docker_swarm: Return UnlockKey (#54490)

* Return UnlockKey * Add changelog fragment * Add method to check if a parameter exists in diffs * Add method to get swarm unlock key * Add option unlock_key * Only return unlock key when created or changed * Rename difference check * Extend unlock key example * Assert that unlock_key is a string * Fix docker_swarm_info authors * Don’t silence APIErrors * Test unlock_key on unlocked swarm * Catch APIError when retrieving unlock key * Better return value description * Lint * Fix UnlockKey return value documentation Co-Authored-By: hannseman <hannes@5monkeys.se> * Get unlock key safely Co-Authored-By: hannseman <hannes@5monkeys.se> * Return None on empty UnlockKey * Assert swarm_unlock_key is undefined if unqueried * Add documentation about swarm_info unlock_key * Add change log fragment for unlock_key option * Revert "Add change log fragment for unlock_key option" This reverts commit e3cb2325b552e5d14cc3f42b33a86bf3ee84d3b9. * Use generator expression instead * Restart docker more decisively * Use systemctl kill Co-Authored-By: hannseman <hannes@5monkeys.se> * Try to restart docker daemon
2026-05-07 22:02:50 +00:00 · 2019-04-01 13:19:18 +02:00
parent 21c8650180
commit e58f23b73e
8 changed files with 146 additions and 4 deletions
--- a/test/integration/targets/docker_swarm/tasks/main.yml
+++ b/test/integration/targets/docker_swarm/tasks/main.yml
@@ -13,11 +13,16 @@
    diff: no
    ignore_errors: yes

+  - name: Kill docker daemon
+    command: systemctl kill -s 9 docker
+    become: yes
+
  - name: Restart docker daemon
    service:
      name: docker
      state: restarted
    become: yes
+
  - name: Wait for docker daemon to be fully restarted
    command: docker ps

--- a/test/integration/targets/docker_swarm/tasks/tests/options.yml
+++ b/test/integration/targets/docker_swarm/tasks/tests/options.yml
@@ -61,6 +61,15 @@
  register: output_6
  ignore_errors: yes

+- name: autolock_managers (force new swarm)
+  docker_swarm:
+    state: present
+    force: yes
+    autolock_managers: yes
+  diff: yes
+  register: output_7
+  ignore_errors: yes
+
 - name: assert autolock_managers changes
  assert:
    that:
@@ -89,6 +98,16 @@
       - 'output_6.diff.before is defined'
       - 'output_6.diff.after is defined'
  when: docker_py_version is version('2.6.0', '>=')
+
+- name: assert UnlockKey in swarm_facts
+  assert:
+    that:
+      - 'output_2.swarm_facts.UnlockKey'
+      - 'output_3.swarm_facts.UnlockKey is none'
+      - 'output_6.swarm_facts.UnlockKey is none'
+      - 'output_7.swarm_facts.UnlockKey'
+  when: docker_py_version is version('2.7.0', '>=')
+
 - assert:
    that:
    - output_1 is failed
--- a/test/integration/targets/docker_swarm_info/tasks/test_swarm_info.yml
+++ b/test/integration/targets/docker_swarm_info/tasks/test_swarm_info.yml
@@ -18,6 +18,7 @@
         - 'output.can_talk_to_docker == true'
         - 'output.docker_swarm_active == false'
         - 'output.docker_swarm_manager == false'
+         - 'output.swarm_unlock_key is not defined'

  - name: Create a Swarm cluster
    docker_swarm:
@@ -45,6 +46,7 @@
         - 'output.can_talk_to_docker == true'
         - 'output.docker_swarm_active == true'
         - 'output.docker_swarm_manager == true'
+         - 'output.swarm_unlock_key is not defined'

  - name: Try to get docker_swarm_info and list of nodes when docker is running in swarm mode and as manager
    docker_swarm_info:
@@ -61,6 +63,7 @@
         - 'output.can_talk_to_docker == true'
         - 'output.docker_swarm_active == true'
         - 'output.docker_swarm_manager == true'
+         - 'output.swarm_unlock_key is not defined'

  - name: Get local docker node name
    set_fact:
@@ -84,6 +87,7 @@
         - 'output.can_talk_to_docker == true'
         - 'output.docker_swarm_active == true'
         - 'output.docker_swarm_manager == true'
+         - 'output.swarm_unlock_key is not defined'

  - name: Try to get docker_swarm_info and list of nodes with filters providing existing node name
    docker_swarm_info:
@@ -102,6 +106,7 @@
         - 'output.can_talk_to_docker == true'
         - 'output.docker_swarm_active == true'
         - 'output.docker_swarm_manager == true'
+         - 'output.swarm_unlock_key is not defined'

  - name: Create random name
    set_fact:
@@ -124,6 +129,40 @@
         - 'output.can_talk_to_docker == true'
         - 'output.docker_swarm_active == true'
         - 'output.docker_swarm_manager == true'
+         - 'output.swarm_unlock_key is not defined'
+
+  - name: Try to get docker_swarm_info and swarm_unlock_key on non a unlocked swarm
+    docker_swarm_info:
+      unlock_key: yes
+    register: output
+
+  - name: assert reading swarm facts and non existing swarm unlock key
+    assert:
+      that:
+        - 'output.swarm_unlock_key is none'
+        - 'output.can_talk_to_docker == true'
+        - 'output.docker_swarm_active == true'
+        - 'output.docker_swarm_manager == true'
+
+  - name: Update swarm cluster to be locked
+    docker_swarm:
+      state: present
+      autolock_managers: true
+    register: autolock_managers_update_output
+
+  - name: Try to get docker_swarm_info and swarm_unlock_key
+    docker_swarm_info:
+      unlock_key: yes
+    register: output
+
+  - name: assert reading swarm facts and swarm unlock key
+    assert:
+      that:
+        - 'output.swarm_unlock_key is string'
+        - 'output.swarm_unlock_key == autolock_managers_update_output.swarm_facts.UnlockKey'
+        - 'output.can_talk_to_docker == true'
+        - 'output.docker_swarm_active == true'
+        - 'output.docker_swarm_manager == true'

  always:
  - name: Cleanup