ansible/ansible-podman-collections
1
0
Fork 0
mirror of https://github.com/containers/ansible-podman-collections.git synced 2026-02-04 07:11:49 +00:00
Code Activity

Add new options for podman_container

Browse source 
Signed-off-by: Sagi Shnaidman <sshnaidm@redhat.com>
This commit is contained in:
Sagi Shnaidman 2024-05-20 14:15:33 +03:00
parent a9e92c902b
commit 83df32c062
13 changed files with 1376 additions and 410 deletions
Download patch file Download diff file Expand all files Collapse all files

892
plugins/module_utils/podman/podman_container_lib.py
View file

File diff suppressed because it is too large Load diff

84
plugins/module_utils/podman/quadlet.py
View file

@ -94,19 +94,15 @@ class ContainerQuadlet(Quadlet):
'healthcheck_retries': 'HealthRetries',
'healthcheck_start_period': 'HealthStartPeriod',
'healthcheck_timeout': 'HealthTimeout',
# the following are not implemented yet in Podman module
'HealthStartupCmd': 'HealthStartupCmd',
'HealthStartupInterval': 'HealthStartupInterval',
'HealthStartupRetries': 'HealthStartupRetries',
'HealthStartupSuccess': 'HealthStartupSuccess',
'HealthStartupTimeout': 'HealthStartupTimeout',
# end of not implemented yet
'health_startup_cmd': 'HealthStartupCmd',
'health_startup_interval': 'HealthStartupInterval',
'health_startup_retries': 'HealthStartupRetries',
'health_startup_success': 'HealthStartupSuccess',
'health_startup_timeout': 'HealthStartupTimeout',
'hostname': 'HostName',
'image': 'Image',
'ip': 'IP',
# the following are not implemented yet in Podman module
'IP6': 'IP6',
# end of not implemented yet
'ip6': 'IP6',
'label': 'Label',
'log_driver': 'LogDriver',
"Mask": "Mask", # add it in security_opt
@ -117,9 +113,7 @@ class ContainerQuadlet(Quadlet):
'pids_limit': 'PidsLimit',
'pod': 'Pod',
'publish': 'PublishPort',
# the following are not implemented yet in Podman module
"Pull": "Pull",
# end of not implemented yet
"pull": "Pull",
'read_only': 'ReadOnly',
'read_only_tmpfs': 'ReadOnlyTmpfs',
'rootfs': 'Rootfs',
@ -194,6 +188,8 @@ class ContainerQuadlet(Quadlet):
# Work on params which are not in the param_map and add them to PodmanArgs
params["podman_args"] = []
if params["arch"]:
params["podman_args"].append(f"--arch {params['arch']}")
if params["authfile"]:
params["podman_args"].append(f"--authfile {params['authfile']}")
if params["attach"]:
@ -206,8 +202,13 @@ class ContainerQuadlet(Quadlet):
f"--blkio-weight-device {':'.join(blkio)}" for blkio in params["blkio_weight_device"].items()]))
if params["cgroupns"]:
params["podman_args"].append(f"--cgroupns {params['cgroupns']}")
if params["cgroup_conf"]:
for k, v in params["cgroup_conf"].items():
params["podman_args"].append(f"--cgroup-conf {k}={v}")
if params["cgroup_parent"]:
params["podman_args"].append(f"--cgroup-parent {params['cgroup_parent']}")
if params["chrootdirs"]:
params["podman_args"].append(f"--chrootdirs {params['chrootdirs']}")
if params["cidfile"]:
params["podman_args"].append(f"--cidfile {params['cidfile']}")
if params["conmon_pidfile"]:
@ -226,6 +227,10 @@ class ContainerQuadlet(Quadlet):
params["podman_args"].append(f"--cpu-rt-runtime {params['cpu_rt_runtime']}")
if params["cpu_shares"]:
params["podman_args"].append(f"--cpu-shares {params['cpu_shares']}")
if params["decryption_key"]:
params["podman_args"].append(f"--decryption-key {params['decryption_key']}")
if params["device_cgroup_rule"]:
params["podman_args"].append(f"--device-cgroup-rule {params['device_cgroup_rule']}")
if params["device_read_bps"]:
for i in params["device_read_bps"]:
params["podman_args"].append(f"--device-read-bps {i}")
@ -241,6 +246,15 @@ class ContainerQuadlet(Quadlet):
if params["etc_hosts"]:
for host_ip in params['etc_hosts'].items():
params["podman_args"].append(f"--add-host {':'.join(host_ip)}")
if params["env_merge"]:
for k, v in params["env_merge"].items():
params["podman_args"].append(f"--env {k}={v}")
if params["gpus"]:
params["podman_args"].append(f"--gpus {params['gpus']}")
if params["group_entry"]:
params["podman_args"].append(f"--group-entry {params['group_entry']}")
if params["hostuser"]:
params["podman_args"].append(f"--hostuser {params['hostuser']}")
if params["hooks_dir"]:
for hook in params["hooks_dir"]:
params["podman_args"].append(f"--hooks-dir {hook}")
@ -248,6 +262,8 @@ class ContainerQuadlet(Quadlet):
params["podman_args"].append(f"--http-proxy {params['http_proxy']}")
if params["image_volume"]:
params["podman_args"].append(f"--image-volume {params['image_volume']}")
if params["init_ctr"]:
params["podman_args"].append(f"--init-ctr {params['init_ctr']}")
if params["init_path"]:
params["podman_args"].append(f"--init-path {params['init_path']}")
if params["interactive"]:
@ -274,37 +290,79 @@ class ContainerQuadlet(Quadlet):
if params["network_aliases"]:
for alias in params["network_aliases"]:
params["podman_args"].append(f"--network-alias {alias}")
if params["no_healthcheck"]:
params["podman_args"].append("--no-healthcheck")
if params["no_hosts"] is not None:
params["podman_args"].append(f"--no-hosts={params['no_hosts']}")
if params["oom_kill_disable"]:
params["podman_args"].append(f"--oom-kill-disable={params['oom_kill_disable']}")
if params["oom_score_adj"]:
params["podman_args"].append(f"--oom-score-adj {params['oom_score_adj']}")
if params["os"]:
params["podman_args"].append(f"--os {params['os']}")
if params["passwd"]:
params["podman_args"].append("--passwd")
if params["passwd_entry"]:
params["podman_args"].append(f"--passwd-entry {params['passwd_entry']}")
if params["personality"]:
params["podman_args"].append(f"--personality {params['personality']}")
if params["pid"]:
params["podman_args"].append(f"--pid {params['pid']}")
if params["pid_file"]:
params["podman_args"].append(f"--pid-file {params['pid_file']}")
if params["preserve_fd"]:
for pres in params["preserve_fd"]:
params["podman_args"].append(f"--preserve-fd {pres}")
if params["preserve_fds"]:
params["podman_args"].append(f"--preserve-fds {params['preserve_fds']}")
if params["privileged"]:
params["podman_args"].append("--privileged")
if params["publish_all"]:
params["podman_args"].append("--publish-all")
if params["rdt_class"]:
params["podman_args"].append(f"--rdt-class {params['rdt_class']}")
if params["requires"]:
params["podman_args"].append(f"--requires {','.join(params['requires'])}")
if params["restart_policy"]:
params["podman_args"].append(f"--restart-policy {params['restart_policy']}")
if params["retry"]:
params["podman_args"].append(f"--retry {params['retry']}")
if params["retry_delay"]:
params["podman_args"].append(f"--retry-delay {params['retry_delay']}")
if params["rm"]:
params["podman_args"].append("--rm")
if params["rmi"]:
params["podman_args"].append("--rmi")
if params["seccomp_policy"]:
params["podman_args"].append(f"--seccomp-policy {params['seccomp_policy']}")
if params["security_opt"]:
for security_opt in params["security_opt"]:
params["podman_args"].append(f"--security-opt {security_opt}")
if params["shm_size_systemd"]:
params["podman_args"].append(f"--shm-size-systemd {params['shm_size_systemd']}")
if params["sig_proxy"]:
params["podman_args"].append(f"--sig-proxy {params['sig_proxy']}")
if params["stop_signal"]:
params["podman_args"].append(f"--stop-signal {params['stop_signal']}")
if params["systemd"]:
params["podman_args"].append(f"--systemd={str(params['systemd']).lower()}")
if params["timeout"]:
params["podman_args"].append(f"--timeout {params['timeout']}")
if params["tls_verify"]:
params["podman_args"].append(f"--tls-verify={str(params['tls_verify']).lower()}")
if params["tty"]:
params["podman_args"].append("--tty")
if params["umask"]:
params["podman_args"].append(f"--umask {params['umask']}")
if params["unsetenv"]:
for unset in params["unsetenv"]:
params["podman_args"].append(f"--unsetenv {unset}")
if params["unsetenv_all"]:
params["podman_args"].append("--unsetenv-all")
if params["uts"]:
params["podman_args"].append(f"--uts {params['uts']}")
if params["variant"]:
params["podman_args"].append(f"--variant {params['variant']}")
if params["volumes_from"]:
for volume in params["volumes_from"]:
params["podman_args"].append(f"--volumes-from {volume}")

196
plugins/modules/podman_container.py
View file

@ -79,6 +79,11 @@ options:
- Add an annotation to the container. The format is key value, multiple
times.
type: dict
arch:
description:
- Set the architecture for the container.
Override the architecture, defaults to hosts, of the image to be pulled. For example, arm.
type: str
attach:
description:
- Attach to STDIN, STDOUT or STDERR. The default in Podman is false.
@ -125,6 +130,10 @@ options:
the cgroups path of the init process. Cgroups will be created if they
do not already exist.
type: path
cgroup_conf:
description:
- When running on cgroup v2, specify the cgroup file to write to and its value.
type: dict
cgroupns:
description:
- Path to cgroups under which the cgroup for the container will be
@ -137,6 +146,10 @@ options:
The disabled option will force the container to not create CGroups,
and thus conflicts with CGroup options cgroupns and cgroup-parent.
type: str
chrootdirs:
description:
- Path to a directory inside the container that is treated as a chroot directory.
type: str
cidfile:
description:
- Write the container ID to the file
@ -196,6 +209,10 @@ options:
- Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only
effective on NUMA systems.
type: str
decryption_key:
description:
- The "key-passphrase" to be used for decryption of images. Key can point to keys and/or certificates.
type: str
delete_depend:
description:
- Remove selected container and recursively remove all containers that depend on it.
@ -234,6 +251,12 @@ options:
(e.g. device /dev/sdc:/dev/xvdc:rwm)
type: list
elements: str
device_cgroup_rule:
description:
- Add a rule to the cgroup allowed devices list.
The rule is expected to be in the format specified in the Linux kernel
documentation admin-guide/cgroup-v1/devices.
type: str
device_read_bps:
description:
- Limit read rate (bytes per second) from a device
@ -307,6 +330,10 @@ options:
- Use all current host environment variables in container.
Defaults to false.
type: bool
env_merge:
description:
- Preprocess default environment variables for the containers
type: dict
etc_hosts:
description:
- Dict of host-to-IP mappings, where each host name is a key in the
@ -436,6 +463,10 @@ options:
- Run the container in a new user namespace using the supplied mapping.
type: list
elements: str
gpus:
description:
- GPU devices to add to the container.
type: str
group_add:
description:
- Add additional groups to run as
@ -443,33 +474,70 @@ options:
elements: str
aliases:
- groups
group_entry:
description:
- Customize the entry that is written to the /etc/group file within the container when --user is used.
type: str
healthcheck:
description:
- Set or alter a healthcheck command for a container.
type: str
aliases:
- health_cmd
healthcheck_interval:
description:
- Set an interval for the healthchecks
(a value of disable results in no automatic timer setup)
(default "30s")
type: str
aliases:
- health_interval
healthcheck_retries:
description:
- The number of retries allowed before a healthcheck is considered to be
unhealthy. The default value is 3.
type: int
aliases:
- health_retries
healthcheck_start_period:
description:
- The initialization time needed for a container to bootstrap.
The value can be expressed in time format like 2m3s. The default value
is 0s
type: str
aliases:
- health_start_period
health_startup_cmd:
description:
- Set a startup healthcheck command for a container.
type: str
health_startup_interval:
description:
- Set an interval for the startup healthcheck.
type: str
health_startup_retries:
description:
- The number of attempts allowed before the startup healthcheck restarts the container.
If set to 0, the container is never restarted. The default is 0.
type: int
health_startup_success:
description:
- The number of successful runs required before the startup healthcheck succeeds
and the regular healthcheck begins. A value of 0 means that any success begins the regular healthcheck.
The default is 0.
type: int
health_startup_timeout:
description:
- The maximum time a startup healthcheck command has to complete before it is marked as failed.
type: str
healthcheck_timeout:
description:
- The maximum time allowed to complete the healthcheck before an interval
is considered failed. Like start-period, the value can be expressed in
a time format such as 1m22s. The default value is 30s
type: str
aliases:
- health_timeout
healthcheck_failure_action:
description:
- The action to be taken when the container is considered unhealthy. The action must be one of
@ -481,6 +549,8 @@ options:
- 'kill'
- 'restart'
- 'stop'
aliases:
- health_on_failure
hooks_dir:
description:
- Each .json file in the path configures a hook for Podman containers.
@ -493,6 +563,11 @@ options:
- Container host name. Sets the container host name that is available
inside the container.
type: str
hostuser:
description:
- Add a user account to /etc/passwd from the host to the container.
The Username or UID must exist on the host system.
type: str
http_proxy:
description:
- By default proxy environment variables are passed into the container if
@ -522,6 +597,14 @@ options:
- Run an init inside the container that forwards signals and reaps
processes. The default is false.
type: bool
init_ctr:
description:
- (Pods only). When using pods, create an init style container,
which is run after the infra container is started but before regular pod containers are started.
type: str
choices:
- 'once'
- 'always'
init_path:
description:
- Path to the container-init binary.
@ -542,6 +625,10 @@ options:
The address must be within the default CNI network's pool
(default 10.88.0.0/16).
type: str
ip6:
description:
- Specify a static IPv6 address for the container
type: str
ipc:
description:
- Default is to create a private IPC namespace (POSIX SysV IPC) for the
@ -671,6 +758,12 @@ options:
This is a limitation that will be removed in a later release.
type: list
elements: str
aliases:
- network_alias
no_healthcheck:
description:
- Disable any defined healthchecks for container.
type: bool
no_hosts:
description:
- Do not create /etc/hosts for the container
@ -685,23 +778,64 @@ options:
description:
- Tune the host's OOM preferences for containers (accepts -1000 to 1000)
type: int
os:
description:
- Override the OS, defaults to hosts, of the image to be pulled. For example, windows.
type: str
passwd:
description:
- Allow Podman to add entries to /etc/passwd and /etc/group when used in conjunction with the --user option.
This is used to override the Podman provided user setup in favor of entrypoint configurations
such as libnss-extrausers.
type: bool
passwd_entry:
description:
- Customize the entry that is written to the /etc/passwd file within the container when --passwd is used.
type: str
personality:
description:
- Personality sets the execution domain via Linux personality(2).
type: str
pid:
description:
- Set the PID mode for the container
type: str
aliases:
- pid_mode
pid_file:
description:
- When the pidfile location is specified, the container process' PID is written to the pidfile.
type: path
pids_limit:
description:
- Tune the container's PIDs limit. Set -1 to have unlimited PIDs for the
container.
type: str
platform:
description:
- Specify the platform for selecting the image.
type: str
pod:
description:
- Run container in an existing pod.
If you want podman to make the pod for you, prefix the pod name
with "new:"
type: str
pod_id_file:
description:
- Run container in an existing pod and read the pod's ID from the specified file.
When a container is run within a pod which has an infra-container,
the infra-container starts first.
type: path
preserve_fd:
description:
- Pass down to the process the additional file descriptors specified in the comma separated list.
type: list
elements: str
preserve_fds:
description:
- Pass down to the process N additional file descriptors (in addition to 0, 1, 2). The total FDs are 3\+N.
type: str
privileged:
description:
- Give extended privileges to this container. The default is false.
@ -724,6 +858,15 @@ options:
- Publish all exposed ports to random ports on the host interfaces. The
default is false.
type: bool
pull:
description:
- Pull image policy. The default is 'missing'.
type: str
choices:
- 'missing'
- 'always'
- 'never'
- 'newer'
quadlet_dir:
description:
- Path to the directory to write quadlet file in.
@ -740,6 +883,10 @@ options:
options as a list of lines to add.
type: list
elements: str
rdt_class:
description:
- Rdt-class sets the class of service (CLOS or COS) for the container to run in. Requires root.
type: str
read_only:
description:
- Mount the container's root filesystem as read only. Default is false
@ -779,6 +926,15 @@ options:
- Seconds to wait before forcibly stopping the container when restarting. Use -1 for infinite wait.
Applies to "restarted" status.
type: str
retry:
description:
- Number of times to retry pulling or pushing images between the registry and local storage in case of failure.
Default is 3.
type: int
retry_delay:
description:
- Duration of delay between retry attempts when pulling or pushing images between the registry and local storage in case of failure.
type: str
rm:
description:
- Automatically remove the container when it exits. The default is false.
@ -786,6 +942,11 @@ options:
aliases:
- remove
- auto_remove
rmi:
description:
- After exit of the container, remove the image unless another container is using it.
Implies --rm on the new container. The default is false.
type: bool
rootfs:
description:
- If true, the first argument refers to an exploded container on the file
@ -803,6 +964,10 @@ options:
L(documentation,https://docs.podman.io/en/latest/markdown/podman-run.1.html#secret-secret-opt-opt) for more details.
type: list
elements: str
seccomp_policy:
description:
- Specify the policy to select the seccomp profile.
type: str
security_opt:
description:
- Security Options. For example security_opt "seccomp=unconfined"
@ -817,6 +982,10 @@ options:
If you omit the unit, the system uses bytes. If you omit the size
entirely, the system uses 64m
type: str
shm_size_systemd:
description:
- Size of systemd-specific tmpfs mounts such as /run, /run/lock, /var/log/journal and /tmp.
type: str
sig_proxy:
description:
- Proxy signals sent to the podman run command to the container process.
@ -853,6 +1022,11 @@ options:
description:
- Run container in systemd mode. The default is true.
type: str
timeout:
description:
- Maximum time (in seconds) a container is allowed to run before conmon sends it the kill signal.
By default containers run until they exit or are stopped by "podman stop".
type: int
timezone:
description:
- Set timezone in container. This flag takes area-based timezones,
@ -861,6 +1035,10 @@ options:
See /usr/share/zoneinfo/ for valid timezones.
Remote connections use local containers.conf for defaults.
type: str
tls_verify:
description:
- Require HTTPS and verify certificates when pulling images.
type: bool
tmpfs:
description:
- Create a tmpfs mount. For example tmpfs
@ -882,6 +1060,20 @@ options:
elements: str
aliases:
- ulimits
umask:
description:
- Set the umask inside the container. Defaults to 0022.
Remote connections use local containers.conf for defaults.
type: str
unsetenv:
description:
- Unset default environment variables for the container.
type: list
elements: str
unsetenv_all:
description:
- Unset all default environment variables for the container.
type: bool
user:
description:
- Sets the username or UID used and optionally the groupname or GID for
@ -899,6 +1091,10 @@ options:
description:
- Set the UTS mode for the container
type: str
variant:
description:
- Use VARIANT instead of the default architecture variant of the container image.
type: str
volume:
description:
- Create a bind mount. If you specify, volume /HOST-DIR:/CONTAINER-DIR,

9
tests/integration/targets/podman_container_idempotency/tasks/idem_all.yml
View file

@ -162,10 +162,9 @@
command: 1h
register: test14
# We can't guess the default log path
- name: Check info with default log opt path
assert:
that: test14 is not changed
that: test14 is changed
- name: Run container with all log-opts
containers.podman.podman_container:
@ -238,8 +237,8 @@
that:
- test15 is changed
- test16 is not changed
- test17 is not changed
- test18 is not changed
- test17 is changed
- test18 is changed
- test19 is changed
- name: Run container with etc_hosts
@ -381,7 +380,7 @@
- name: Check info of second container with PID of container ID again
assert:
that: test29 is not changed
that: test29 is changed
- name: Remove dependent test container
containers.podman.podman_container:

468
tests/integration/targets/podman_container_idempotency/tasks/idem_bool_list_dict.yml Normal file
View file

@ -0,0 +1,468 @@
- name: Remove container
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
state: absent
- name: Run container with boolean key-value type - 1
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
register: resultx1
- name: Run container with boolean key-value type - 2
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
register: resultx2
- name: Run container with boolean key-value type - 3
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
tls_verify: false
register: resultx3
- name: Run container with boolean key-value type - 4
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
tls_verify: false
register: resultx4
- name: Run container with boolean key-value type - 5
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
tls_verify: true
register: resultx5
- name: Run container with boolean key-value type - 6
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
tls_verify: true
register: resultx6
- name: Run container with boolean key-value type - 7
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
tls_verify: false
register: resultx7
- name: Run container with boolean key-value type - 8
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
# tls_verify: false
register: resultx8
- name: Run container with boolean key-value type - 9
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
tls_verify: true
register: resultx9
- name: Run container with boolean key-value type - 10
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
# tls_verify: true
register: resultx10
- name: Assert checks
assert:
that:
- resultx1.changed == true
- resultx2.changed == false
- resultx3.changed == true
- resultx4.changed == false
- resultx5.changed == true
- resultx6.changed == false
- resultx7.changed == true
- resultx8.changed == true
- resultx9.changed == true
- resultx10.changed == true
- name: Remove container
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
state: absent
- name: Run container with list type - 1
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
unsetenv:
- HOME
- TERM
- USER
register: resultq1
- name: Run container with list type - 2
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
unsetenv:
- HOME
- TERM
- USER
register: resultq2
- name: Run container with list type - 3
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
unsetenv:
- HOME
register: resultq3
- name: Run container with list type - 4
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
unsetenv:
- HOME
register: resultq4
- name: Run container with list type - 5
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
register: resultq5
- name: Run container with list type - 6
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
register: resultq6
- name: Run container with list type - 7
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
unsetenv:
- USER
register: resultq7
- name: Run container with list type - 8
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
unsetenv:
- USER
register: resultq8
- name: Run container with list type - 9
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
register: resultq9
- name: Assert checks
assert:
that:
- resultq1.changed == true
- resultq2.changed == false
- resultq3.changed == true
- resultq4.changed == false
- resultq5.changed == true
- resultq6.changed == false
- resultq7.changed == true
- resultq8.changed == false
- resultq9.changed == true
- name: Remove container
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
state: absent
- name: Run container with boolean trigger type - 1
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
register: resulty1
- name: Run container with boolean trigger type - 2
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
register: resulty2
- name: Run container with boolean trigger type - 3
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
no_healthcheck: false
register: resulty3
- name: Run container with boolean trigger type - 4
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
no_healthcheck: false
register: resulty4
- name: Run container with boolean trigger type - 5
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
no_healthcheck: true
register: resulty5
- name: Run container with boolean trigger type - 6
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
no_healthcheck: true
register: resulty6
- name: Run container with boolean trigger type - 7
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
no_healthcheck: false
register: resulty7
- name: Run container with boolean trigger type - 8
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
# no_healthcheck: false
register: resulty8
- name: Run container with boolean trigger type - 9
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
no_healthcheck: true
register: resulty9
- name: Run container with boolean trigger type - 10
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
# no_healthcheck: true
register: resulty10
- name: Assert checks
assert:
that:
- resulty1.changed == true
- resulty2.changed == false
- resulty3.changed == false
- resulty4.changed == false
- resulty5.changed == true
- resulty6.changed == false
- resulty7.changed == true
- resulty8.changed == false
- resulty9.changed == true
- resulty10.changed == true
- name: Remove container
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
state: absent
- name: Run container with dict type - 1
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
log_opt:
max_size: 10m
tag: test
path: /var/log
register: resultv1
- name: Run container with dict type - 2
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
log_opt:
max_size: 10m
tag: test
path: /var/log
register: resultv2
- name: Run container with dict type - 3
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
log_opt:
max_size: 10m
register: resultv3
- name: Run container with dict type - 4
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
log_opt:
max_size: 10m
register: resultv4
- name: Run container with dict type - 5
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
register: resultv5
- name: Run container with dict type - 6
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
register: resultv6
- name: Run container with dict type - 7
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
log_opt:
tag: test
register: resultv7
- name: Run container with dict type - 8
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
log_opt:
tag: test
register: resultv8
- name: Run container with dict type - 9
containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
name: "idempotency"
image: "{{ idem_image }}"
state: present
command: 1h
register: resultv9
- name: Assert checks
assert:
that:
- resultq1.changed == true
- resultq2.changed == false
- resultq3.changed == true
- resultq4.changed == false
- resultq5.changed == true
- resultq6.changed == false
- resultq7.changed == true
- resultq8.changed == false
- resultq9.changed == true

22
tests/integration/targets/podman_container_idempotency/tasks/idem_ports.yml
View file

@ -33,7 +33,7 @@
- "4444:4444/tcp"
- "1212:5555"
- "8888:19191/udp"
- "1900:1900/udp"
- "19000:19000/udp"
- "127.0.0.1:7671:7676/udp"
- "127.0.0.1:12122:8876/udp"
- "127.0.0.1:13122:8871/tcp"
@ -41,6 +41,10 @@
- "127.0.0.2:43423:8872/tcp"
- "127.0.0.3:43423:8872"
- "0.0.0.0:15674:7846"
- 127.0.0.1:20000-20010:20000-20010/udp
- 0.0.0.0:20000-20010:20000-20010/tcp
- "10000-10010:10000-10010/udp"
- "[::1]:3001-3003:3001-3003"
register: test2
- name: check test2
@ -57,7 +61,7 @@
- "4444:4444/tcp"
- "1212:5555"
- "8888:19191/udp"
- "1900:1900/udp"
- "19000:19000/udp"
- "127.0.0.1:7671:7676/udp"
- "127.0.0.1:12122:8876/udp"
- "127.0.0.1:13122:8871/tcp"
@ -65,6 +69,10 @@
- "127.0.0.2:43423:8872/tcp"
- "127.0.0.3:43423:8872"
- "0.0.0.0:15674:7846"
- 127.0.0.1:20000-20010:20000-20010/udp
- 0.0.0.0:20000-20010:20000-20010/tcp
- "10000-10010:10000-10010/udp"
- "[::1]:3001-3003:3001-3003"
register: test3
- name: check test3
@ -95,7 +103,7 @@
- name: check test5
assert:
that: test5 is changed
that: test5 is not changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
@ -149,7 +157,7 @@
- name: check test9
assert:
that: test9 is not changed
that: test9 is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
@ -164,7 +172,7 @@
- name: check test9a
assert:
that: test9a is not changed
that: test9a is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
@ -213,7 +221,7 @@
- name: check test11
assert:
that: test11 is not changed
that: test11 is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
@ -226,7 +234,7 @@
- name: check test11a
assert:
that: test11a is not changed
that: test11a is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"

21
tests/integration/targets/podman_container_idempotency/tasks/idem_stopsignal.yml
View file

@ -34,7 +34,20 @@
- name: check test2
assert:
that: test2 is not changed
that: test2 is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
image: "{{ idem_image }}"
name: idempotency
state: present
stop_signal: 9
command: 1h
register: test2a
- name: check test2a
assert:
that: test2a is not changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
@ -46,7 +59,7 @@
- name: check test3
assert:
that: test3 is not changed
that: test3 is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
@ -122,7 +135,7 @@
- name: check test9
assert:
that: test9 is not changed
that: test9 is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
@ -184,7 +197,7 @@
- name: check test11
assert:
that: test11 is not changed
that: test11 is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"

6
tests/integration/targets/podman_container_idempotency/tasks/idem_users.yml
View file

@ -34,7 +34,7 @@
- name: check test2
assert:
that: test2 is not changed
that: test2 is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
@ -46,7 +46,7 @@
- name: check test3
assert:
that: test3 is not changed
that: test3 is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
@ -122,7 +122,7 @@
- name: check test9
assert:
that: test9 is not changed
that: test9 is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"

7
tests/integration/targets/podman_container_idempotency/tasks/idem_workdir.yml
View file

@ -34,13 +34,14 @@
- name: check test2
assert:
that: test2 is not changed
that: test2 is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
image: "{{ idem_image }}"
name: idempotency
state: present
workdir: /work
command: 1h
register: test3
@ -122,7 +123,7 @@
- name: check test9
assert:
that: test9 is not changed
that: test9 is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"
@ -184,7 +185,7 @@
- name: check test11
assert:
that: test11 is not changed
that: test11 is changed
- containers.podman.podman_container:
executable: "{{ test_executable | default('podman') }}"

1
tests/integration/targets/podman_container_idempotency/tasks/main.yml
View file

@ -45,6 +45,7 @@
- name: Test idempotency of systemd generation
include_tasks: idem_systemd.yml
when: podman_version | int > 3
- name: Test idempotency of other settings
include_tasks: idem_all.yml

4
tests/integration/targets/podman_container_idempotency/tasks/root-podman.yml
View file

@ -162,7 +162,7 @@
- name: Check that it is recreated
assert:
that:
- info7 is not changed
- info7 is changed
- name: Run container with publishing ports and ipv6
containers.podman.podman_container:
@ -178,6 +178,7 @@
- "127.0.0.1:7671:7676/udp"
- "127.0.0.3:43423:8872"
- "[::1]:34523:35425"
- "40001-40010"
register: info8
- name: Check that it is recreated
@ -199,6 +200,7 @@
- "127.0.0.1:7671:7676/udp"
- "127.0.0.3:43423:8872"
- "[::1]:34523:35425"
- "40001-40010"
register: info9
- name: Check that it is recreated

4
tests/integration/targets/podman_container_idempotency/tasks/rootless-podman-network.yml
View file

@ -109,7 +109,7 @@
that:
- info5 is changed
- when: podman_version < 5
- when: podman_version | int < 5
name: Run container tasks with slirp4netns options before v5
block:
- name: Run container with slirp4netns options
@ -161,7 +161,7 @@
- info8 is changed
- when: podman_version >= 5
- when: podman_version | int >= 5
name: Run container tasks with pasta options for v5 and later
block:
- name: Run container with pasta options

72
tests/unit/plugins/modules/test_container_lib.py
View file

@ -66,7 +66,15 @@ def test_container_add_params(test_input, expected):
[
None, # module
{"conmon_pidfile": "bbb"}, # module params
{"conmonpidfile": "ccc"}, # container info
{"conmonpidfile": "ccc",
"config": {
"createcommand": [
"podman",
"create",
"--conmon-pidfile=ccc",
"testcont",
]}
}, # container info
{}, # image info
"4.1.1", # podman version
],
@ -76,7 +84,67 @@ def test_container_add_params(test_input, expected):
[
None, # module
{"conmon_pidfile": None}, # module params
{"conmonpidfile": "ccc"}, # container info
{"conmonpidfile": "ccc",
"config": {
"createcommand": [
"podman",
"create",
"--conmon-pidfile=ccc",
"testcont",
]}
}, # container info
{}, # image info
"4.1.1", # podman version
],
True,
),
(
[
None, # module
{"conmon_pidfile": None}, # module params
{"conmonpidfile": None,
"config": {
"createcommand": [
"podman",
"create",
"testcont",
]}
}, # container info
{}, # image info
"4.1.1", # podman version
],
False,
),
(
[
None, # module
{"conmon_pidfile": 'aaa'}, # module params
{"conmonpidfile": None,
"config": {
"createcommand": [
"podman",
"create",
"testcont",
]}
}, # container info
{}, # image info
"4.1.1", # podman version
],
True,
),
(
[
None, # module
{"conmon_pidfile": 'aaa'}, # module params
{"conmonpidfile": 'aaa',
"config": {
"createcommand": [
"podman",
"create",
"--conmon-pidfile=aaa",
"testcont",
]}
}, # container info
{}, # image info
"4.1.1", # podman version
],