community.docker
community.docker copied to clipboard
Published
20 hours ago •
ansible-collections
ansible-collections
Use `docker_login` without actually logging in
SUMMARY
Use docker_login to write credentials to ~/.docker/config.json without verification.
ISSUE TYPE
- Feature Idea
COMPONENT NAME
docker_login
ADDITIONAL INFORMATION
The docker_login module performs two processes:
- it does an actual
docker login, - which writes to the
~/.docker/config.jsonfile.
So this module has an all-or-nothing approach - it cannot be used if the registry is not fully provisioned and responsive.
But often when provisioning a host, that is not the case, and we just need to write that file - and we know the data is correct. In such a case we can't use this module.
I can write that file manually in about half a dozen tasks: checking if the file exists, writing to it, etc. But it would be nice to do that with the docker_login module instead.
e.g.
- docker_login:
registry_url: registry.example.com
username: username
password: password
login: false # <---- the new feature; default true so backwards compatible
WORKAROUND
For example, this is to manually write the file on localhost:
- set_fact:
path: "{{ lookup('env','HOME') + '/.docker/config.json' }}"
- name: try read file
set_fact:
json: "{{ lookup('file', path, errors='ignore') }}"
no_log: true
- name: set default in case file does not exist
set_fact:
json: { "auths": {} }
when: json == ''
- name: merge with credentials
set_fact:
json: "{{ json | combine({ 'auths': { 'registry.example.com': { 'auth': credentials } } }, recursive=true) }}"
vars:
credentials: "{{ (username + ':' + password) | b64encode }}"
no_log: true
- name: (re)write to file
copy:
content: "{{ json }}"
dest: "{{ path }}"
delegate_to: localhost
It would be so much nicer to use the docker_login module instead.
