Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Add option to assign existing users to the docker privileged user group. #12

Merged
merged 3 commits into from
Dec 22, 2021
Merged

Add option to assign existing users to the docker privileged user group. #12

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
34b6509
Add option to assign existing users to the privileged docker user group.
philippwaller Dec 19, 2021
f59470e
Change test user creation strategy to avoid unit test specific depend…
philippwaller Dec 20, 2021
1956eb4
Improve task description.
philippwaller Dec 20, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 13 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,19 @@ The machine needs to be prepared. In CI this is done using `molecule/default/pre

Also see a [full explanation and example](https://robertdebock.nl/how-to-use-these-roles.html) on how to use these roles.

## [Role Variables](#role-variables)

The default values for the variables are set in `defaults/main.yml`:
```yaml
---
# defaults file for docker_ce

# Add users to the privileged docker group. For example:
# docker_ce_privileged_users:
# - UserA
# - UserB
docker_ce_privileged_users:
```

## [Requirements](#requirements)

Expand Down
8 changes: 8 additions & 0 deletions defaults/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
# defaults file for docker_ce

# Add users to the privileged docker group. For example:
# docker_ce_privileged_users:
# - UserA
# - UserB
docker_ce_privileged_users:
3 changes: 3 additions & 0 deletions molecule/default/converge.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,6 @@

roles:
- role: ansible-role-docker_ce
docker_ce_privileged_users:
- woody
- buzz
10 changes: 10 additions & 0 deletions molecule/default/prepare.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,13 @@
- role: robertdebock.buildtools
- role: robertdebock.python_pip
- role: robertdebock.core_dependencies

tasks:
- name: Create test case users
user:
name: "{{ user }}"
loop:
- woody
- buzz
loop_control:
loop_var: user
10 changes: 10 additions & 0 deletions molecule/default/verify.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,16 @@
gather_facts: no

tasks:
- name: Check docker group configuration
lineinfile:
path: /etc/group
regex: '^docker:x:\d*:woody,buzz$'
state: absent
check_mode: yes
register: docker_ce_group
changed_when: not docker_ce_group is changed
failed_when: docker_ce_group is changed

- name: install pip docker-py
ansible.builtin.pip:
name: docker-py
Expand Down
16 changes: 16 additions & 0 deletions tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,22 @@
name: "{{ docker_ce_packages }}"
state: present

- name: create privileged docker user group
ansible.builtin.group:
name: docker
state: present

- name: add privileged users to the docker user group
user:
name: "{{ user }}"
groups: docker
append: yes
loop: "{{ docker_ce_privileged_users }}"
loop_control:
loop_var: user
when:
- docker_ce_privileged_users | length

- name: start and enable docker_ce
ansible.builtin.service:
name: "{{ docker_ce_service }}"
Expand Down