VhTddlmZmZmZeZdZddlZddlZddl Zddl Z ddl Z ddl m Z mZmZddlmZddlmZddlmZddlmZmZmZdd lmZmZdd lmZdd lm Z dd l!m"Z"eZ#Gd deZ$y))absolute_importdivisionprint_functiona author: - Lorin Hochestein (!UNKNOWN) - Leendert Brouwer (!UNKNOWN) name: docker short_description: Run tasks in docker containers description: - Run commands or put/fetch files to an existing docker container. - Uses the Docker CLI to execute commands in the container. If you prefer to directly connect to the Docker daemon, use the P(community.docker.docker_api#connection) connection plugin. options: remote_addr: description: - The name of the container you want to access. default: inventory_hostname vars: - name: inventory_hostname - name: ansible_host - name: ansible_docker_host remote_user: description: - The user to execute as inside the container. - If Docker is too old to allow this (< 1.7), the one set by Docker itself will be used. vars: - name: ansible_user - name: ansible_docker_user ini: - section: defaults key: remote_user env: - name: ANSIBLE_REMOTE_USER cli: - name: user keyword: - name: remote_user docker_extra_args: description: - Extra arguments to pass to the docker command line. default: '' vars: - name: ansible_docker_extra_args ini: - section: docker_connection key: extra_cli_args container_timeout: default: 10 description: - Controls how long we can wait to access reading output from the container once execution started. env: - name: ANSIBLE_TIMEOUT - name: ANSIBLE_DOCKER_TIMEOUT version_added: 2.2.0 ini: - key: timeout section: defaults - key: timeout section: docker_connection version_added: 2.2.0 vars: - name: ansible_docker_timeout version_added: 2.2.0 cli: - name: timeout type: integer extra_env: description: - Provide extra environment variables to set when running commands in the Docker container. - This option can currently only be provided as Ansible variables due to limitations of ansible-core's configuration manager. vars: - name: ansible_docker_extra_env type: dict version_added: 3.12.0 working_dir: description: - The directory inside the container to run commands in. - Requires Docker CLI version 18.06 or later. env: - name: ANSIBLE_DOCKER_WORKING_DIR ini: - key: working_dir section: docker_connection vars: - name: ansible_docker_working_dir type: string version_added: 3.12.0 privileged: description: - Whether commands should be run with extended privileges. - B(Note) that this allows command to potentially break out of the container. Use with care! env: - name: ANSIBLE_DOCKER_PRIVILEGED ini: - key: privileged section: docker_connection vars: - name: ansible_docker_privileged type: boolean default: false version_added: 3.12.0 N) AnsibleErrorAnsibleFileNotFoundAnsibleConnectionFailure) shlex_quote) string_types) get_bin_path)to_bytes to_nativeto_text)ConnectionBaseBUFSIZE)Display) selectors) LooseVersionceZdZdZdZdZfdZedZdZ dZ dZ d Z d Z d Zd Zed ZdZdfd Zdfd ZdZfdZfdZfdZdZxZS) Connectionz Local docker based connections zcommunity.docker.dockerTc tt| ||g|i|g|_i|_d|_t |jddrd|_d|vr |d|_ y td|_ y#t$r tdwxYw)N _IS_WINDOWSF)z.ps1z.exedocker_commanddockerz docker command not found in PATH) superr__init__ _docker_args_container_user_cache_versiongetattr_shell!module_implementation_preferences docker_cmdr ValueErrorr)self play_context new_stdinargskwargs __class__s n/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/community/docker/plugins/connection/docker.pyrzConnection.__init__s j$(yR4R6R%'"  4;; u 55ID 2 v %$%56DO G".x"8 G"#EFF Gs A..Bcbtjdd|}tjdd|}|S)Nz [^0-9a-zA-Z.]rz^v)resub)versions r+_sanitize_versionzConnection._sanitize_versions,&&)38&&W-c|j}dg}|jg|z|z}tj|tjtj}|j \}}|t |||jfS)Nr/stdoutstderrrr# subprocessPopenPIPE communicater returncode)r%cmd_argsold_version_subcommandold_docker_cmdp cmd_outputerrs r+_old_docker_versionzConnection._old_docker_versionso$$"+//*X58NN   ^JOOJOO \--/ Cy4c1<<GGr1c|j}gd}|jg|z|z}tj|tjtj}|j \}}|t |||jfS)N)r/--formatz'{{.Server.Version}}'r3r6)r%r<new_version_subcommandnew_docker_cmdr?r@rAs r+_new_docker_versionzConnection._new_docker_versionsm$$!Q//*X58NN   ^JOOJOO \--/ Cy4c1<<GGr1c|j\}}}}|dk(rVt|djdD]7}|jds|j |jdcS|j \}}}}|r#t dt|dt||j t|dS) Nrsurrogate_or_stricterrors zServer version:zDocker version check (z ) failed: )rBrsplit startswithr0rGrr )r%cmdr@rAr;lines r+_get_docker_versionzConnection._get_docker_versions+/+C+C+E(Zj ? 3HIOOPUV C??#5611$**,q/BB C,0+C+C+E(Zj SVYbcfYghi i%%gjAV&WXXr1c|jd}||jvr|j|Stj|jddd|gtj tj }|j \}}t|d}|jdk7r4tjd |d t|d |j|<y |jxsd }||j|<|S) z9 Get the default user configured in the docker container remote_addrinspectrDz{{.Config.User}}r3rIrJrz7unable to retrieve default user from docker container:  Nroot) get_optionrr7r8r#r9r:rr;displaywarningstrip)r% containerr?outrAusers r+_get_docker_remote_userz"Connection._get_docker_remote_usersOOM2 22 2--i8 8   dooy*FXZcd$.OOJOO M==?Sc"78 <<1  OO_bdklodpq r48D & &y 1yy{%g04""9- r1c P|jg}|jr||jz }|dgz }|j|d|jgz }|jdr|jdj D]q\}}|df|dffD]?\}}t |t rtdj|j|||ddt|d t|d fzgz }s|jd u|d t|jd d gz }|jd k7rEt|jtdkr$tdj|j|jdr|dgz }|d|jdg|zz }|S)z Build the local docker exec command to run cmd on remote_host If remote_user is available and is supported by the docker version we are using, it will be provided to docker exec. sexecs-u extra_envKeyValuezNon-string {0} found for extra_env option. Ambiguous env options must be wrapped in quotes to avoid them being interpreted. {1}: {2!r}s-es%s=%srIrJ working_dirs-wdevz18.06zlProviding the working directory requires Docker CLI version 18.06 or newer. You have Docker CLI version {0}. privilegeds --privilegeds-irT) r#r remote_userrXitems isinstancer rformatlowerr docker_versionr)r%rP local_cmdkvvalwhats r+_build_exec_cmdzConnection._build_exec_cmds__%    ** *IgY    ' %!1!12 2I ??; ' 4::< H1#$e*q'l!;IC%c<86\#VDJJL$<eX!DY1Z\defpE]F1G&GHH  H ??= ) 5 %$//-*HQf!gh hI""f,d>Q>Q1RUabjUk1k.CVD//0 ??< ( /* *I eT__];|j"j?|s"|jA|jB} | s*|jE\} } tGd tI|z| D]m\} } | jJ|j(k(r|j(jM}:| jJ|j2k(sT|j2jM}os*|jE\} } tGd tI|z||z }|j"j=|s|j"j?|s"|jO|j"j=|sP|j"jd|j }|jPjSt|ddzt'j&|j(t&j*t'j&|j(t&j,t.j0zt'j&|j2t&j*t'j&|j2t&j,t.j0ztjd|jE|\} } tjdtjd|jT| | fScc}w#|jOwxYw)z" Run a command on the docker host )in_datasudoable-czEXEC {0}rTrzopening command with Popen()rIrJstdinr4r5z!done running command with Popen()r1z:timeout waiting for privilege escalation password prompt: z;privilege output closed while waiting for password prompt: become_pass) playcontext z!getting output with communicate()zdone communicatingzdone with docker.exec_command())+r}rr exec_commandrrru executablerYrrjrrXdebugr r7r8r9become expect_promptfcntlr4F_SETFLF_GETFLos O_NONBLOCKr5rDefaultSelectorregister EVENT_READ check_successcheck_password_promptselectr{r:rr fileobjreadcloserwriter;)r%rPrrrmir?selector become_outputeventsr4r5keyeventchunkrr*s r+rzConnection.exec_commandYs  j$,S'H,U(($*<*<*G*Gs)ST  K&&wy'9:Q^A_ ` 45HQR1Xa(=>R R    //????    9: ;;4;;4468 KK%--QXXu}}1UXZXeXe1e f KK%--QXXu}}1UXZXeXe1e f 002H   ahh (<(< =   ahh (<(< =M !++33MB4;;KlKlmzK{%__T\\:F!)**+hktvClD,DEE&,4 U;;!((2$%HHMMOE [[AHH4$%HHMMOE 4 !)**+iluwDmE,EFF!U*M++33MB4;;KlKlmzK{" ;;,,];"kk44]PTPbPb4c  h{;PQTYYZ KK%--QXXu}}1UY[YfYfXf1f g KK%--QXXu}}1UY[YfYfXf1f g 9:w/ *+ 78 ff--cSH s'VCVBVV+cZt|jddrddl}|j|S|j t j js8t j jt j j|}t j j|S)a Make sure that we put files into a standard path If a path is relative, then we need to choose where to put it. ssh chooses $HOME but we are not guaranteed that a home dir will exist in any given chroot. So for now we are choosing "/" instead. This also happens to be the former default. Can revisit using $HOME instead if it is a problem rFrN) r r!ntpathnormpathrOrpathsepjoin)r% remote_pathrs r+_prefix_login_pathzConnection._prefix_login_pathsm 4;; u 5 ??;/ /))"''++6 ggll277;; D 77##K0 0r1c |jtt|||tj d|d||j d|j|}tjjt|dstdt|zt|}tt|dd5}tj |j#j$sd }nd }|j'|j(j*d d |d t,|g}|Dcgc]}t|d}} t/j0||t.j2t.j2}|j9\}} |j:dk7r;t7dt|dt|dt|dt|  dddycc}w#t4$r t7dwxYw#1swYyxYw)z0 Transfer a file from local to docker container zPUT  TO rTrrIrJz!file or module does not exist: %srbz count=0rrzdd of= bs=rCdocker connection requires dd command in the container to put filesrzfailed to transfer file  to : rLN)r}rrput_filerYrrXrrrexistsr rr r openfstatfilenost_sizerrrurrr7r8r9OSErrorrr:r;) r%in_pathout_pathin_filecountr(rr?r4r5r*s r+rzConnection.put_files  j$((; gx8t}?] ^**84ww~~hw7LMN%3i6HHJ Jx( (7+@A4 H tG88GNN,-55"''););)F)Fdlnuw|N}(~DGKL!HQ'<=LDL j$$TYcYhYhi]]_NFF||q "$-g$6 (8KYW]M^`ijp`q$stt! t t M j"#hii j t ts8A+H1G$H5G)=AH$H)G>>HH c |jtt|||tj d|d||j d|j|}tjj|}|jd|j dd||g}|Dcgc]}t|d}}tj|tjtjtj }|j!t#|j$d d r&d d l}|j)||j+|}n=tjj)|tjj+|}|j,d k7r|j/|j0j2dd|dt4g}|Dcgc]}t|d}}t7t|dd5} tj|tj| tj }|j!\} } |j,d k7rt;d|d|d| d|  d d d ||k7r-tj<t|dt|dy y cc}wcc}w#t8$r t;dwxYw#1swY^xYw)z' Fetch a file from container to local. zFETCH rrTrcp:rIrJrrFrNrzdd if=rwbrzfailed to fetch file rrrLstrict)r}rr fetch_filerYrrXrrrdirnamer#r r7r8r9r:r r!rrbasenamer;rrrurrrrrrename) r%rrout_dirr(rr?ractual_out_pathout_filer4r5r*s r+rzConnection.fetch_filesX  j$*7H= :Q^A_ `))'2''//(+$//-2PRY'Z\cdCGHa#89HH   T$.OOJOO M  4;; u 5 $kk'6??73KLO ggll7BGG4D4DW4MNO <<1 ''););)F)FbikrNs(tuDGKL!HQ'<=LDLh7LMtT wX`n"((Z__08RA"#<<1$&SZ\dflnt'uvv% w h & IIhx@(8\dBe f ';I M n&'lmmn w ws0*J+J0?K 5J569K 5K  K  Kc8tt| d|_y)z3 Terminate the connection. Nothing to do for DockerFN)rrrr)r%r*s r+rzConnection.closes j$%'r1ci|_yN)rr|s r+resetzConnection.resets %'"r1r)NF)__name__ __module__ __qualname____doc__ transporthas_pipeliningr staticmethodr0rBrGrRr_rrrwr}propertyrlrrrrrrrr __classcell__)r*s@r+rrs*)ING8 H H Y*+Z7 6  * #=.~1$tB*gX (r1r)% __future__rrrtype __metaclass__ DOCUMENTATIONrros.pathr7r-ansible.errorsrrransible.module_utils.six.movesr ansible.module_utils.sixr #ansible.module_utils.common.processr +ansible.module_utils.common.text.convertersr r ransible.plugins.connectionrransible.utils.displayrCansible_collections.community.docker.plugins.module_utils.selectorsrAansible_collections.community.docker.plugins.module_utils.versionrrYrr1r+rscCB d L  VV61<TT>)YZ )w(w(r1