Try SpotterManage buildah containers
| "added in version" 0.0.1 of mafalb.containers"
Authors: Sagi Shnaidman (@sshnaidm), Markus Falb (@mafalb)
Install with ansible-galaxy collection install mafalb.containers:==0.0.2
collections:
- name: mafalb.containers
version: 0.0.2Create and remove Buildah containers.
- name: Create a buildah container
mafalb.containers.buildah_container:
name: ci-rocky8
image: quay.io/rockylinux/rockylinux:8
state: present
- name: Remove a buildah container
mafalb.containers.buildah_container:
name: ci-rocky8
state: absent
env:
description:
- Set environment variables. This option allows you to specify arbitrary environment
variables that are available for the process that will be launched inside of the
container.
type: dict
name:
description:
- Name of the container
required: true
type: str
debug:
default: false
description:
- Return additional information which can be helpful for investigations.
type: bool
image:
description:
- Repository path (or image name) and tag used to create the container. If an image
is not found, the image will be pulled from the registry. If no tag is included,
C(latest) will be used.
- Can also be an image ID. If this is the case, the image is assumed to be available
locally.
type: str
state:
choices:
- absent
- present
- created
default: present
description:
- I(absent) - A container matching the specified name will be stopped and removed.
- I(present) - Asserts the existence of a container matching the name and any provided
configuration parameters. If no container matches the name, a container will be
created. If a container matches the name but the provided configuration does not
match, the container will be updated, if it can be. If it cannot be updated, it
will be removed and re-created with the requested config. Image version will be
taken into account when comparing configuration. Use the recreate option to force
the re-creation of the matching container.
- I(created) - same as I(present)
type: str
cap_add:
aliases:
- capabilities
description:
- List of capabilities to add to the container.
elements: str
type: list
cgroups:
description:
- Determines whether the container will create CGroups. Valid values are enabled and
disabled, which the default being enabled. The disabled option will force the container
to not create CGroups, and thus conflicts with CGroup options cgroupns and cgroup-parent.
type: str
cidfile:
description:
- Write the container ID to the file
type: path
command:
description:
- Override command of container. Can be a string or a list.
type: raw
workdir:
aliases:
- working_dir
description:
- Working directory inside the container. The default working directory for running
binaries within a container is the root directory (/).
type: str
authfile:
description:
- Path of the authentication file. Default is ``${XDG_RUNTIME_DIR}/containers/auth.json``
(Not available for remote commands) You can also override the default path of the
authentication file by setting the ``REGISTRY_AUTH_FILE`` environment variable.
``export REGISTRY_AUTH_FILE=path``
type: path
cap_drop:
description:
- List of capabilities to drop from the container.
elements: str
type: list
cgroupns:
description:
- Path to cgroups under which the cgroup for the container will be created.
type: str
annotation:
description:
- Add an annotation to the container. The format is key value, multiple times.
type: dict
executable:
default: buildah
description:
- Path to C(buildah) executable if it is not in the C($PATH) on the machine running
C(buildah)
type: str
blkio_weight:
description:
- Block IO weight (relative weight) accepts a weight value between 10 and 1000
type: int
cgroup_parent:
description:
- Path to cgroups under which the cgroup for the container will be created. If the
path is not absolute, the path is considered to be relative to the cgroups path
of the init process. Cgroups will be created if they do not already exist.
type: path
podman_executable:
default: podman
description:
- Path to C(podman) executable if it is not in the C($PATH) on the machine running
C(buildah)
type: str
blkio_weight_device:
description:
- Block IO weight (relative device weight, format DEVICE_NAME[:]WEIGHT).
type: dict
container:
description:
- Facts representing the current state of the container. Matches the buildah inspect
output.
- Note that facts are part of the registered vars since Ansible 2.8. For compatibility
reasons, the facts are also accessible directly as C(buildah_container). Note
that the returned fact will be removed in Ansible 2.12.
- Empty if C(state) is I(absent).
returned: always
sample: '{ "actions": [ "recreated container" ], "buildah_actions": [ "buildah rm
container", "buildah --name container --cap-drop CAP_SYS_ADMIN from hello-world"
], "changed": true, "container": { "AddCapabilities": [], "CNIConfigDir": "/etc/cni/net.d",
"CNIPluginPath": "/usr/libexec/cni:/opt/cni/bin", "Config": "{\"architecture\":\"amd64\",
...}", "ConfigureNetwork": "NetworkDefault", "Container": "container2", "ContainerID":
"...", "DefaultCapabilities": [ "CAP_AUDIT_WRITE", ... ], "DefaultMountsFilePath":
"", "Devices": [], "Docker": { "architecture": "amd64", "config": { "ArgsEscaped":
true, "AttachStderr": false, "AttachStdin": false, "AttachStdout": false, "Cmd":
[ "/bin/sh" ], "Domainname": "", "Entrypoint": null, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
], "Hostname": "", "Image": "sha256:...", "Labels": null, "OnBuild": [], "OpenStdin":
false, "StdinOnce": false, "Tty": false, "User": "", "Volumes": null, "WorkingDir":
"" }, "container": "...", "container_config": { "ArgsEscaped": true, "AttachStderr":
false, "AttachStdin": false, "AttachStdout": false, "Cmd": [ "/bin/sh" ], "Domainname":
"", "Entrypoint": null, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
], "Hostname": "", "Image": "sha256:...", "Labels": null, "OnBuild": [], "OpenStdin":
false, "StdinOnce": false, "Tty": false, "User": "", "Volumes": null, "WorkingDir":
"" }, "created": "2019-03-07T22:19:53.447205048Z", "history": [ ... ], "os": "linux",
"rootfs": { "diff_ids": [ "sha256:..." ], "type": "layers" } }, "DropCapabilities":
[], "FromImage": "...", "FromImageDigest": "sha256:...", "FromImageID": "...",
"History": [ ... ], "IDMappingOptions": { "GIDMap": [], "HostGIDMapping": true,
"HostUIDMapping": true, "UIDMap": [] }, "ImageAnnotations": null, "ImageCreatedBy":
"", "Isolation": "IsolationOCIRootless", "Manifest": "{\n \"schemaVersion\":
2,\n ...}", "MountLabel": "system_u:object_r:svirt_sandbox_file_t:s0:c295,c943",
"MountPoint": "", "NamespaceOptions": [ { "Host": true, "Name": "cgroup", "Path":
"" }, { "Host": false, "Name": "ipc", "Path": "" }, { "Host": false, "Name": "mount",
"Path": "" }, { "Host": true, "Name": "network", "Path": "" }, { "Host": false,
"Name": "pid", "Path": "" }, { "Host": true, "Name": "user", "Path": "" }, { "Host":
false, "Name": "uts", "Path": "" } ], "OCIv1": { "architecture": "amd64", "config":
{ "Cmd": [ "/bin/sh" ], "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
] }, "created": "2019-03-07T22:19:53.447205048Z", "history": [ ... ], "os": "linux",
"rootfs": { "diff_ids": [ "sha256:..." ], "type": "layers" } }, "ProcessLabel":
"system_u:system_r:svirt_lxc_net_t:s0:c295,c943", "Type": "buildah 0.0.1" }, "failed":
false, "stderr": "", "stderr_lines": [], "stdout": "container2\n", "stdout_lines":
[ "container2" ] }'
type: dict