Topics
Final maintenance release of community.docker major version 1.
- The community.docker 1.x.y release stream is now effectively End of Life. No more releases will be made, and regular CI runs will stop.
Bugfix release.
- docker_api connection plugin - fix error handling when 409 Conflict is returned by the Docker daemon in case of a stopped container (#546).
- docker_container_exec - fix error handling when 409 Conflict is returned by the Docker daemon in case of a stopped container (#546).
- docker_plugin - do not crash if plugin is installed in check mode (#552, #553).
- most modules - fix handling of
DOCKER_TIMEOUTenvironment variable, and improve handling of other fallback environment variables (#551, #554).
Bugfix release.
- current_container_facts - make container detection work better in more cases (#522).
Maintenance release with a bugfix and improved documentation.
Maintenance release.
- Docker SDK for Python based modules and plugins - if the API version is specified as an option, use that one to validate API version requirements of module/plugin options instead of the latest API version supported by the Docker daemon. This also avoids one unnecessary API call per module/plugin (#389).
- docker_stack - fix broken string formatting when reporting error in case
composewas containing invalid values (#448).
Bugfix release.
- docker_container - fail with a meaningful message instead of crashing if a port is specified with more than three colon-separated parts (#367, #365).
- docker_container - remove unused code that will cause problems with Python 3.13 (#354).
Maintenance release.
- Include
PSF-license.txtfile forplugins/module_utils/_version.py.
Regular bugfix release.
- docker connection plugin - make sure that
docker_extra_argsis used for querying the Docker version. Also ensures that the Docker version is only queried when needed. This is currently the case if a remote user is specified (#325, #327).
Regular bugfix release.
- docker connection plugin - fix option handling to be compatible with ansible-core 2.13 (#313, #307).
- docker_api connection plugin - fix option handling to be compatible with ansible-core 2.13 (#315).
Regular bugfix release.
- docker_compose - fix Python 3 type error when extracting warnings or errors from docker-compose's output (#305).
Regular bugfix release.
- docker_container, docker_image - adjust image finding code to pecularities of
podman-docker's API emulation when Docker short names likeredisare used (#292).
Emergency release to amend breaking change in previous release.
- Fix unintended breaking change caused by an earlier fix by vendoring the deprecated Python standard library
distutils.versionuntil this collection stops supporting Ansible 2.9 and ansible-base 2.10 (#267, #269).
Maintenance release.
- Various modules and plugins - use vendored version of
distutils.versionincluded in ansible-core 2.12 if available. This avoids breakage whendistutilsis removed from the standard library of Python 3.12. Note that ansible-core 2.11, ansible-base 2.10 and Ansible 2.9 are right now not compatible with Python 3.12, hence this fix does not target these ansible-core/-base/2.9 versions (#258). - docker connection plugin - replace deprecated
distutils.spawn.find_executablewith Ansible'sget_bin_pathto find thedockerexecutable (#257). - docker_container_exec - disallow using the
chdiroption for Docker API before 1.35 (#253).
Bugfix release.
- docker_api connection plugin - avoid passing an unnecessary argument to a Docker SDK for Python call that is only supported by version 3.0.0 or later (#243).
- docker_container_exec -
chdiris only supported since Docker SDK for Python 3.0.0. Make sure that this option can only use when 3.0.0 or later is installed, and prevent passing this parameter on whenchdiris not provided to this module (#243, #242). - nsenter connection plugin - ensure the
nsenter_pidoption is retrieved in_connectinstead of__init__to prevent a crasher due to bad initialization order (#249). - nsenter connection plugin - replace the use of
--all-namespaceswith specific namespaces to support compatibility with Busybox nsenter (used on, for example, Alpine containers) (#249).
Maintenance release with some documentation fixes.
Regular feature and bugfix release.
- Add the modules docker_container_exec, docker_image_load and docker_plugin to the
dockermodule defaults group (#209). - docker_config - add option
data_srcto read configuration data from target (#64, #203). - docker_secret - add option
data_srcto read secret data from target (#64, #203).
Regular bugfix release.
- docker_compose - fixed incorrect
changedstatus for services withprofilesdefined, but none enabled (#192).
New bugfixes and features release.
- docker* modules - include
ImportErrortraceback when reporting that Docker SDK for Python could not be found (#188). - docker_compose - added
env_fileoption for specifying custom environment files (#174). - docker_container - added
publish_all_portsoption to publish all exposed ports to random ports except those explicitly bound withpublished_ports(this was already added in community.docker 1.8.0) (#162). - docker_container - added new
command_handlingoption with current deprecated default valuecompatibilitywhich allows to control how the module handles shell quoting when interpreting lists, and how the module handles empty lists/strings. The default will switch tocorrectin community.docker 3.0.0 (#186). - docker_container - lifted restriction preventing the creation of anonymous volumes with the
mountsoption (#181).
- docker_container - the new
command_handling's default value,compatibility, is deprecated and will change tocorrectin community.docker 3.0.0. A deprecation warning is emitted by the module in cases where the behavior will change. Please note that ansible-core will output a deprecation warning only once, so if it is shown for an earlier task, there could be more tasks with this warning where it is not shown (#186).
- docker_compose - fixes task failures when bringing up services while using
docker-compose <1.17.0(#180). - docker_container - make sure to also return
containerondetached=falsewhen status code is non-zero (#178). - docker_stack_info - make sure that module isn't skipped in check mode (#183).
- docker_stack_task_info - make sure that module isn't skipped in check mode (#183).
- nsenter - execute on host running controller container
Regular bugfix and feature release.
- Avoid internal ansible-core module_utils in favor of equivalent public API available since at least Ansible 2.9 (#164).
- docker_compose - added
profilesoption to specify service profiles when starting services (#167). - docker_containers inventory plugin - when
connection_type=docker-api, now pass Docker daemon connection options from inventory plugin to connection plugin. This can be disabled by settingconfigure_docker_daemon=false(#157). - docker_host_info - allow values for keys in
containers_filters,images_filters,networks_filters, andvolumes_filtersto be passed as YAML lists (#160). - docker_plugin - added
aliasoption to specify local names for docker plugins (#161).
Small feature and bugfix release.
- docker_image - allow to tag images by ID (#149).
Bugfix release to reduce deprecation warning spam.
- docker* modules and plugins, except
docker_swarmconnection plugin anddocker_composeanddocker_stack*` modules - only emittls_hostname`` deprecation message if TLS is actually used (#143).
Regular bugfix and feature release.
- common module utils - correct error messages for guiding to install proper Docker SDK for Python module (#125).
- docker_container - allow
memory_swap: -1to set memory swap limit to unlimited. This is useful when the user cannot set memory swap limits due to cgroup limitations or other reasons, as by default Docker will try to set swap usage to two times the value ofmemory(#138).
- docker* modules and plugins, except
docker_swarmconnection plugin anddocker_composeanddocker_stack*` modules - the current defaultlocalhostfortls_hostnameis deprecated. In community.docker 2.0.0 it will be computed fromdocker_host`` instead (#134).
- docker-compose - fix not pulling when
state: presentandstopped: true(#12, #119). - docker_plugin - also configure plugin after installing (#118, #135).
- docker_swarm_services - avoid crash during idempotence check if
published_portis not specified (#107, #136).
Regular feature release.
- all modules - use
to_nativeto convert exceptions to strings (#121).
- docker_container_exec - Execute command in a docker container
Security release to address another potential secret leak. Also includes regular bugfixes and features.
- docker_swarm_service - change
publish.published_portoption from mandatory to optional. Docker will assign random high port if not specified (#99).
- docker_swarm - if
join_tokenis specified, a returned join token with the same value will be replaced byVALUE_SPECIFIED_IN_NO_LOG_PARAMETER. Make sure that you do not blindly use the join tokens from the return value of this module when the module is invoked withjoin_tokenspecified! This breaking change appears in a minor release since it is necessary to fix a security issue (#103).
- docker_swarm - the
join_tokenoption is now marked asno_logso it is no longer written into logs (#103).
docker_swarm_service- fix KeyError on caused by reference to deprecated optionupdate_failure_action(#100).- docker_swarm_service - mark
secretsmodule option withno_log=Falsesince it does not leak secrets (ansible-collections/community.general#2001).
Regular feature and bugfix release.
- docker_container - add
storage_optsoption to specify storage options (#91, #93). - docker_image - allows to specify platform to pull for
source=pullwith new optionpull_platform(#79, #89). - docker_image - properly support image IDs (hashes) for loading and tagging images (#86, #87).
- docker_swarm_service - adding support for maximum number of tasks per node (
replicas_max_per_node) when running swarm service in replicated mode. Introduced in API 1.40 (#7, #92).
- docker_container - fix healthcheck disabling idempotency issue with strict comparison (#85).
- docker_image - prevent module failure when removing image that is removed between inspection and removal (#87).
- docker_image - prevent module failure when removing non-existant image by ID (#87).
- docker_image_info - prevent module failure when image vanishes between listing and inspection (#87).
- docker_image_info - prevent module failure when querying non-existant image by ID (#87).
- docker_image_load - Load docker image(s) from archives
- docker_plugin - Manage Docker plugins
Security bugfix release to address CVE-2021-20191.
- docker_swarm - enabled
no_logfor the optionsigning_ca_keyto prevent accidental disclosure (CVE-2021-20191, #80).
Bugfix release.
- docker connection plugin - fix Docker version parsing, as some docker versions have a leading
vin the output of the commanddocker version --format "{{.Server.Version}}"(#76).
Feature release with one new feature and two bugfixes.
- docker_container - added
default_host_ipoption which allows to explicitly set the default IP string for published ports without explicitly specified IPs. When using IPv6 binds with Docker 20.10.2 or newer, this needs to be set to an empty string ("") (#70, #71).
- docker_container - allow IPv6 zones (RFC 4007) in bind IPs (#66).
- docker_image - fix crash on loading images with versions of Docker SDK for Python before 2.5.0 (#72, #73).
Feature release with three new plugins and modules.
- docker_container - support specifying
cgroup_parent(#6, #59). - docker_container - when a container is started with
detached=false,statusis now also returned when it is 0 (#26, #58). - docker_image - support
platformwhen building images (#22, #54).
- docker_container - currently
published_portscan contain port mappings next to the special valueall, in which case the port mappings are ignored. This behavior is deprecated for community.docker 2.0.0, at which point it will either be forbidden, or this behavior will be properly implemented similar to how the Docker CLI tool handles this (#8, #60).
- docker_image - if
push=trueis used withrepository, and the image does not need to be tagged, still push. This can happen ifrepositoryandnameare equal (#52, #53). - docker_image - report error when loading a broken archive that contains no image (#46, #55).
- docker_image - report error when the loaded archive does not contain the specified image (#41, #55).
- docker_api - Run tasks in docker containers
- docker_containers - Ansible dynamic inventory plugin for Docker containers.
- current_container_facts - Return facts about whether the module runs in a Docker container
Maintenance release with a bugfix for docker_container.
This is the first production (non-prerelease) release of community.docker.
- Add collection-side support of the
dockeraction group / module defaults group (#17). - docker_image - return docker build output (ansible-collections/community.general#805).
- docker_secret - add a warning when the secret does not have an
ansible_keylabel but theforceparameter is not set (#30, #31).
The community.docker continues the work on the Ansible docker modules and plugins from their state in community.general 1.2.0. The changes listed here are thus relative to the modules and plugins community.general.docker*.
All deprecation removals planned for community.general 2.0.0 have been applied. All deprecation removals scheduled for community.general 3.0.0 have been re-scheduled for community.docker 2.0.0.
- docker_container - now supports the
device_requestsoption, which allows to request additional resources such as GPUs (ansible/ansible#65748, ansible-collections/community.general#1119).
- docker_container - no longer returns
ansible_facts(#1). - docker_container - the default of
networks_cli_compatiblechanged totrue(#1). - docker_container - the unused option
trust_image_contenthas been removed (#1). - docker_image -
state=buildhas been removed. Usepresentinstead (#1). - docker_image - the
container_limits,dockerfile,http_timeout,nocache,rm,path,buildargs,pullhave been removed. Use the corresponding suboptions ofbuildinstead (#1). - docker_image - the
forceoption has been removed. Use the more specificforce_*options instead (#1). - docker_image - the
sourceoption is now mandatory (#1). - docker_image - the
use_tlsoption has been removed. Usetlsandvalidate_certsinstead (#1). - docker_image - the default of the
build.pulloption changed tofalse(#1). - docker_image_facts - this alias is on longer availabe, use
docker_image_infoinstead (#1). - docker_network - no longer returns
ansible_facts(#1). - docker_network - the
ipam_optionsoption has been removed. Useipam_configinstead (#1). - docker_service - no longer returns
ansible_facts(#1). - docker_swarm -
state=inspecthas been removed. Usedocker_swarm_infoinstead (#1). - docker_swarm_service - the
constraintsoption has been removed. Useplacement.constraintsinstead (#1). - docker_swarm_service - the
limit_cpuandlimit_memoryoptions has been removed. Use the corresponding suboptions inlimitsinstead (#1). - docker_swarm_service - the
log_driverandlog_driver_optionsoptions has been removed. Use the corresponding suboptions inlogginginstead (#1). - docker_swarm_service - the
reserve_cpuandreserve_memoryoptions has been removed. Use the corresponding suboptions inreservationsinstead (#1). - docker_swarm_service - the
restart_policy,restart_policy_attempts,restart_policy_delayandrestart_policy_windowoptions has been removed. Use the corresponding suboptions inrestart_configinstead (#1). - docker_swarm_service - the
update_delay,update_parallelism,update_failure_action,update_monitor,update_max_failure_ratioandupdate_orderoptions has been removed. Use the corresponding suboptions inupdate_configinstead (#1). - docker_volume - no longer returns
ansible_facts(#1). - docker_volume - the
forceoption has been removed. Userecreateinstead (#1).
- docker_login - fix internal config file storage to handle credentials for more than one registry (ansible-collections/community.general#1117).