From 9b5dbd4543195884f8f385490bc9486dd8a666e3 Mon Sep 17 00:00:00 2001 From: Fran Jurinec Date: Thu, 4 Jul 2024 09:51:32 +0200 Subject: [PATCH] Add support from device_cgroup_rules parameter (#910) --- ...0-docker_container-device_cgroup_rules.yml | 2 + plugins/module_utils/module_container/base.py | 6 ++ .../module_container/docker_api.py | 3 + plugins/modules/docker_container.py | 6 ++ .../docker_container/tasks/tests/options.yml | 60 +++++++++++++++++++ 5 files changed, 77 insertions(+) create mode 100644 changelogs/fragments/910-docker_container-device_cgroup_rules.yml diff --git a/changelogs/fragments/910-docker_container-device_cgroup_rules.yml b/changelogs/fragments/910-docker_container-device_cgroup_rules.yml new file mode 100644 index 00000000..4234d33a --- /dev/null +++ b/changelogs/fragments/910-docker_container-device_cgroup_rules.yml @@ -0,0 +1,2 @@ +minor_changes: + - "docker_container - add support for ``device_cgroup_rules`` (https://github.com/ansible-collections/community.docker/pull/910)." diff --git a/plugins/module_utils/module_container/base.py b/plugins/module_utils/module_container/base.py index 410ffb15..e10acea8 100644 --- a/plugins/module_utils/module_container/base.py +++ b/plugins/module_utils/module_container/base.py @@ -895,6 +895,11 @@ OPTION_DEVICE_REQUESTS = ( )) ) +OPTION_DEVICE_CGROUP_RULES = ( + OptionGroup() + .add_option('device_cgroup_rules', type='list', elements='str') +) + OPTION_DNS_SERVERS = ( OptionGroup() .add_option('dns_servers', type='list', elements='str') @@ -1194,6 +1199,7 @@ OPTIONS = [ OPTION_DEVICE_READ_IOPS, OPTION_DEVICE_WRITE_IOPS, OPTION_DEVICE_REQUESTS, + OPTION_DEVICE_CGROUP_RULES, OPTION_DNS_SERVERS, OPTION_DNS_OPTS, OPTION_DNS_SEARCH_DOMAINS, diff --git a/plugins/module_utils/module_container/docker_api.py b/plugins/module_utils/module_container/docker_api.py index d3da84fe..b130e8c7 100644 --- a/plugins/module_utils/module_container/docker_api.py +++ b/plugins/module_utils/module_container/docker_api.py @@ -44,6 +44,7 @@ from ansible_collections.community.docker.plugins.module_utils.module_container. OPTION_DEVICE_READ_IOPS, OPTION_DEVICE_WRITE_IOPS, OPTION_DEVICE_REQUESTS, + OPTION_DEVICE_CGROUP_RULES, OPTION_DNS_SERVERS, OPTION_DNS_OPTS, OPTION_DNS_SEARCH_DOMAINS, @@ -1290,6 +1291,8 @@ OPTION_DEVICE_WRITE_IOPS.add_engine('docker_api', DockerAPIEngine.host_config_va OPTION_DEVICE_REQUESTS.add_engine('docker_api', DockerAPIEngine.host_config_value( 'DeviceRequests', min_api_version='1.40', preprocess_value=_preprocess_device_requests)) +OPTION_DEVICE_CGROUP_RULES.add_engine('docker_api', DockerAPIEngine.host_config_value('DeviceCgroupRules', min_api_version='1.28')) + OPTION_DNS_SERVERS.add_engine('docker_api', DockerAPIEngine.host_config_value('Dns')) OPTION_DNS_OPTS.add_engine('docker_api', DockerAPIEngine.host_config_value('DnsOptions')) diff --git a/plugins/modules/docker_container.py b/plugins/modules/docker_container.py index 20cc88d9..2c3dbd40 100644 --- a/plugins/modules/docker_container.py +++ b/plugins/modules/docker_container.py @@ -299,6 +299,12 @@ options: - Driver-specific options. type: dict version_added: 0.1.0 + device_cgroup_rules: + description: + - List of cgroup rules to apply to the container. + type: list + elements: str + version_added: 3.11.0 dns_opts: description: - List of DNS options. diff --git a/tests/integration/targets/docker_container/tasks/tests/options.yml b/tests/integration/targets/docker_container/tasks/tests/options.yml index d2dd2ba3..612cc584 100644 --- a/tests/integration/targets/docker_container/tasks/tests/options.yml +++ b/tests/integration/targets/docker_container/tasks/tests/options.yml @@ -1143,6 +1143,66 @@ ('API version is ' ~ docker_api_version ~ '.') in device_requests_1.msg and 'Minimum version required is 1.40 ' in device_requests_1.msg when: docker_api_version is version('1.40', '<') +#################################################################### +## device_cgroup_rules ################################################### +#################################################################### + +- name: device_cgroup_rules + docker_container: + image: "{{ docker_test_image_alpine }}" + command: '/bin/sh -c "sleep 10m"' + name: "{{ cname }}" + state: started + force_kill: true + device_cgroup_rules: + - "c 42:* rmw" + register: device_cgroup_rules_1 + ignore_errors: true + +- name: cgroupns_mode (idempotency) + docker_container: + image: "{{ docker_test_image_alpine }}" + command: '/bin/sh -c "sleep 10m"' + name: "{{ cname }}" + state: started + force_kill: true + device_cgroup_rules: + - "c 42:* rmw" + register: device_cgroup_rules_2 + ignore_errors: true + +- name: cgroupns_mode (changed) + docker_container: + image: "{{ docker_test_image_alpine }}" + command: '/bin/sh -c "sleep 10m"' + name: "{{ cname }}" + state: started + force_kill: true + device_cgroup_rules: + - "c 189:* rmw" + register: device_cgroup_rules_3 + ignore_errors: true + +- name: cleanup + docker_container: + name: "{{ cname }}" + state: absent + force_kill: true + diff: false + +- assert: + that: + - device_cgroup_rules_1 is changed + - device_cgroup_rules_2 is not changed + - device_cgroup_rules_3 is changed + when: docker_api_version is version('1.28', '>=') +- assert: + that: + - device_cgroup_rules_1 is failed + - | + ('API version is ' ~ docker_api_version ~ '.') in device_cgroup_rules_1.msg and 'Minimum version required is 1.28 ' in device_cgroup_rules_1.msg + when: docker_api_version is version('1.28', '<') + #################################################################### ## dns_opts ######################################################## ####################################################################