From 14c465860366dd0970cdd5385a1cea033fe790ab Mon Sep 17 00:00:00 2001 From: Felix Fontein Date: Sat, 9 Dec 2023 18:59:06 +0100 Subject: [PATCH] Docker SDK for Python 7+: make sure that ssl_version is not passed, and error out if it was explicitly set (#715) * Do not accept ssl_version for Docker SDK for Python 7.0.0+. * Add changelog fragment. * Generally avoid sending None values to TLSConfig. Potentially prevents similar errors in the future, assuming the users do not pass values in. * Python 2.6 compatibility. (cherry picked from commit 3aa1ddcca06647b7bd6d34ab35320118f58781de) --- changelogs/fragments/715-docker-7.yml | 2 ++ plugins/doc_fragments/docker.py | 2 ++ plugins/module_utils/common.py | 14 ++++++++++++++ 3 files changed, 18 insertions(+) create mode 100644 changelogs/fragments/715-docker-7.yml diff --git a/changelogs/fragments/715-docker-7.yml b/changelogs/fragments/715-docker-7.yml new file mode 100644 index 000000000..9c565e397 --- /dev/null +++ b/changelogs/fragments/715-docker-7.yml @@ -0,0 +1,2 @@ +bugfixes: + - "modules and plugins using the Docker SDK for Python - remove ``ssl_version`` from the parameters passed to Docker SDK for Python 7.0.0+. Explicitly fail with a nicer error message if it was explicitly set in this case (https://github.com/ansible-collections/community.docker/pull/715)." diff --git a/plugins/doc_fragments/docker.py b/plugins/doc_fragments/docker.py index d78a43f48..8c2ca0ed7 100644 --- a/plugins/doc_fragments/docker.py +++ b/plugins/doc_fragments/docker.py @@ -73,6 +73,8 @@ class ModuleDocFragment(object): - Provide a valid SSL version number. Default value determined by ssl.py module. - If the value is not specified in the task, the value of environment variable C(DOCKER_SSL_VERSION) will be used instead. + - B(Note:) this option is no longer supported for Docker SDK for Python 7.0.0+. Specifying it with Docker SDK for + Python 7.0.0 or newer will lead to an error. type: str tls: description: diff --git a/plugins/module_utils/common.py b/plugins/module_utils/common.py index 995e9493e..f547e46ff 100644 --- a/plugins/module_utils/common.py +++ b/plugins/module_utils/common.py @@ -121,6 +121,20 @@ class NotFound(Exception): # noqa: F811 def _get_tls_config(fail_function, **kwargs): + if 'ssl_version' in kwargs and LooseVersion(docker_version) >= LooseVersion('7.0.0b1'): + ssl_version = kwargs.pop('ssl_version') + if ssl_version is not None: + fail_function( + "ssl_version is not compatible with Docker SDK for Python 7.0.0+. You are using" + " Docker SDK for Python {docker_py_version}. The ssl_version option (value: {ssl_version})" + " has either been set directly or with the environment variable DOCKER_SSL_VERSION." + " Make sure it is not set, or switch to an older version of Docker SDK for Python.".format( + docker_py_version=docker_version, + ssl_version=ssl_version, + ) + ) + # Filter out all None parameters + kwargs = dict((k, v) for k, v in kwargs.items() if v is not None) try: tls_config = TLSConfig(**kwargs) return tls_config