docker_swarm_service: Use str type for configs/secrets gid/uid (#55591)

* Change type of secrets gid/uid to str
* Add changelog fragment

Co-Authored-By: hannseman <hannes@5monkeys.se>
(cherry picked from commit 14c60e6ec8)

changelogs/fragments/55591-docker_swarm_service-fix-uid-gid-secrets-config-type.yaml

@@ -0,0 +1,2 @@
+bugfixes:
+- "docker_swarm_service - Change the type of options ``gid`` and ``uid`` on ``secrets`` and ``configs`` to ``str``."

lib/ansible/modules/cloud/docker/docker_swarm_service.py

@@ -58,15 +58,15 @@ options:
       uid:
         description:
           - UID of the config file's owner.
-        type: int
+        type: str
       gid:
         description:
           - GID of the config file's group.
-        type: int
+        type: str
       mode:
         description:
-          - File access mode inside the container.
+          - File access mode inside the container. Must be an octal number (like C(0644) or C(0444)).
-        type: str
+        type: int
   constraints:
     description:
       - List of the service constraints.
@@ -611,14 +611,14 @@ options:
       uid:
         description:
           - UID of the secret file's owner.
-        type: int
+        type: str
       gid:
         description:
           - GID of the secret file's group.
-        type: int
+        type: str
       mode:
         description:
-          - File access mode inside the container.
+          - File access mode inside the container. Must be an octal number (like C(0644) or C(0444)).
         type: int
   state:
     description:
@@ -2250,8 +2250,8 @@ class DockerServiceManager(object):
                     'config_id': config_data['ConfigID'],
                     'config_name': config_data['ConfigName'],
                     'filename': config_data['File'].get('Name'),
-                    'uid': int(config_data['File'].get('UID')),
+                    'uid': config_data['File'].get('UID'),
-                    'gid': int(config_data['File'].get('GID')),
+                    'gid': config_data['File'].get('GID'),
                     'mode': config_data['File'].get('Mode')
                 })
 
@@ -2263,8 +2263,8 @@ class DockerServiceManager(object):
                     'secret_id': secret_data['SecretID'],
                     'secret_name': secret_data['SecretName'],
                     'filename': secret_data['File'].get('Name'),
-                    'uid': int(secret_data['File'].get('UID')),
+                    'uid': secret_data['File'].get('UID'),
-                    'gid': int(secret_data['File'].get('GID')),
+                    'gid': secret_data['File'].get('GID'),
                     'mode': secret_data['File'].get('Mode')
                 })
 
@@ -2506,16 +2506,16 @@ def main():
             config_id=dict(type='str', required=True),
             config_name=dict(type='str', required=True),
             filename=dict(type='str'),
-            uid=dict(type='int'),
+            uid=dict(type='str'),
-            gid=dict(type='int'),
+            gid=dict(type='str'),
             mode=dict(type='int'),
         )),
         secrets=dict(type='list', elements='dict', options=dict(
             secret_id=dict(type='str', required=True),
             secret_name=dict(type='str', required=True),
             filename=dict(type='str'),
-            uid=dict(type='int'),
+            uid=dict(type='str'),
-            gid=dict(type='int'),
+            gid=dict(type='str'),
             mode=dict(type='int'),
         )),
         networks=dict(type='list', elements='str'),

test/integration/targets/docker_swarm_service/tasks/tests/configs.yml

@@ -0,0 +1,369 @@
+---
+
+- name: Registering container name
+  set_fact:
+    service_name: "{{ name_prefix ~ '-configs' }}"
+    config_name_1: "{{ name_prefix ~ '-configs-1' }}"
+    config_name_2: "{{ name_prefix ~ '-configs-2' }}"
+
+- name: Registering container name
+  set_fact:
+    config_names: "{{ config_names }} + [config_name_1, config_name_2]"
+
+- docker_config:
+    name: "{{ config_name_1 }}"
+    data: "hello"
+    state: present
+  register: "config_result_1"
+  when: docker_api_version is version('1.30', '>=') and docker_py_version is version('2.6.0', '>=')
+
+- docker_config:
+    name: "{{ config_name_2 }}"
+    data: "test"
+    state: present
+  register: "config_result_2"
+  when: docker_api_version is version('1.30', '>=') and docker_py_version is version('2.6.0', '>=')
+
+####################################################################
+## configs #########################################################
+####################################################################
+
+- name: configs
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        filename: "/tmp/{{ config_name_1 }}.txt"
+  register: configs_1
+  ignore_errors: yes
+
+- name: configs (idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        filename: "/tmp/{{ config_name_1 }}.txt"
+  register: configs_2
+  ignore_errors: yes
+
+- name: configs (add)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        filename: "/tmp/{{ config_name_1 }}.txt"
+      - config_id: "{{ config_result_2.config_id|default('') }}"
+        config_name: "{{ config_name_2 }}"
+        filename: "/tmp/{{ config_name_2 }}.txt"
+  register: configs_3
+  ignore_errors: yes
+
+- name: configs (empty)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs: []
+  register: configs_4
+  ignore_errors: yes
+
+- name: configs (empty idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs: []
+  register: configs_5
+  ignore_errors: yes
+
+- name: cleanup
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    state: absent
+  diff: no
+
+- assert:
+    that:
+    - configs_1 is changed
+    - configs_2 is not changed
+    - configs_3 is changed
+    - configs_4 is changed
+    - configs_5 is not changed
+  when: docker_api_version is version('1.30', '>=') and docker_py_version is version('2.6.0', '>=')
+
+- assert:
+    that:
+    - configs_1 is failed
+    - "'Minimum version required' in configs_1.msg"
+  when: docker_api_version is version('1.30', '<') or docker_py_version is version('2.6.0', '<')
+
+####################################################################
+## configs (uid) ###################################################
+####################################################################
+
+- name: configs (uid int)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        uid: 1000        
+  register: configs_1
+  ignore_errors: yes
+  
+- name: configs (uid int idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        uid: 1000        
+  register: configs_2
+  ignore_errors: yes
+
+- name: configs (uid int change)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        uid: 1002      
+  register: configs_3
+  ignore_errors: yes
+  
+- name: configs (uid str)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        uid: "1001"
+  register: configs_4
+  ignore_errors: yes
+
+- name: configs (uid str idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        uid: "1001"
+  register: configs_5
+  ignore_errors: yes
+
+- name: cleanup
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    state: absent
+  diff: no
+- assert:
+    that:
+    - configs_1 is changed
+    - configs_2 is not changed
+    - configs_3 is changed
+    - configs_4 is changed
+    - configs_5 is not changed
+  when: docker_api_version is version('1.30', '>=') and docker_py_version is version('2.6.0', '>=')
+
+- assert:
+    that:
+    - configs_1 is failed
+    - "'Minimum version required' in configs_1.msg"
+  when: docker_api_version is version('1.30', '<') or docker_py_version is version('2.6.0', '<')
+
+
+####################################################################
+## configs (gid) ###################################################
+####################################################################
+
+- name: configs (gid int)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        gid: 1000        
+  register: configs_1
+  ignore_errors: yes
+  
+- name: configs (gid int idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        gid: 1000        
+  register: configs_2
+  ignore_errors: yes
+
+- name: configs (gid int change)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        gid: 1002      
+  register: configs_3
+  ignore_errors: yes
+  
+- name: configs (gid str)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        gid: "1001"
+  register: configs_4
+  ignore_errors: yes
+
+- name: configs (gid str idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        gid: "1001"
+  register: configs_5
+  ignore_errors: yes
+
+- name: cleanup
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    state: absent
+  diff: no
+- assert:
+    that:
+    - configs_1 is changed
+    - configs_2 is not changed
+    - configs_3 is changed
+    - configs_4 is changed
+    - configs_5 is not changed
+  when: docker_api_version is version('1.30', '>=') and docker_py_version is version('2.6.0', '>=')
+
+- assert:
+    that:
+    - configs_1 is failed
+    - "'Minimum version required' in configs_1.msg"
+  when: docker_api_version is version('1.30', '<') or docker_py_version is version('2.6.0', '<')
+
+####################################################################
+## configs (mode) ##################################################
+####################################################################
+
+- name: configs (mode)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        mode: 0600
+  register: configs_1
+  ignore_errors: yes
+
+- name: configs (mode idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        mode: 0600
+  register: configs_2
+  ignore_errors: yes
+
+- name: configs (mode change)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    configs:
+      - config_id: "{{ config_result_1.config_id|default('') }}"
+        config_name: "{{ config_name_1 }}"
+        mode: 0777
+  register: configs_3
+  ignore_errors: yes
+
+- name: cleanup
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    state: absent
+  diff: no
+- assert:
+    that:
+    - configs_1 is changed
+    - configs_2 is not changed
+    - configs_3 is changed
+  when: docker_api_version is version('1.30', '>=') and docker_py_version is version('2.6.0', '>=')
+
+- assert:
+    that:
+    - configs_1 is failed
+    - "'Minimum version required' in configs_1.msg"
+  when: docker_api_version is version('1.30', '<') or docker_py_version is version('2.6.0', '<')
+
+####################################################################
+####################################################################
+####################################################################
+
+- name: Delete configs
+  docker_config:
+    name: "{{ config_name }}"
+    state: absent
+    force: yes
+  loop:
+    - "{{ config_name_1 }}"
+    - "{{ config_name_2 }}"
+  loop_control:
+    loop_var: config_name
+  ignore_errors: yes
+  when: docker_api_version is version('1.30', '>=') and docker_py_version is version('2.6.0', '>=')

test/integration/targets/docker_swarm_service/tasks/tests/options.yml

@@ -5,45 +5,11 @@
     service_name: "{{ name_prefix ~ '-options' }}"
     network_name_1: "{{ name_prefix ~ '-network-1' }}"
     network_name_2: "{{ name_prefix ~ '-network-2' }}"
-    config_name_1: "{{ name_prefix ~ '-configs-1' }}"
-    config_name_2: "{{ name_prefix ~ '-configs-2' }}"
-    secret_name_1: "{{ name_prefix ~ '-secret-1' }}"
-    secret_name_2: "{{ name_prefix ~ '-secret-2' }}"
 
 - name: Registering container name
   set_fact:
     service_names: "{{ service_names }} + [service_name]"
     network_names: "{{ network_names }} + [network_name_1, network_name_2]"
-    config_names: "{{ config_names }} + [config_name_1, config_name_2]"
-    secret_names: "{{ secret_names }} + [secret_name_1, secret_name_2]"
-
-- docker_config:
-    name: "{{ config_name_1 }}"
-    data: "hello"
-    state: present
-  register: "config_result_1"
-  when: docker_api_version is version('1.30', '>=') and docker_py_version is version('2.6.0', '>=')
-
-- docker_config:
-    name: "{{ config_name_2 }}"
-    data: "test"
-    state: present
-  register: "config_result_2"
-  when: docker_api_version is version('1.30', '>=') and docker_py_version is version('2.6.0', '>=')
-
-- docker_secret:
-    name: "{{ secret_name_1 }}"
-    data: "secret1"
-    state: "present"
-  register: "secret_result_1"
-  when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.1.0', '>=')
-
-- docker_secret:
-    name: "{{ secret_name_2 }}"
-    data: "secret2"
-    state: "present"
-  register: "secret_result_2"
-  when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.1.0', '>=')
 
 - docker_network:
     name: "{{ network_name }}"
@@ -119,93 +85,6 @@
       - args_4 is changed
       - args_5 is not changed
 
-####################################################################
-## configs #########################################################
-####################################################################
-
-- name: configs
-  docker_swarm_service:
-    name: "{{ service_name }}"
-    image: alpine:3.8
-    resolve_image: no
-    command: '/bin/sh -v -c "sleep 10m"'
-    configs:
-      - config_id: "{{ config_result_1.config_id|default('') }}"
-        config_name: "{{ config_name_1 }}"
-        filename: "/tmp/{{ config_name_1 }}.txt"
-  register: configs_1
-  ignore_errors: yes
-
-- name: configs (idempotency)
-  docker_swarm_service:
-    name: "{{ service_name }}"
-    image: alpine:3.8
-    resolve_image: no
-    command: '/bin/sh -v -c "sleep 10m"'
-    configs:
-      - config_id: "{{ config_result_1.config_id|default('') }}"
-        config_name: "{{ config_name_1 }}"
-        filename: "/tmp/{{ config_name_1 }}.txt"
-  register: configs_2
-  ignore_errors: yes
-
-- name: configs (add)
-  docker_swarm_service:
-    name: "{{ service_name }}"
-    image: alpine:3.8
-    resolve_image: no
-    command: '/bin/sh -v -c "sleep 10m"'
-    configs:
-      - config_id: "{{ config_result_1.config_id|default('') }}"
-        config_name: "{{ config_name_1 }}"
-        filename: "/tmp/{{ config_name_1 }}.txt"
-      - config_id: "{{ config_result_2.config_id|default('') }}"
-        config_name: "{{ config_name_2 }}"
-        filename: "/tmp/{{ config_name_2 }}.txt"
-  register: configs_3
-  ignore_errors: yes
-
-- name: configs (empty)
-  docker_swarm_service:
-    name: "{{ service_name }}"
-    image: alpine:3.8
-    resolve_image: no
-    command: '/bin/sh -v -c "sleep 10m"'
-    configs: []
-  register: configs_4
-  ignore_errors: yes
-
-- name: configs (empty idempotency)
-  docker_swarm_service:
-    name: "{{ service_name }}"
-    image: alpine:3.8
-    resolve_image: no
-    command: '/bin/sh -v -c "sleep 10m"'
-    configs: []
-  register: configs_5
-  ignore_errors: yes
-
-- name: cleanup
-  docker_swarm_service:
-    name: "{{ service_name }}"
-    state: absent
-  diff: no
-
-- assert:
-    that:
-    - configs_1 is changed
-    - configs_2 is not changed
-    - configs_3 is changed
-    - configs_4 is changed
-    - configs_5 is not changed
-  when: docker_api_version is version('1.30', '>=') and docker_py_version is version('2.6.0', '>=')
-
-- assert:
-    that:
-    - configs_1 is failed
-    - "'Minimum version required' in configs_1.msg"
-  when: docker_api_version is version('1.30', '<') or docker_py_version is version('2.6.0', '<')
-
 ####################################################################
 ## command #########################################################
 ####################################################################
@@ -1877,93 +1756,6 @@
       - "('version is ' ~ docker_py_version ~'. Minimum version required is 3.2.0') in resolve_image_3.msg"
   when: docker_api_version is version('1.30', '<') or docker_py_version is version('3.2.0', '<')
 
-####################################################################
-## secrets #########################################################
-####################################################################
-
-- name: secrets
-  docker_swarm_service:
-    name: "{{ service_name }}"
-    image: alpine:3.8
-    resolve_image: no
-    command: '/bin/sh -v -c "sleep 10m"'
-    secrets:
-      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
-        secret_name: "{{ secret_name_1 }}"
-        filename: "/run/secrets/{{ secret_name_1 }}.txt"
-  register: secrets_1
-  ignore_errors: yes
-
-- name: secrets (idempotency)
-  docker_swarm_service:
-    name: "{{ service_name }}"
-    image: alpine:3.8
-    resolve_image: no
-    command: '/bin/sh -v -c "sleep 10m"'
-    secrets:
-      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
-        secret_name: "{{ secret_name_1 }}"
-        filename: "/run/secrets/{{ secret_name_1 }}.txt"
-  register: secrets_2
-  ignore_errors: yes
-
-- name: secrets (add)
-  docker_swarm_service:
-    name: "{{ service_name }}"
-    image: alpine:3.8
-    resolve_image: no
-    command: '/bin/sh -v -c "sleep 10m"'
-    secrets:
-      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
-        secret_name: "{{ secret_name_1 }}"
-        filename: "/run/secrets/{{ secret_name_1 }}.txt"
-      - secret_id: "{{ secret_result_2.secret_id|default('') }}"
-        secret_name: "{{ secret_name_2 }}"
-        filename: "/run/secrets/{{ secret_name_2 }}.txt"
-  register: secrets_3
-  ignore_errors: yes
-
-- name: secrets (empty)
-  docker_swarm_service:
-    name: "{{ service_name }}"
-    image: alpine:3.8
-    resolve_image: no
-    command: '/bin/sh -v -c "sleep 10m"'
-    secrets: []
-  register: secrets_4
-  ignore_errors: yes
-
-- name: secrets (empty idempotency)
-  docker_swarm_service:
-    name: "{{ service_name }}"
-    image: alpine:3.8
-    resolve_image: no
-    command: '/bin/sh -v -c "sleep 10m"'
-    secrets: []
-  register: secrets_5
-  ignore_errors: yes
-
-- name: cleanup
-  docker_swarm_service:
-    name: "{{ service_name }}"
-    state: absent
-  diff: no
-
-- assert:
-    that:
-      - secrets_1 is changed
-      - secrets_2 is not changed
-      - secrets_3 is changed
-      - secrets_4 is changed
-      - secrets_5 is not changed
-  when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.4.0', '>=')
-- assert:
-    that:
-    - secrets_1 is failed
-    - "'Minimum version required' in secrets_1.msg"
-  when: docker_api_version is version('1.25', '<') or docker_py_version is version('2.4.0', '<')
-
-
 ###################################################################
 # tty #############################################################
 ###################################################################
@@ -2125,29 +1917,3 @@
   loop_control:
     loop_var: volume_name
   ignore_errors: yes
-
-- name: Delete configs
-  docker_config:
-    name: "{{ config_name }}"
-    state: absent
-    force: yes
-  loop:
-    - "{{ config_name_1 }}"
-    - "{{ config_name_2 }}"
-  loop_control:
-    loop_var: config_name
-  ignore_errors: yes
-  when: docker_api_version is version('1.30', '>=') and docker_py_version is version('2.6.0', '>=')
-
-- name: Delete secrets
-  docker_secret:
-    name: "{{ secret_name }}"
-    state: absent
-    force: yes
-  loop:
-    - "{{ secret_name_1 }}"
-    - "{{ secret_name_2 }}"
-  loop_control:
-    loop_var: secret_name
-  ignore_errors: yes
-  when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.1.0', '>=')

test/integration/targets/docker_swarm_service/tasks/tests/secrets.yml

@@ -0,0 +1,367 @@
+---
+
+- name: Registering container name
+  set_fact:
+    service_name: "{{ name_prefix ~ '-secrets' }}"
+    secret_name_1: "{{ name_prefix ~ '-secret-1' }}"
+    secret_name_2: "{{ name_prefix ~ '-secret-2' }}"
+
+- name: Registering container name
+  set_fact:
+    secret_names: "{{ secret_names }} + [secret_name_1, secret_name_2]"
+
+- docker_secret:
+    name: "{{ secret_name_1 }}"
+    data: "secret1"
+    state: "present"
+  register: "secret_result_1"
+  when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.1.0', '>=')
+
+- docker_secret:
+    name: "{{ secret_name_2 }}"
+    data: "secret2"
+    state: "present"
+  register: "secret_result_2"
+  when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.1.0', '>=')
+
+####################################################################
+## secrets #########################################################
+####################################################################
+
+- name: secrets
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        filename: "/run/secrets/{{ secret_name_1 }}.txt"
+  register: secrets_1
+  ignore_errors: yes
+
+- name: secrets (idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        filename: "/run/secrets/{{ secret_name_1 }}.txt"
+  register: secrets_2
+  ignore_errors: yes
+
+- name: secrets (add)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        filename: "/run/secrets/{{ secret_name_1 }}.txt"
+      - secret_id: "{{ secret_result_2.secret_id|default('') }}"
+        secret_name: "{{ secret_name_2 }}"
+        filename: "/run/secrets/{{ secret_name_2 }}.txt"
+  register: secrets_3
+  ignore_errors: yes
+
+- name: secrets (empty)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets: []
+  register: secrets_4
+  ignore_errors: yes
+
+- name: secrets (empty idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets: []
+  register: secrets_5
+  ignore_errors: yes
+
+- name: cleanup
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    state: absent
+  diff: no
+
+- assert:
+    that:
+      - secrets_1 is changed
+      - secrets_2 is not changed
+      - secrets_3 is changed
+      - secrets_4 is changed
+      - secrets_5 is not changed
+  when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.4.0', '>=')
+- assert:
+    that:
+    - secrets_1 is failed
+    - "'Minimum version required' in secrets_1.msg"
+  when: docker_api_version is version('1.25', '<') or docker_py_version is version('2.4.0', '<')
+
+####################################################################
+## secrets (uid) ###################################################
+####################################################################
+
+- name: secrets (uid int)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        uid: 1000
+  register: secrets_1
+  ignore_errors: yes
+
+- name: secrets (uid int idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        uid: 1000
+  register: secrets_2
+  ignore_errors: yes
+
+- name: secrets (uid int change)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        uid: 1002
+  register: secrets_3
+  ignore_errors: yes
+
+- name: secrets (uid str)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        uid: "1001"
+  register: secrets_4
+  ignore_errors: yes
+
+- name: secrets (uid str idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        uid: "1001"
+  register: secrets_5
+  ignore_errors: yes
+
+- name: cleanup
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    state: absent
+  diff: no
+
+- assert:
+    that:
+      - secrets_1 is changed
+      - secrets_2 is not changed
+      - secrets_3 is changed
+      - secrets_4 is changed
+      - secrets_5 is not changed
+  when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.4.0', '>=')
+- assert:
+    that:
+    - secrets_1 is failed
+    - "'Minimum version required' in secrets_1.msg"
+  when: docker_api_version is version('1.25', '<') or docker_py_version is version('2.4.0', '<')
+
+####################################################################
+## secrets (gid) ###################################################
+####################################################################
+
+- name: secrets (gid int)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        gid: 1001
+  register: secrets_1
+  ignore_errors: yes
+
+- name: secrets (gid int idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        gid: 1001
+  register: secrets_2
+  ignore_errors: yes
+
+- name: secrets (gid int change)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        gid: 1002
+  register: secrets_3
+  ignore_errors: yes
+
+- name: secrets (gid str)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        gid: "1003"
+  register: secrets_4
+  ignore_errors: yes
+
+- name: secrets (gid str idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        gid: "1003"
+  register: secrets_5
+  ignore_errors: yes
+
+- name: cleanup
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    state: absent
+  diff: no
+
+- assert:
+    that:
+      - secrets_1 is changed
+      - secrets_2 is not changed
+      - secrets_3 is changed
+      - secrets_4 is changed
+      - secrets_5 is not changed
+  when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.4.0', '>=')
+- assert:
+    that:
+    - secrets_1 is failed
+    - "'Minimum version required' in secrets_1.msg"
+  when: docker_api_version is version('1.25', '<') or docker_py_version is version('2.4.0', '<')
+
+####################################################################
+## secrets (mode) ##################################################
+####################################################################
+
+- name: secrets (mode)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        mode: 0600
+  register: secrets_1
+  ignore_errors: yes
+
+- name: secrets (mode idempotency)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        mode: 0600
+  register: secrets_2
+  ignore_errors: yes
+
+- name: secrets (mode change)
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    image: alpine:3.8
+    resolve_image: no
+    command: '/bin/sh -v -c "sleep 10m"'
+    secrets:
+      - secret_id: "{{ secret_result_1.secret_id|default('') }}"
+        secret_name: "{{ secret_name_1 }}"
+        mode: 0777
+  register: secrets_3
+  ignore_errors: yes
+
+- name: cleanup
+  docker_swarm_service:
+    name: "{{ service_name }}"
+    state: absent
+  diff: no
+
+- assert:
+    that:
+      - secrets_1 is changed
+      - secrets_2 is not changed
+      - secrets_3 is changed
+  when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.4.0', '>=')
+- assert:
+    that:
+    - secrets_1 is failed
+    - "'Minimum version required' in secrets_1.msg"
+  when: docker_api_version is version('1.25', '<') or docker_py_version is version('2.4.0', '<')
+
+####################################################################
+####################################################################
+####################################################################
+
+- name: Delete secrets
+  docker_secret:
+    name: "{{ secret_name }}"
+    state: absent
+    force: yes
+  loop:
+    - "{{ secret_name_1 }}"
+    - "{{ secret_name_2 }}"
+  loop_control:
+    loop_var: secret_name
+  ignore_errors: yes
+  when: docker_api_version is version('1.25', '>=') and docker_py_version is version('2.1.0', '>=')