Topics
Final maintenance release of community.docker major version 1.
- The community.docker 1.x.y release stream is now effectively End of Life. No more releases will be made, and regular CI runs will stop.
Bugfix release.
- docker_api connection plugin - fix error handling when 409 Conflict is returned by the Docker daemon in case of a stopped container (#546).
- docker_container_exec - fix error handling when 409 Conflict is returned by the Docker daemon in case of a stopped container (#546).
- docker_plugin - do not crash if plugin is installed in check mode (#552, #553).
- most modules - fix handling of
DOCKER_TIMEOUT
environment variable, and improve handling of other fallback environment variables (#551, #554).
Bugfix release.
- current_container_facts - make container detection work better in more cases (#522).
Maintenance release with a bugfix and improved documentation.
Maintenance release.
- Docker SDK for Python based modules and plugins - if the API version is specified as an option, use that one to validate API version requirements of module/plugin options instead of the latest API version supported by the Docker daemon. This also avoids one unnecessary API call per module/plugin (#389).
- docker_stack - fix broken string formatting when reporting error in case
compose
was containing invalid values (#448).
Bugfix release.
- docker_container - fail with a meaningful message instead of crashing if a port is specified with more than three colon-separated parts (#367, #365).
- docker_container - remove unused code that will cause problems with Python 3.13 (#354).
Maintenance release.
- Include
PSF-license.txt
file forplugins/module_utils/_version.py
.
Regular bugfix release.
- docker connection plugin - make sure that
docker_extra_args
is used for querying the Docker version. Also ensures that the Docker version is only queried when needed. This is currently the case if a remote user is specified (#325, #327).
Regular bugfix release.
- docker connection plugin - fix option handling to be compatible with ansible-core 2.13 (#313, #307).
- docker_api connection plugin - fix option handling to be compatible with ansible-core 2.13 (#315).
Regular bugfix release.
- docker_compose - fix Python 3 type error when extracting warnings or errors from docker-compose's output (#305).
Regular bugfix release.
- docker_container, docker_image - adjust image finding code to pecularities of
podman-docker
's API emulation when Docker short names likeredis
are used (#292).
Emergency release to amend breaking change in previous release.
- Fix unintended breaking change caused by an earlier fix by vendoring the deprecated Python standard library
distutils.version
until this collection stops supporting Ansible 2.9 and ansible-base 2.10 (#267, #269).
Maintenance release.
- Various modules and plugins - use vendored version of
distutils.version
included in ansible-core 2.12 if available. This avoids breakage whendistutils
is removed from the standard library of Python 3.12. Note that ansible-core 2.11, ansible-base 2.10 and Ansible 2.9 are right now not compatible with Python 3.12, hence this fix does not target these ansible-core/-base/2.9 versions (#258). - docker connection plugin - replace deprecated
distutils.spawn.find_executable
with Ansible'sget_bin_path
to find thedocker
executable (#257). - docker_container_exec - disallow using the
chdir
option for Docker API before 1.35 (#253).
Bugfix release.
- docker_api connection plugin - avoid passing an unnecessary argument to a Docker SDK for Python call that is only supported by version 3.0.0 or later (#243).
- docker_container_exec -
chdir
is only supported since Docker SDK for Python 3.0.0. Make sure that this option can only use when 3.0.0 or later is installed, and prevent passing this parameter on whenchdir
is not provided to this module (#243, #242). - nsenter connection plugin - ensure the
nsenter_pid
option is retrieved in_connect
instead of__init__
to prevent a crasher due to bad initialization order (#249). - nsenter connection plugin - replace the use of
--all-namespaces
with specific namespaces to support compatibility with Busybox nsenter (used on, for example, Alpine containers) (#249).
Maintenance release with some documentation fixes.
Regular feature and bugfix release.
- Add the modules docker_container_exec, docker_image_load and docker_plugin to the
docker
module defaults group (#209). - docker_config - add option
data_src
to read configuration data from target (#64, #203). - docker_secret - add option
data_src
to read secret data from target (#64, #203).
Regular bugfix release.
- docker_compose - fixed incorrect
changed
status for services withprofiles
defined, but none enabled (#192).
New bugfixes and features release.
- docker* modules - include
ImportError
traceback when reporting that Docker SDK for Python could not be found (#188). - docker_compose - added
env_file
option for specifying custom environment files (#174). - docker_container - added
publish_all_ports
option to publish all exposed ports to random ports except those explicitly bound withpublished_ports
(this was already added in community.docker 1.8.0) (#162). - docker_container - added new
command_handling
option with current deprecated default valuecompatibility
which allows to control how the module handles shell quoting when interpreting lists, and how the module handles empty lists/strings. The default will switch tocorrect
in community.docker 3.0.0 (#186). - docker_container - lifted restriction preventing the creation of anonymous volumes with the
mounts
option (#181).
- docker_container - the new
command_handling
's default value,compatibility
, is deprecated and will change tocorrect
in community.docker 3.0.0. A deprecation warning is emitted by the module in cases where the behavior will change. Please note that ansible-core will output a deprecation warning only once, so if it is shown for an earlier task, there could be more tasks with this warning where it is not shown (#186).
- docker_compose - fixes task failures when bringing up services while using
docker-compose <1.17.0
(#180). - docker_container - make sure to also return
container
ondetached=false
when status code is non-zero (#178). - docker_stack_info - make sure that module isn't skipped in check mode (#183).
- docker_stack_task_info - make sure that module isn't skipped in check mode (#183).
- nsenter - execute on host running controller container
Regular bugfix and feature release.
- Avoid internal ansible-core module_utils in favor of equivalent public API available since at least Ansible 2.9 (#164).
- docker_compose - added
profiles
option to specify service profiles when starting services (#167). - docker_containers inventory plugin - when
connection_type=docker-api
, now pass Docker daemon connection options from inventory plugin to connection plugin. This can be disabled by settingconfigure_docker_daemon=false
(#157). - docker_host_info - allow values for keys in
containers_filters
,images_filters
,networks_filters
, andvolumes_filters
to be passed as YAML lists (#160). - docker_plugin - added
alias
option to specify local names for docker plugins (#161).
Small feature and bugfix release.
- docker_image - allow to tag images by ID (#149).
Bugfix release to reduce deprecation warning spam.
- docker* modules and plugins, except
docker_swarm
connection plugin anddocker_compose
anddocker_stack*` modules - only emit
tls_hostname`` deprecation message if TLS is actually used (#143).
Regular bugfix and feature release.
- common module utils - correct error messages for guiding to install proper Docker SDK for Python module (#125).
- docker_container - allow
memory_swap: -1
to set memory swap limit to unlimited. This is useful when the user cannot set memory swap limits due to cgroup limitations or other reasons, as by default Docker will try to set swap usage to two times the value ofmemory
(#138).
- docker* modules and plugins, except
docker_swarm
connection plugin anddocker_compose
anddocker_stack*` modules - the current default
localhostfor
tls_hostnameis deprecated. In community.docker 2.0.0 it will be computed from
docker_host`` instead (#134).
- docker-compose - fix not pulling when
state: present
andstopped: true
(#12, #119). - docker_plugin - also configure plugin after installing (#118, #135).
- docker_swarm_services - avoid crash during idempotence check if
published_port
is not specified (#107, #136).
Regular feature release.
- all modules - use
to_native
to convert exceptions to strings (#121).
- docker_container_exec - Execute command in a docker container
Security release to address another potential secret leak. Also includes regular bugfixes and features.
- docker_swarm_service - change
publish.published_port
option from mandatory to optional. Docker will assign random high port if not specified (#99).
- docker_swarm - if
join_token
is specified, a returned join token with the same value will be replaced byVALUE_SPECIFIED_IN_NO_LOG_PARAMETER
. Make sure that you do not blindly use the join tokens from the return value of this module when the module is invoked withjoin_token
specified! This breaking change appears in a minor release since it is necessary to fix a security issue (#103).
- docker_swarm - the
join_token
option is now marked asno_log
so it is no longer written into logs (#103).
docker_swarm_service
- fix KeyError on caused by reference to deprecated optionupdate_failure_action
(#100).- docker_swarm_service - mark
secrets
module option withno_log=False
since it does not leak secrets (ansible-collections/community.general#2001).
Regular feature and bugfix release.
- docker_container - add
storage_opts
option to specify storage options (#91, #93). - docker_image - allows to specify platform to pull for
source=pull
with new optionpull_platform
(#79, #89). - docker_image - properly support image IDs (hashes) for loading and tagging images (#86, #87).
- docker_swarm_service - adding support for maximum number of tasks per node (
replicas_max_per_node
) when running swarm service in replicated mode. Introduced in API 1.40 (#7, #92).
- docker_container - fix healthcheck disabling idempotency issue with strict comparison (#85).
- docker_image - prevent module failure when removing image that is removed between inspection and removal (#87).
- docker_image - prevent module failure when removing non-existant image by ID (#87).
- docker_image_info - prevent module failure when image vanishes between listing and inspection (#87).
- docker_image_info - prevent module failure when querying non-existant image by ID (#87).
- docker_image_load - Load docker image(s) from archives
- docker_plugin - Manage Docker plugins
Security bugfix release to address CVE-2021-20191.
- docker_swarm - enabled
no_log
for the optionsigning_ca_key
to prevent accidental disclosure (CVE-2021-20191, #80).
Bugfix release.
- docker connection plugin - fix Docker version parsing, as some docker versions have a leading
v
in the output of the commanddocker version --format "{{.Server.Version}}"
(#76).
Feature release with one new feature and two bugfixes.
- docker_container - added
default_host_ip
option which allows to explicitly set the default IP string for published ports without explicitly specified IPs. When using IPv6 binds with Docker 20.10.2 or newer, this needs to be set to an empty string (""
) (#70, #71).
- docker_container - allow IPv6 zones (RFC 4007) in bind IPs (#66).
- docker_image - fix crash on loading images with versions of Docker SDK for Python before 2.5.0 (#72, #73).
Feature release with three new plugins and modules.
- docker_container - support specifying
cgroup_parent
(#6, #59). - docker_container - when a container is started with
detached=false
,status
is now also returned when it is 0 (#26, #58). - docker_image - support
platform
when building images (#22, #54).
- docker_container - currently
published_ports
can contain port mappings next to the special valueall
, in which case the port mappings are ignored. This behavior is deprecated for community.docker 2.0.0, at which point it will either be forbidden, or this behavior will be properly implemented similar to how the Docker CLI tool handles this (#8, #60).
- docker_image - if
push=true
is used withrepository
, and the image does not need to be tagged, still push. This can happen ifrepository
andname
are equal (#52, #53). - docker_image - report error when loading a broken archive that contains no image (#46, #55).
- docker_image - report error when the loaded archive does not contain the specified image (#41, #55).
- docker_api - Run tasks in docker containers
- docker_containers - Ansible dynamic inventory plugin for Docker containers.
- current_container_facts - Return facts about whether the module runs in a Docker container
Maintenance release with a bugfix for docker_container
.
This is the first production (non-prerelease) release of community.docker
.
- Add collection-side support of the
docker
action group / module defaults group (#17). - docker_image - return docker build output (ansible-collections/community.general#805).
- docker_secret - add a warning when the secret does not have an
ansible_key
label but theforce
parameter is not set (#30, #31).
The community.docker
continues the work on the Ansible docker modules and plugins from their state in community.general
1.2.0. The changes listed here are thus relative to the modules and plugins community.general.docker*
.
All deprecation removals planned for community.general
2.0.0 have been applied. All deprecation removals scheduled for community.general
3.0.0 have been re-scheduled for community.docker
2.0.0.
- docker_container - now supports the
device_requests
option, which allows to request additional resources such as GPUs (ansible/ansible#65748, ansible-collections/community.general#1119).
- docker_container - no longer returns
ansible_facts
(#1). - docker_container - the default of
networks_cli_compatible
changed totrue
(#1). - docker_container - the unused option
trust_image_content
has been removed (#1). - docker_image -
state=build
has been removed. Usepresent
instead (#1). - docker_image - the
container_limits
,dockerfile
,http_timeout
,nocache
,rm
,path
,buildargs
,pull
have been removed. Use the corresponding suboptions ofbuild
instead (#1). - docker_image - the
force
option has been removed. Use the more specificforce_*
options instead (#1). - docker_image - the
source
option is now mandatory (#1). - docker_image - the
use_tls
option has been removed. Usetls
andvalidate_certs
instead (#1). - docker_image - the default of the
build.pull
option changed tofalse
(#1). - docker_image_facts - this alias is on longer availabe, use
docker_image_info
instead (#1). - docker_network - no longer returns
ansible_facts
(#1). - docker_network - the
ipam_options
option has been removed. Useipam_config
instead (#1). - docker_service - no longer returns
ansible_facts
(#1). - docker_swarm -
state=inspect
has been removed. Usedocker_swarm_info
instead (#1). - docker_swarm_service - the
constraints
option has been removed. Useplacement.constraints
instead (#1). - docker_swarm_service - the
limit_cpu
andlimit_memory
options has been removed. Use the corresponding suboptions inlimits
instead (#1). - docker_swarm_service - the
log_driver
andlog_driver_options
options has been removed. Use the corresponding suboptions inlogging
instead (#1). - docker_swarm_service - the
reserve_cpu
andreserve_memory
options has been removed. Use the corresponding suboptions inreservations
instead (#1). - docker_swarm_service - the
restart_policy
,restart_policy_attempts
,restart_policy_delay
andrestart_policy_window
options has been removed. Use the corresponding suboptions inrestart_config
instead (#1). - docker_swarm_service - the
update_delay
,update_parallelism
,update_failure_action
,update_monitor
,update_max_failure_ratio
andupdate_order
options has been removed. Use the corresponding suboptions inupdate_config
instead (#1). - docker_volume - no longer returns
ansible_facts
(#1). - docker_volume - the
force
option has been removed. Userecreate
instead (#1).
- docker_login - fix internal config file storage to handle credentials for more than one registry (ansible-collections/community.general#1117).