Use docker_login without actually logging in

[lonix1]

SUMMARY

Use docker_login to write credentials to ~/.docker/config.json without verification.

ISSUE TYPE

• Feature Idea

COMPONENT NAME

docker_login

ADDITIONAL INFORMATION

The docker_login module performs two processes:

1. it does an actual docker login,
2. which writes to the ~/.docker/config.json file.

So this module has an all-or-nothing approach - it cannot be used if the registry is not fully provisioned and responsive.

But often when provisioning a host, that is not the case, and we just need to write that file - and we know the data is correct. In such a case we can't use this module.

I can write that file manually in about half a dozen tasks: checking if the file exists, writing to it, etc. But it would be nice to do that with the docker_login module instead.

e.g.

- docker_login:
    registry_url: registry.example.com
    username: username
    password: password
    login: false          # <---- the new feature; default true so backwards compatible

WORKAROUND

For example, this is to manually write the file on localhost:

- set_fact:
    path: "{{ lookup('env','HOME') + '/.docker/config.json' }}"
- name: try read file
  set_fact:
    json: "{{ lookup('file', path, errors='ignore') }}"
  no_log: true
- name: set default in case file does not exist
  set_fact:
    json: { "auths": {} }
  when: json == ''
- name: merge with credentials
  set_fact:
    json: "{{ json | combine({ 'auths': { 'registry.example.com': { 'auth': credentials } } }, recursive=true) }}"
  vars:
    credentials: "{{ (username + ':' + password) | b64encode }}"
  no_log: true
- name: (re)write to file
  copy:
    content: "{{ json }}"
    dest: "{{ path }}"
  delegate_to: localhost

It would be so much nicer to use the docker_login module instead.