEBUG: systemd command: %s" % " ".join(command))
rc, systemd, err = module.run_command(command)
return rc, systemd, err
@ -125,14 +151,16 @@ def run_generate_systemd_command(module, module_params, name, version):
def compare_systemd_file_content(file_path, file_content):
if not os.path.exists(file_path):
# File does not exist, so all lines in file_content are different
return '', file_content
return "", file_content
# Read the file
with open(file_path, 'r') as unit_file:
with open(file_path, "r") as unit_file:
current_unit_file_content = unit_file.read()
# Function to remove comments from file content
def remove_comments(content):
return "\n".join([line for line in content.splitlines() if not line.startswith('#')])
return "\n".join(
[line for line in content.splitlines() if not line.startswith("#")]
)
# Remove comments from both file contents before comparison
current_unit_file_content_nocmnt = remove_comments(current_unit_file_content)
@ -141,111 +169,145 @@ def compare_systemd_file_content(file_path, file_content):
return None
# Get the different lines between the two contents
diff_in_file = [line
for line in unit_content_nocmnt.splitlines()
if line not in current_unit_file_content_nocmnt.splitlines()]
diff_in_string = [line
for line in current_unit_file_content_nocmnt.splitlines()
if line not in unit_content_nocmnt.splitlines()]
diff_in_file = [
line
for line in unit_content_nocmnt.splitlines()
if line not in current_unit_file_content_nocmnt.splitlines()
]
diff_in_string = [
line
for line in current_unit_file_content_nocmnt.splitlines()
if line not in unit_content_nocmnt.splitlines()
]
return diff_in_string, diff_in_file
def generate_systemd(module, module_params, name, version):
result = {
'changed': False,
'systemd': {},
'diff': {},
"changed": False,
"systemd": {},
"diff": {},
}
sysconf = module_params['generate_systemd']
rc, systemd, err = run_generate_systemd_command(module, module_params, name, version)
sysconf = module_params["generate_systemd"]
rc, systemd, err = run_generate_systemd_command(
module, module_params, name, version
)
if rc != 0:
module.log(
"PODMAN-CONTAINER-DEBUG: Error generating systemd: %s" % err)
module.log("PODMAN-CONTAINER-DEBUG: Error generating systemd: %s" % err)
if sysconf:
module.fail_json(msg="Error generating systemd: %s" % err)
return result
else:
try:
data = json.loads(systemd)
result['systemd'] = data
if sysconf.get('path'):
full_path = os.path.expanduser(sysconf['path'])
result["systemd"] = data
if sysconf.get("path"):
full_path = os.path.expanduser(sysconf["path"])
if not os.path.exists(full_path):
os.makedirs(full_path)
result['changed'] = True
result["changed"] = True
if not os.path.isdir(full_path):
module.fail_json("Path %s is not a directory! "
"Can not save systemd unit files there!"
% full_path)
module.fail_json(
"Path %s is not a directory! "
"Can not save systemd unit files there!" % full_path
)
for file_name, file_content in data.items():
file_name += ".service"
if not os.path.exists(os.path.join(full_path, file_name)):
result['changed'] = True
if result['diff'].get('before') is None:
result['diff'] = {'before': {}, 'after': {}}
result['diff']['before'].update(
{'systemd_{file_name}.service'.format(file_name=file_name): ''})
result['diff']['after'].update(
{'systemd_{file_name}.service'.format(file_name=file_name): file_content})
result["changed"] = True
if result["diff"].get("before") is None:
result["diff"] = {"before": {}, "after": {}}
result["diff"]["before"].update(
{
"systemd_{file_name}.service".format(
file_name=file_name
): ""
}
)
result["diff"]["after"].update(
{
"systemd_{file_name}.service".format(
file_name=file_name
): file_content
}
)
else:
diff_ = compare_systemd_file_content(os.path.join(full_path, file_name), file_content)
diff_ = compare_systemd_file_content(
os.path.join(full_path, file_name), file_content
)
if diff_:
result['changed'] = True
if result['diff'].get('before') is None:
result['diff'] = {'before': {}, 'after': {}}
result['diff']['before'].update(
{'systemd_{file_name}.service'.format(file_name=file_name): "\n".join(diff_[0])})
result['diff']['after'].update(
{'systemd_{file_name}.service'.format(file_name=file_name): "\n".join(diff_[1])})
with open(os.path.join(full_path, file_name), 'w') as f:
result["changed"] = True
if result["diff"].get("before") is None:
result["diff"] = {"before": {}, "after": {}}
result["diff"]["before"].update(
{
"systemd_{file_name}.service".format(
file_name=file_name
): "\n".join(diff_[0])
}
)
result["diff"]["after"].update(
{
"systemd_{file_name}.service".format(
file_name=file_name
): "\n".join(diff_[1])
}
)
with open(os.path.join(full_path, file_name), "w") as f:
f.write(file_content)
diff_before = "\n".join(
["{j} - {k}".format(j=j, k=k)
for j, k in result['diff'].get('before', {}).items() if 'PIDFile' not in k]).strip()
[
"{j} - {k}".format(j=j, k=k)
for j, k in result["diff"].get("before", {}).items()
if "PIDFile" not in k
]
).strip()
diff_after = "\n".join(
["{j} - {k}".format(j=j, k=k)
for j, k in result['diff'].get('after', {}).items() if 'PIDFile' not in k]).strip()
[
"{j} - {k}".format(j=j, k=k)
for j, k in result["diff"].get("after", {}).items()
if "PIDFile" not in k
]
).strip()
if diff_before or diff_after:
result['diff']['before'] = diff_before + "\n"
result['diff']['after'] = diff_after + "\n"
result["diff"]["before"] = diff_before + "\n"
result["diff"]["after"] = diff_after + "\n"
else:
result['diff'] = {}
result["diff"] = {}
return result
except Exception as e:
module.log(
"PODMAN-CONTAINER-DEBUG: Error writing systemd: %s" % e)
module.log("PODMAN-CONTAINER-DEBUG: Error writing systemd: %s" % e)
if sysconf:
module.fail_json(msg="Error writing systemd: %s" % e)
return result
def delete_systemd(module, module_params, name, version):
sysconf = module_params['generate_systemd']
if not sysconf.get('path'):
sysconf = module_params["generate_systemd"]
if not sysconf.get("path"):
# We don't know where systemd files are located, nothing to delete
module.log(
"PODMAN-CONTAINER-DEBUG: Not deleting systemd file - no path!")
module.log("PODMAN-CONTAINER-DEBUG: Not deleting systemd file - no path!")
return
rc, systemd, err = run_generate_systemd_command(module, module_params, name, version)
rc, systemd, err = run_generate_systemd_command(
module, module_params, name, version
)
if rc != 0:
module.log(
"PODMAN-CONTAINER-DEBUG: Error generating systemd: %s" % err)
module.log("PODMAN-CONTAINER-DEBUG: Error generating systemd: %s" % err)
return
else:
try:
data = json.loads(systemd)
for file_name in data.keys():
file_name += ".service"
full_dir_path = os.path.expanduser(sysconf['path'])
full_dir_path = os.path.expanduser(sysconf["path"])
file_path = os.path.join(full_dir_path, file_name)
if os.path.exists(file_path):
os.unlink(file_path)
return
except Exception as e:
module.log(
"PODMAN-CONTAINER-DEBUG: Error deleting systemd: %s" % e)
module.log("PODMAN-CONTAINER-DEBUG: Error deleting systemd: %s" % e)
return
@ -306,12 +368,12 @@ _signal_map = {
"VTALRM": 26,
"WINCH": 28,
"XCPU": 24,
"XFSZ": 25
"XFSZ": 25,
}
for i in range(1, _signal_map['RTMAX'] - _signal_map['RTMIN'] + 1):
_signal_map['RTMIN+{0}'.format(i)] = _signal_map['RTMIN'] + i
_signal_map['RTMAX-{0}'.format(i)] = _signal_map['RTMAX'] - i
for i in range(1, _signal_map["RTMAX"] - _signal_map["RTMIN"] + 1):
_signal_map["RTMIN+{0}".format(i)] = _signal_map["RTMIN"] + i
_signal_map["RTMAX-{0}".format(i)] = _signal_map["RTMAX"] - i
def normalize_signal(signal_name_or_number):
@ -320,7 +382,7 @@ def normalize_signal(signal_name_or_number):
return signal_name_or_number
else:
signal_name = signal_name_or_number.upper()
if signal_name.startswith('SIG'):
if signal_name.startswith("SIG"):
signal_name = signal_name[3:]
if signal_name not in _signal_map:
raise RuntimeError("Unknown signal '{0}'".format(signal_name_or_number))
@ -328,13 +390,15 @@ def normalize_signal(signal_name_or_number):
def get_podman_version(module, fail=True):
executable = module.params['executable'] if module.params['executable'] else 'podman'
rc, out, err = module.run_command(
[executable, b'--version'])
executable = (
module.params["executable"] if module.params["executable"] else "podman"
)
rc, out, err = module.run_command([executable, b"--version"])
if rc != 0 or not out or "version" not in out:
if fail:
module.fail_json(msg="'%s --version' run failed! Error: %s" %
(executable, err))
module.fail_json(
msg="'%s --version' run failed! Error: %s" % (executable, err)
)
return None
return out.split("version")[1].strip()
@ -409,16 +473,23 @@ def diff_generic(params, info_config, module_arg, cmd_arg, boolean_type=False):
if before:
before = ",".join(sorted([str(i).lower() for i in before]))
else:
before = ''
before = ""
elif isinstance(after, dict):
if module_arg == "log_opt" and "max_size" in after:
after["max-size"] = after.pop("max_size")
after = ",".join(sorted(
[str(k).lower() + "=" + str(v).lower() for k, v in after.items() if v is not None]))
after = ",".join(
sorted(
[
str(k).lower() + "=" + str(v).lower()
for k, v in after.items()
if v is not None
]
)
)
if before:
before = ",".join(sorted([j.lower() for j in before]))
else:
before = ''
before = ""
elif isinstance(after, bool):
after = str(after).capitalize()
if before is not None:

1732
plugins/module_utils/podman/podman_container_lib.py
View file

File diff suppressed because it is too large Load diff

817
plugins/module_utils/podman/podman_pod_lib.py
View file

File diff suppressed because it is too large Load diff

406
plugins/module_utils/podman/quadlet.py
View file

@ -2,12 +2,15 @@
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
import os
import shlex
from ansible_collections.containers.podman.plugins.module_utils.podman.common import compare_systemd_file_content
from ansible_collections.containers.podman.plugins.module_utils.podman.common import (
compare_systemd_file_content,
)
QUADLET_ROOT_PATH = "/etc/containers/systemd/"
QUADLET_NON_ROOT_PATH = "~/.config/containers/systemd/"
@ -52,102 +55,107 @@ class Quadlet:
Construct the quadlet content as a string.
"""
custom_user_options = self.custom_params.get("quadlet_options")
custom_text = "\n" + "\n".join(custom_user_options) if custom_user_options else ""
return f"[{self.section}]\n" + "\n".join(
f"{key}={value}" for key, value in self.dict_params
) + custom_text + "\n"
custom_text = (
"\n" + "\n".join(custom_user_options) if custom_user_options else ""
)
return (
f"[{self.section}]\n"
+ "\n".join(f"{key}={value}" for key, value in self.dict_params)
+ custom_text
+ "\n"
)
def write_to_file(self, path: str):
"""
Write the quadlet content to a file at the specified path.
"""
content = self.create_quadlet_content()
with open(path, 'w') as file:
with open(path, "w") as file:
file.write(content)
class ContainerQuadlet(Quadlet):
param_map = {
'cap_add': 'AddCapability',
'device': 'AddDevice',
'annotation': 'Annotation',
'name': 'ContainerName',
"cap_add": "AddCapability",
"device": "AddDevice",
"annotation": "Annotation",
"name": "ContainerName",
# the following are not implemented yet in Podman module
'AutoUpdate': 'AutoUpdate',
'ContainersConfModule': 'ContainersConfModule',
"AutoUpdate": "AutoUpdate",
"ContainersConfModule": "ContainersConfModule",
# end of not implemented yet
'dns': 'DNS',
'dns_option': 'DNSOption',
'dns_search': 'DNSSearch',
'cap_drop': 'DropCapability',
'cgroups': 'CgroupsMode',
'entrypoint': 'Entrypoint',
'env': 'Environment',
'env_file': 'EnvironmentFile',
'env_host': 'EnvironmentHost',
'etc_hosts': 'AddHost',
'command': 'Exec',
'expose': 'ExposeHostPort',
'gidmap': 'GIDMap',
'global_args': 'GlobalArgs',
'group': 'Group', # Does not exist in module parameters
'group_add': 'GroupAdd',
'healthcheck': 'HealthCmd',
'healthcheck_interval': 'HealthInterval',
'healthcheck_failure_action': 'HealthOnFailure',
'healthcheck_retries': 'HealthRetries',
'healthcheck_start_period': 'HealthStartPeriod',
'healthcheck_timeout': 'HealthTimeout',
'health_startup_cmd': 'HealthStartupCmd',
'health_startup_interval': 'HealthStartupInterval',
'health_startup_retries': 'HealthStartupRetries',
'health_startup_success': 'HealthStartupSuccess',
'health_startup_timeout': 'HealthStartupTimeout',
'hostname': 'HostName',
'image': 'Image',
'ip': 'IP',
'ip6': 'IP6',
'label': 'Label',
'log_driver': 'LogDriver',
'log_opt': 'LogOpt',
"dns": "DNS",
"dns_option": "DNSOption",
"dns_search": "DNSSearch",
"cap_drop": "DropCapability",
"cgroups": "CgroupsMode",
"entrypoint": "Entrypoint",
"env": "Environment",
"env_file": "EnvironmentFile",
"env_host": "EnvironmentHost",
"etc_hosts": "AddHost",
"command": "Exec",
"expose": "ExposeHostPort",
"gidmap": "GIDMap",
"global_args": "GlobalArgs",
"group": "Group", # Does not exist in module parameters
"group_add": "GroupAdd",
"healthcheck": "HealthCmd",
"healthcheck_interval": "HealthInterval",
"healthcheck_failure_action": "HealthOnFailure",
"healthcheck_retries": "HealthRetries",
"healthcheck_start_period": "HealthStartPeriod",
"healthcheck_timeout": "HealthTimeout",
"health_startup_cmd": "HealthStartupCmd",
"health_startup_interval": "HealthStartupInterval",
"health_startup_retries": "HealthStartupRetries",
"health_startup_success": "HealthStartupSuccess",
"health_startup_timeout": "HealthStartupTimeout",
"hostname": "HostName",
"image": "Image",
"ip": "IP",
"ip6": "IP6",
"label": "Label",
"log_driver": "LogDriver",
"log_opt": "LogOpt",
"Mask": "Mask", # add it in security_opt
'mount': 'Mount',
'network': 'Network',
'network_aliases': 'NetworkAlias',
'no_new_privileges': 'NoNewPrivileges',
'sdnotify': 'Notify',
'pids_limit': 'PidsLimit',
'pod': 'Pod',
'publish': 'PublishPort',
"mount": "Mount",
"network": "Network",
"network_aliases": "NetworkAlias",
"no_new_privileges": "NoNewPrivileges",
"sdnotify": "Notify",
"pids_limit": "PidsLimit",
"pod": "Pod",
"publish": "PublishPort",
"pull": "Pull",
'read_only': 'ReadOnly',
'read_only_tmpfs': 'ReadOnlyTmpfs',
'rootfs': 'Rootfs',
'init': 'RunInit',
'SeccompProfile': 'SeccompProfile',
'secrets': 'Secret',
"read_only": "ReadOnly",
"read_only_tmpfs": "ReadOnlyTmpfs",
"rootfs": "Rootfs",
"init": "RunInit",
"SeccompProfile": "SeccompProfile",
"secrets": "Secret",
# All these are in security_opt
'SecurityLabelDisable': 'SecurityLabelDisable',
'SecurityLabelFileType': 'SecurityLabelFileType',
'SecurityLabelLevel': 'SecurityLabelLevel',
'SecurityLabelNested': 'SecurityLabelNested',
'SecurityLabelType': 'SecurityLabelType',
'shm_size': 'ShmSize',
'stop_signal': 'StopSignal',
'stop_timeout': 'StopTimeout',
'subgidname': 'SubGIDMap',
'subuidname': 'SubUIDMap',
'sysctl': 'Sysctl',
'timezone': 'Timezone',
'tmpfs': 'Tmpfs',
'uidmap': 'UIDMap',
'ulimit': 'Ulimit',
'Unmask': 'Unmask', # --security-opt unmask=ALL
'user': 'User',
'userns': 'UserNS',
'volume': 'Volume',
'workdir': 'WorkingDir',
'podman_args': 'PodmanArgs',
"SecurityLabelDisable": "SecurityLabelDisable",
"SecurityLabelFileType": "SecurityLabelFileType",
"SecurityLabelLevel": "SecurityLabelLevel",
"SecurityLabelNested": "SecurityLabelNested",
"SecurityLabelType": "SecurityLabelType",
"shm_size": "ShmSize",
"stop_signal": "StopSignal",
"stop_timeout": "StopTimeout",
"subgidname": "SubGIDMap",
"subuidname": "SubUIDMap",
"sysctl": "Sysctl",
"timezone": "Timezone",
"tmpfs": "Tmpfs",
"uidmap": "UIDMap",
"ulimit": "Ulimit",
"Unmask": "Unmask", # --security-opt unmask=ALL
"user": "User",
"userns": "UserNS",
"volume": "Volume",
"workdir": "WorkingDir",
"podman_args": "PodmanArgs",
}
def __init__(self, params: dict):
@ -159,27 +167,36 @@ class ContainerQuadlet(Quadlet):
"""
# Work on params in params_map and convert them to a right form
if params["annotation"]:
params['annotation'] = ["%s=%s" %
(k, v) for k, v in params['annotation'].items()]
params["annotation"] = [
"%s=%s" % (k, v) for k, v in params["annotation"].items()
]
if params["cap_add"]:
params["cap_add"] = " ".join(params["cap_add"])
if params["cap_drop"]:
params["cap_drop"] = " ".join(params["cap_drop"])
if params["command"]:
params["command"] = (" ".join([str(j) for j in params["command"]])
if isinstance(params["command"], list)
else params["command"])
params["command"] = (
" ".join([str(j) for j in params["command"]])
if isinstance(params["command"], list)
else params["command"]
)
if params["label"]:
params["label"] = [shlex.quote("%s=%s" % (k, v)) for k, v in params["label"].items()]
params["label"] = [
shlex.quote("%s=%s" % (k, v)) for k, v in params["label"].items()
]
if params["env"]:
params["env"] = [shlex.quote("%s=%s" % (k, v)) for k, v in params["env"].items()]
params["env"] = [
shlex.quote("%s=%s" % (k, v)) for k, v in params["env"].items()
]
if params["rootfs"]:
params["rootfs"] = params["image"]
params["image"] = None
if params["sysctl"]:
params["sysctl"] = ["%s=%s" % (k, v) for k, v in params["sysctl"].items()]
if params["tmpfs"]:
params["tmpfs"] = ["%s:%s" % (k, v) if v else k for k, v in params["tmpfs"].items()]
params["tmpfs"] = [
"%s:%s" % (k, v) if v else k for k, v in params["tmpfs"].items()
]
# Work on params which are not in the param_map but can be calculated
params["global_args"] = []
@ -208,8 +225,14 @@ class ContainerQuadlet(Quadlet):
if params["blkio_weight"]:
params["podman_args"].append(f"--blkio-weight {params['blkio_weight']}")
if params["blkio_weight_device"]:
params["podman_args"].append(" ".join([
f"--blkio-weight-device {':'.join(blkio)}" for blkio in params["blkio_weight_device"].items()]))
params["podman_args"].append(
" ".join(
[
f"--blkio-weight-device {':'.join(blkio)}"
for blkio in params["blkio_weight_device"].items()
]
)
)
if params["cgroupns"]:
params["podman_args"].append(f"--cgroupns {params['cgroupns']}")
if params["cgroup_conf"]:
@ -242,7 +265,9 @@ class ContainerQuadlet(Quadlet):
if params["decryption_key"]:
params["podman_args"].append(f"--decryption-key {params['decryption_key']}")
if params["device_cgroup_rule"]:
params["podman_args"].append(f"--device-cgroup-rule {params['device_cgroup_rule']}")
params["podman_args"].append(
f"--device-cgroup-rule {params['device_cgroup_rule']}"
)
if params["device_read_bps"]:
for i in params["device_read_bps"]:
params["podman_args"].append(f"--device-read-bps {i}")
@ -256,7 +281,9 @@ class ContainerQuadlet(Quadlet):
for i in params["device_write_iops"]:
params["podman_args"].append(f"--device-write-iops {i}")
if params["etc_hosts"]:
params['etc_hosts'] = ["%s:%s" % (k, v) for k, v in params['etc_hosts'].items()]
params["etc_hosts"] = [
"%s:%s" % (k, v) for k, v in params["etc_hosts"].items()
]
if params["env_merge"]:
for k, v in params["env_merge"].items():
params["podman_args"].append(f"--env {k}={v}")
@ -287,24 +314,32 @@ class ContainerQuadlet(Quadlet):
params["podman_args"].append(f"--label-file {params['label_file']}")
if params["log_opt"]:
params["log_opt"] = [
"%s=%s" % (k.replace('max_size', 'max-size'), v)
for k, v in params['log_opt'].items() if v is not None]
"%s=%s" % (k.replace("max_size", "max-size"), v)
for k, v in params["log_opt"].items()
if v is not None
]
if params["mac_address"]:
params["podman_args"].append(f"--mac-address {params['mac_address']}")
if params["memory"]:
params["podman_args"].append(f"--memory {params['memory']}")
if params["memory_reservation"]:
params["podman_args"].append(f"--memory-reservation {params['memory_reservation']}")
params["podman_args"].append(
f"--memory-reservation {params['memory_reservation']}"
)
if params["memory_swap"]:
params["podman_args"].append(f"--memory-swap {params['memory_swap']}")
if params["memory_swappiness"]:
params["podman_args"].append(f"--memory-swappiness {params['memory_swappiness']}")
params["podman_args"].append(
f"--memory-swappiness {params['memory_swappiness']}"
)
if params["no_healthcheck"]:
params["podman_args"].append("--no-healthcheck")
if params["no_hosts"] is not None:
params["podman_args"].append(f"--no-hosts={params['no_hosts']}")
if params["oom_kill_disable"]:
params["podman_args"].append(f"--oom-kill-disable={params['oom_kill_disable']}")
params["podman_args"].append(
f"--oom-kill-disable={params['oom_kill_disable']}"
)
if params["oom_score_adj"]:
params["podman_args"].append(f"--oom-score-adj {params['oom_score_adj']}")
if params["os"]:
@ -350,7 +385,9 @@ class ContainerQuadlet(Quadlet):
for security_opt in params["security_opt"]:
params["podman_args"].append(f"--security-opt {security_opt}")
if params["shm_size_systemd"]:
params["podman_args"].append(f"--shm-size-systemd {params['shm_size_systemd']}")
params["podman_args"].append(
f"--shm-size-systemd {params['shm_size_systemd']}"
)
if params["sig_proxy"]:
params["podman_args"].append(f"--sig-proxy {params['sig_proxy']}")
if params["systemd"]:
@ -358,7 +395,9 @@ class ContainerQuadlet(Quadlet):
if params["timeout"]:
params["podman_args"].append(f"--timeout {params['timeout']}")
if params["tls_verify"]:
params["podman_args"].append(f"--tls-verify={str(params['tls_verify']).lower()}")
params["podman_args"].append(
f"--tls-verify={str(params['tls_verify']).lower()}"
)
if params["tty"]:
params["podman_args"].append("--tty")
if params["umask"]:
@ -384,17 +423,17 @@ class ContainerQuadlet(Quadlet):
class NetworkQuadlet(Quadlet):
param_map = {
'name': 'NetworkName',
'internal': 'Internal',
'driver': 'Driver',
'gateway': 'Gateway',
'disable_dns': 'DisableDNS',
'subnet': 'Subnet',
'ip_range': 'IPRange',
'ipv6': 'IPv6',
"name": "NetworkName",
"internal": "Internal",
"driver": "Driver",
"gateway": "Gateway",
"disable_dns": "DisableDNS",
"subnet": "Subnet",
"ip_range": "IPRange",
"ipv6": "IPv6",
"opt": "Options",
# Add more parameter mappings specific to networks
'ContainersConfModule': 'ContainersConfModule',
"ContainersConfModule": "ContainersConfModule",
"dns": "DNS",
"ipam_driver": "IPAMDriver",
"Label": "Label",
@ -424,11 +463,11 @@ class NetworkQuadlet(Quadlet):
# This is a inherited class that represents a Quadlet file for the Podman pod
class PodQuadlet(Quadlet):
param_map = {
'name': 'PodName',
"name": "PodName",
"network": "Network",
"publish": "PublishPort",
"volume": "Volume",
'ContainersConfModule': 'ContainersConfModule',
"ContainersConfModule": "ContainersConfModule",
"global_args": "GlobalArgs",
"podman_args": "PodmanArgs",
}
@ -445,15 +484,21 @@ class PodQuadlet(Quadlet):
params["podman_args"] = []
if params["add_host"]:
for host in params['add_host']:
for host in params["add_host"]:
params["podman_args"].append(f"--add-host {host}")
if params["cgroup_parent"]:
params["podman_args"].append(f"--cgroup-parent {params['cgroup_parent']}")
if params["blkio_weight"]:
params["podman_args"].append(f"--blkio-weight {params['blkio_weight']}")
if params["blkio_weight_device"]:
params["podman_args"].append(" ".join([
f"--blkio-weight-device {':'.join(blkio)}" for blkio in params["blkio_weight_device"].items()]))
params["podman_args"].append(
" ".join(
[
f"--blkio-weight-device {':'.join(blkio)}"
for blkio in params["blkio_weight_device"].items()
]
)
)
if params["cpuset_cpus"]:
params["podman_args"].append(f"--cpuset-cpus {params['cpuset_cpus']}")
if params["cpuset_mems"]:
@ -494,7 +539,9 @@ class PodQuadlet(Quadlet):
if params["infra_command"]:
params["podman_args"].append(f"--infra-command {params['infra_command']}")
if params["infra_conmon_pidfile"]:
params["podman_args"].append(f"--infra-conmon-pidfile {params['infra_conmon_pidfile']}")
params["podman_args"].append(
f"--infra-conmon-pidfile {params['infra_conmon_pidfile']}"
)
if params["infra_image"]:
params["podman_args"].append(f"--infra-image {params['infra_image']}")
if params["infra_name"]:
@ -528,11 +575,15 @@ class PodQuadlet(Quadlet):
if params["share"]:
params["podman_args"].append(f"--share {params['share']}")
if params["share_parent"] is not None:
params["podman_args"].append(f"--share-parent={str(params['share_parent']).lower()}")
params["podman_args"].append(
f"--share-parent={str(params['share_parent']).lower()}"
)
if params["shm_size"]:
params["podman_args"].append(f"--shm-size {params['shm_size']}")
if params["shm_size_systemd"]:
params["podman_args"].append(f"--shm-size-systemd {params['shm_size_systemd']}")
params["podman_args"].append(
f"--shm-size-systemd {params['shm_size_systemd']}"
)
if params["subgidname"]:
params["podman_args"].append(f"--subgidname {params['subgidname']}")
if params["subuidname"]:
@ -559,13 +610,13 @@ class PodQuadlet(Quadlet):
# This is a inherited class that represents a Quadlet file for the Podman volume
class VolumeQuadlet(Quadlet):
param_map = {
'name': 'VolumeName',
'driver': 'Driver',
'label': 'Label',
"name": "VolumeName",
"driver": "Driver",
"label": "Label",
# 'opt': 'Options',
'ContainersConfModule': 'ContainersConfModule',
'global_args': 'GlobalArgs',
'podman_args': 'PodmanArgs',
"ContainersConfModule": "ContainersConfModule",
"global_args": "GlobalArgs",
"podman_args": "PodmanArgs",
}
def __init__(self, params: dict):
@ -593,19 +644,19 @@ class VolumeQuadlet(Quadlet):
# This is a inherited class that represents a Quadlet file for the Podman kube
class KubeQuadlet(Quadlet):
param_map = {
'configmap': 'ConfigMap',
'log_driver': 'LogDriver',
'network': 'Network',
'kube_file': 'Yaml',
'userns': 'UserNS',
'AutoUpdate': 'AutoUpdate',
'ExitCodePropagation': 'ExitCodePropagation',
'KubeDownForce': 'KubeDownForce',
'PublishPort': 'PublishPort',
'SetWorkingDirectory': 'SetWorkingDirectory',
'ContainersConfModule': 'ContainersConfModule',
'global_args': 'GlobalArgs',
'podman_args': 'PodmanArgs',
"configmap": "ConfigMap",
"log_driver": "LogDriver",
"network": "Network",
"kube_file": "Yaml",
"userns": "UserNS",
"AutoUpdate": "AutoUpdate",
"ExitCodePropagation": "ExitCodePropagation",
"KubeDownForce": "KubeDownForce",
"PublishPort": "PublishPort",
"SetWorkingDirectory": "SetWorkingDirectory",
"ContainersConfModule": "ContainersConfModule",
"global_args": "GlobalArgs",
"podman_args": "PodmanArgs",
}
def __init__(self, params: dict):
@ -628,20 +679,20 @@ class KubeQuadlet(Quadlet):
# This is a inherited class that represents a Quadlet file for the Podman image
class ImageQuadlet(Quadlet):
param_map = {
'AllTags': 'AllTags',
'arch': 'Arch',
'authfile': 'AuthFile',
'ca_cert_dir': 'CertDir',
'creds': 'Creds',
'DecryptionKey': 'DecryptionKey',
'name': 'Image',
'ImageTag': 'ImageTag',
'OS': 'OS',
'validate_certs': 'TLSVerify',
'Variant': 'Variant',
'ContainersConfModule': 'ContainersConfModule',
'global_args': 'GlobalArgs',
'podman_args': 'PodmanArgs',
"AllTags": "AllTags",
"arch": "Arch",
"authfile": "AuthFile",
"ca_cert_dir": "CertDir",
"creds": "Creds",
"DecryptionKey": "DecryptionKey",
"name": "Image",
"ImageTag": "ImageTag",
"OS": "OS",
"validate_certs": "TLSVerify",
"Variant": "Variant",
"ContainersConfModule": "ContainersConfModule",
"global_args": "GlobalArgs",
"podman_args": "PodmanArgs",
}
def __init__(self, params: dict):
@ -664,20 +715,20 @@ class ImageQuadlet(Quadlet):
def check_quadlet_directory(module, quadlet_dir):
'''Check if the directory exists and is writable. If not, fail the module.'''
"""Check if the directory exists and is writable. If not, fail the module."""
if not os.path.exists(quadlet_dir):
try:
os.makedirs(quadlet_dir)
except Exception as e:
module.fail_json(
msg="Directory for quadlet_file can't be created: %s" % e)
module.fail_json(msg="Directory for quadlet_file can't be created: %s" % e)
if not os.access(quadlet_dir, os.W_OK):
module.fail_json(
msg="Directory for quadlet_file is not writable: %s" % quadlet_dir)
msg="Directory for quadlet_file is not writable: %s" % quadlet_dir
)
def create_quadlet_state(module, issuer):
'''Create a quadlet file for the specified issuer.'''
"""Create a quadlet file for the specified issuer."""
class_map = {
"container": ContainerQuadlet,
"network": NetworkQuadlet,
@ -688,20 +739,22 @@ def create_quadlet_state(module, issuer):
}
# Let's detect which user is running
user = "root" if os.geteuid() == 0 else "user"
quadlet_dir = module.params.get('quadlet_dir')
quadlet_dir = module.params.get("quadlet_dir")
if not quadlet_dir:
if user == "root":
quadlet_dir = QUADLET_ROOT_PATH
else:
quadlet_dir = os.path.expanduser(QUADLET_NON_ROOT_PATH)
# Create a filename based on the issuer
if not module.params.get('name') and not module.params.get('quadlet_filename'):
module.fail_json(msg=f"Filename for {issuer} is required for creating a quadlet file.")
if not module.params.get("name") and not module.params.get("quadlet_filename"):
module.fail_json(
msg=f"Filename for {issuer} is required for creating a quadlet file."
)
if issuer == "image":
name = module.params['name'].split("/")[-1].split(":")[0]
name = module.params["name"].split("/")[-1].split(":")[0]
else:
name = module.params.get('name')
quad_file_name = module.params['quadlet_filename']
name = module.params.get("name")
quad_file_name = module.params["quadlet_filename"]
if quad_file_name and not quad_file_name.endswith(f".{issuer}"):
quad_file_name = f"{quad_file_name}.{issuer}"
filename = quad_file_name or f"{name}.{issuer}"
@ -710,10 +763,10 @@ def create_quadlet_state(module, issuer):
if not module.check_mode:
check_quadlet_directory(module, quadlet_dir)
# Specify file permissions
mode = module.params.get('quadlet_file_mode', None)
mode = module.params.get("quadlet_file_mode", None)
if mode is None and not os.path.exists(quadlet_file_path):
# default mode for new quadlet file only
mode = '0640'
mode = "0640"
# Check if file already exists and if it's different
quadlet = class_map[issuer](module.params)
quadlet_content = quadlet.create_quadlet_content()
@ -724,22 +777,31 @@ def create_quadlet_state(module, issuer):
if mode is not None:
module.set_mode_if_different(quadlet_file_path, mode, False)
results_update = {
'changed': True,
"changed": True,
"diff": {
"before": "\n".join(file_diff[0]) if isinstance(file_diff[0], list) else file_diff[0] + "\n",
"after": "\n".join(file_diff[1]) if isinstance(file_diff[1], list) else file_diff[1] + "\n",
}}
"before": (
"\n".join(file_diff[0])
if isinstance(file_diff[0], list)
else file_diff[0] + "\n"
),
"after": (
"\n".join(file_diff[1])
if isinstance(file_diff[1], list)
else file_diff[1] + "\n"
),
},
}
else:
# adjust file permissions
diff = {}
if mode is not None and module.set_mode_if_different(quadlet_file_path, mode, False, diff):
results_update = {
'changed': True,
'diff': diff
}
if mode is not None and module.set_mode_if_different(
quadlet_file_path, mode, False, diff
):
results_update = {"changed": True, "diff": diff}
else:
results_update = {}
return results_update
# Check with following command:
# QUADLET_UNIT_DIRS=<Directory> /usr/lib/systemd/system-generators/podman-system-generator {--user} --dryrun