Rewrite the docker_host_info module.

ansible-collections · Jun 18, 2022 · 5ae47e3 · 5ae47e3
1 parent b1c62c8
commit 5ae47e3
Show file tree

Hide file tree

Showing 5 changed files with 627 additions and 33 deletions.
diff --git a/plugins/doc_fragments/docker.py b/plugins/doc_fragments/docker.py
@@ -10,7 +10,6 @@ class ModuleDocFragment(object):
 
     # Docker doc fragment
     DOCUMENTATION = r'''
-
 options:
     docker_host:
         description:
@@ -185,3 +184,120 @@ class ModuleDocFragment(object):
      (see L(here,https://github.com/docker/docker-py/issues/1310) for details).
      This module does *not* work with docker-py."
 '''
+
+    # Docker doc fragment when using the vendored API access code
+    API_DOCUMENTATION = r'''
+options:
+    docker_host:
+        description:
+            - The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the
+              TCP connection string. For example, C(tcp://192.0.2.23:2376). If TLS is used to encrypt the connection,
+              the module will automatically replace C(tcp) in the connection URL with C(https).
+            - If the value is not specified in the task, the value of environment variable C(DOCKER_HOST) will be used
+              instead. If the environment variable is not set, the default value will be used.
+        type: str
+        default: unix://var/run/docker.sock
+        aliases: [ docker_url ]
+    tls_hostname:
+        description:
+            - When verifying the authenticity of the Docker Host server, provide the expected name of the server.
+            - If the value is not specified in the task, the value of environment variable C(DOCKER_TLS_HOSTNAME) will
+              be used instead. If the environment variable is not set, the default value will be used.
+            - The current default value is C(localhost). This default is deprecated and will change in community.docker
+              2.0.0 to be a value computed from I(docker_host). Explicitly specify C(localhost) to make sure this value
+              will still be used, and to disable the deprecation message which will be shown otherwise.
+        type: str
+    api_version:
+        description:
+            - The version of the Docker API running on the Docker Host.
+            - Defaults to the latest version of the API supported by this collection and the docker daemon.
+            - If the value is not specified in the task, the value of environment variable C(DOCKER_API_VERSION) will be
+              used instead. If the environment variable is not set, the default value will be used.
+        type: str
+        default: auto
+        aliases: [ docker_api_version ]
+    timeout:
+        description:
+            - The maximum amount of time in seconds to wait on a response from the API.
+            - If the value is not specified in the task, the value of environment variable C(DOCKER_TIMEOUT) will be used
+              instead. If the environment variable is not set, the default value will be used.
+        type: int
+        default: 60
+    ca_cert:
+        description:
+            - Use a CA certificate when performing server verification by providing the path to a CA certificate file.
+            - If the value is not specified in the task and the environment variable C(DOCKER_CERT_PATH) is set,
+              the file C(ca.pem) from the directory specified in the environment variable C(DOCKER_CERT_PATH) will be used.
+        type: path
+        aliases: [ tls_ca_cert, cacert_path ]
+    client_cert:
+        description:
+            - Path to the client's TLS certificate file.
+            - If the value is not specified in the task and the environment variable C(DOCKER_CERT_PATH) is set,
+              the file C(cert.pem) from the directory specified in the environment variable C(DOCKER_CERT_PATH) will be used.
+        type: path
+        aliases: [ tls_client_cert, cert_path ]
+    client_key:
+        description:
+            - Path to the client's TLS key file.
+            - If the value is not specified in the task and the environment variable C(DOCKER_CERT_PATH) is set,
+              the file C(key.pem) from the directory specified in the environment variable C(DOCKER_CERT_PATH) will be used.
+        type: path
+        aliases: [ tls_client_key, key_path ]
+    ssl_version:
+        description:
+            - Provide a valid SSL version number. Default value determined by ssl.py module.
+            - If the value is not specified in the task, the value of environment variable C(DOCKER_SSL_VERSION) will be
+              used instead.
+        type: str
+    tls:
+        description:
+            - Secure the connection to the API by using TLS without verifying the authenticity of the Docker host
+              server. Note that if I(validate_certs) is set to C(yes) as well, it will take precedence.
+            - If the value is not specified in the task, the value of environment variable C(DOCKER_TLS) will be used
+              instead. If the environment variable is not set, the default value will be used.
+        type: bool
+        default: no
+    use_ssh_client:
+        description:
+            - For SSH transports, use the C(ssh) CLI tool instead of paramiko.
+        type: bool
+        default: no
+        version_added: 1.5.0
+    validate_certs:
+        description:
+            - Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server.
+            - If the value is not specified in the task, the value of environment variable C(DOCKER_TLS_VERIFY) will be
+              used instead. If the environment variable is not set, the default value will be used.
+        type: bool
+        default: no
+        aliases: [ tls_verify ]
+    debug:
+        description:
+            - Debug mode
+        type: bool
+        default: no
+
+notes:
+  - Connect to the Docker daemon by providing parameters with each task or by defining environment variables.
+    You can define C(DOCKER_HOST), C(DOCKER_TLS_HOSTNAME), C(DOCKER_API_VERSION), C(DOCKER_CERT_PATH), C(DOCKER_SSL_VERSION),
+    C(DOCKER_TLS), C(DOCKER_TLS_VERIFY) and C(DOCKER_TIMEOUT). If you are using docker machine, run the script shipped
+    with the product that sets up the environment. It will set these variables for you. See
+    U(https://docs.docker.com/machine/reference/env/) for more details.
+#  - When connecting to Docker daemon with TLS, you might need to install additional Python packages.
+#    For the Docker SDK for Python, version 2.4 or newer, this can be done by installing C(docker[tls]) with M(ansible.builtin.pip).
+#  - Note that the Docker SDK for Python only allows to specify the path to the Docker configuration for very few functions.
+#    In general, it will use C($HOME/.docker/config.json) if the C(DOCKER_CONFIG) environment variable is not specified,
+#    and use C($DOCKER_CONFIG/config.json) otherwise.
+
+notes:
+  - This module does B(not) use the L(Docker SDK for Python,https://docker-py.readthedocs.io/en/stable/) to
+    communicate with the Docker daemon. It uses code derived from the Docker SDK or Python hat is included in this
+    collection.
+requirements:
+  - requests
+  - pywin32 (when using named pipes on Windows 32)
+  - paramiko (when using SSH with I(use_ssh_client=false))
+  - pyOpenSSL (when using TLS)
+  - backports.ssl_match_hostname (when using TLS on Python 2)
+'''
diff --git a/plugins/module_utils/_api/api/client.py b/plugins/module_utils/_api/api/client.py
@@ -156,7 +156,7 @@ def __init__(self, base_url=None, version=None,
             self.mount('http+docker://', self._custom_adapter)
             self.base_url = 'http+docker://localnpipe'
         elif base_url.startswith('ssh://'):
-            if PARAMIKO_IMPORT_ERROR is not None:
+            if PARAMIKO_IMPORT_ERROR is not None and not use_ssh_client:
                 raise MissingRequirementException(
                     'Install paramiko package to enable ssh:// support',
                     'paramiko',