Skip to content

Commit

Permalink
Add lables support for podman_secret
Browse files Browse the repository at this point in the history 
Signed-off-by: Sagi Shnaidman <[email protected]>
  • Loading branch information
@sshnaidm
sshnaidm committed Dec 23, 2023
1 parent dcdf742 commit 8d85391
Show file tree
Hide file tree
Showing 2 changed files with 89 additions and 5 deletions.
30 changes: 25 additions & 5 deletions plugins/modules/podman_secret.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,10 @@
choices:
- absent
- present
labels:
description:
- Labels to set on the secret.
type: dict
debug:
description:
- Enable debug mode for module.
Expand Down Expand Up @@ -112,7 +116,7 @@ def podman_secret_exists(module, executable, name, version):
return rc == 0


def need_update(module, executable, name, data, driver, driver_opts, debug):
def need_update(module, executable, name, data, driver, driver_opts, debug, labels):

cmd = [executable, 'secret', 'inspect', '--showsecret', name]
rc, out, err = module.run_command(cmd)
Expand All @@ -138,18 +142,25 @@ def need_update(module, executable, name, data, driver, driver_opts, debug):
diff['before'] = "=".join(
[k, secret['Spec']['Driver']['Options'].get(k)])
return True
if labels:
for k, v in labels.items():
if secret['Spec']['Labels'].get(k) != v:
diff['after'] = "=".join([k, v])
diff['before'] = "=".join(
[k, secret['Spec']['Labels'].get(k)])
return True
except Exception:
return True
return False


def podman_secret_create(module, executable, name, data, force, skip,
driver, driver_opts, debug):
driver, driver_opts, debug, labels):
podman_version = get_podman_version(module, fail=False)
if (podman_version is not None and
LooseVersion(podman_version) >= LooseVersion('4.7.0')
and (driver is None or driver == 'file')):
if not skip and need_update(module, executable, name, data, driver, driver_opts, debug):
if not skip and need_update(module, executable, name, data, driver, driver_opts, debug, labels):
podman_secret_remove(module, executable, name)
else:
return {"changed": False}
Expand All @@ -166,6 +177,10 @@ def podman_secret_create(module, executable, name, data, force, skip,
if driver_opts:
cmd.append('--driver-opts')
cmd.append(",".join("=".join(i) for i in driver_opts.items()))
if labels:
for k, v in labels.items():
cmd.append('--label')
cmd.append("=".join([k, v]))
cmd.append(name)
cmd.append('-')

Expand All @@ -175,7 +190,10 @@ def podman_secret_create(module, executable, name, data, force, skip,

return {
"changed": True,
"diff": diff,
"diff": {
"before": diff['before'] + "\n",
"after": diff['after'] + "\n",
},
}


Expand Down Expand Up @@ -205,6 +223,7 @@ def main():
skip_existing=dict(type='bool', default=False),
driver=dict(type='str'),
driver_opts=dict(type='dict'),
labels=dict(type='dict'),
debug=dict(type='bool', default=False),
),
)
Expand All @@ -222,9 +241,10 @@ def main():
driver = module.params['driver']
driver_opts = module.params['driver_opts']
debug = module.params['debug']
labels = module.params['labels']
results = podman_secret_create(module, executable,
name, data, force, skip,
driver, driver_opts, debug)
driver, driver_opts, debug, labels)
else:
results = podman_secret_remove(module, executable, name)

Expand Down
64 changes: 64 additions & 0 deletions tests/integration/targets/podman_secret/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,24 @@
that:
- removed is not changed

- name: Create secret with file driver labels
containers.podman.podman_secret:
executable: "{{ test_executable | default('podman') }}"
name: mysecret
data: secret content
driver: file
labels:
lab1: somestringhere
label2: "some value is there"
"long label": onestring
"boring label": "multi string value"

- name: Remove secret
containers.podman.podman_secret:
executable: "{{ test_executable | default('podman') }}"
state: absent
name: mysecret

- name: Create secret with file driver and custom options
containers.podman.podman_secret:
executable: "{{ test_executable | default('podman') }}"
Expand Down Expand Up @@ -215,6 +233,52 @@
- skip_secret_changed is not changed
- force_secret_changed is changed

- name: Create secret with file driver and labels
containers.podman.podman_secret:
executable: "{{ test_executable | default('podman') }}"
name: mysecret
data: secret content
driver: file
labels:
lab1: somestringhere
label2: "some value is there"
"long label": onestring
"boring label": "multi string value"
register: secretlabels

- name: Create secret with file driver and labels again
containers.podman.podman_secret:
executable: "{{ test_executable | default('podman') }}"
name: mysecret
data: secret content
driver: file
labels:
lab1: somestringhere
label2: "some value is there"
"long label": onestring
"boring label": "multi string value"
register: secretlabels2

- name: Create secret with file driver and different labels
containers.podman.podman_secret:
executable: "{{ test_executable | default('podman') }}"
name: mysecret
data: secret content
driver: file
labels:
lab1: somestringhere
label2: "some value is not there"
"long label": onestring
"boring label": "multi string value"
register: secretlabels3

- name: Check labels changes
assert:
that:
- secretlabels is changed
- secretlabels2 is not changed
- secretlabels3 is changed

- name: Remove secret
containers.podman.podman_secret:
executable: "{{ test_executable | default('podman') }}"
Expand Down

0 comments on commit 8d85391

Please sign in to comment.