diff --git a/changelogs/fragments/910-docker_container-device_cgroup_rules.yml b/changelogs/fragments/910-docker_container-device_cgroup_rules.yml new file mode 100644 index 000000000..4234d33af --- /dev/null +++ b/changelogs/fragments/910-docker_container-device_cgroup_rules.yml @@ -0,0 +1,2 @@ +minor_changes: + - "docker_container - add support for ``device_cgroup_rules`` (https://github.com/ansible-collections/community.docker/pull/910)." diff --git a/plugins/module_utils/module_container/base.py b/plugins/module_utils/module_container/base.py index 410ffb153..e10acea84 100644 --- a/plugins/module_utils/module_container/base.py +++ b/plugins/module_utils/module_container/base.py @@ -895,6 +895,11 @@ def _compare_platform(option, param_value, container_value): )) ) +OPTION_DEVICE_CGROUP_RULES = ( + OptionGroup() + .add_option('device_cgroup_rules', type='list', elements='str') +) + OPTION_DNS_SERVERS = ( OptionGroup() .add_option('dns_servers', type='list', elements='str') @@ -1194,6 +1199,7 @@ def _compare_platform(option, param_value, container_value): OPTION_DEVICE_READ_IOPS, OPTION_DEVICE_WRITE_IOPS, OPTION_DEVICE_REQUESTS, + OPTION_DEVICE_CGROUP_RULES, OPTION_DNS_SERVERS, OPTION_DNS_OPTS, OPTION_DNS_SEARCH_DOMAINS, diff --git a/plugins/module_utils/module_container/docker_api.py b/plugins/module_utils/module_container/docker_api.py index d3da84fe5..b130e8c7d 100644 --- a/plugins/module_utils/module_container/docker_api.py +++ b/plugins/module_utils/module_container/docker_api.py @@ -44,6 +44,7 @@ OPTION_DEVICE_READ_IOPS, OPTION_DEVICE_WRITE_IOPS, OPTION_DEVICE_REQUESTS, + OPTION_DEVICE_CGROUP_RULES, OPTION_DNS_SERVERS, OPTION_DNS_OPTS, OPTION_DNS_SEARCH_DOMAINS, @@ -1290,6 +1291,8 @@ def _preprocess_container_names(module, client, api_version, value): OPTION_DEVICE_REQUESTS.add_engine('docker_api', DockerAPIEngine.host_config_value( 'DeviceRequests', min_api_version='1.40', preprocess_value=_preprocess_device_requests)) +OPTION_DEVICE_CGROUP_RULES.add_engine('docker_api', DockerAPIEngine.host_config_value('DeviceCgroupRules', min_api_version='1.28')) + OPTION_DNS_SERVERS.add_engine('docker_api', DockerAPIEngine.host_config_value('Dns')) OPTION_DNS_OPTS.add_engine('docker_api', DockerAPIEngine.host_config_value('DnsOptions')) diff --git a/plugins/modules/docker_container.py b/plugins/modules/docker_container.py index 20cc88d93..2c3dbd40f 100644 --- a/plugins/modules/docker_container.py +++ b/plugins/modules/docker_container.py @@ -299,6 +299,12 @@ - Driver-specific options. type: dict version_added: 0.1.0 + device_cgroup_rules: + description: + - List of cgroup rules to apply to the container. + type: list + elements: str + version_added: 3.11.0 dns_opts: description: - List of DNS options. diff --git a/tests/integration/targets/docker_container/tasks/tests/options.yml b/tests/integration/targets/docker_container/tasks/tests/options.yml index d2dd2ba3f..612cc5846 100644 --- a/tests/integration/targets/docker_container/tasks/tests/options.yml +++ b/tests/integration/targets/docker_container/tasks/tests/options.yml @@ -1143,6 +1143,66 @@ ('API version is ' ~ docker_api_version ~ '.') in device_requests_1.msg and 'Minimum version required is 1.40 ' in device_requests_1.msg when: docker_api_version is version('1.40', '<') +#################################################################### +## device_cgroup_rules ################################################### +#################################################################### + +- name: device_cgroup_rules + docker_container: + image: "{{ docker_test_image_alpine }}" + command: '/bin/sh -c "sleep 10m"' + name: "{{ cname }}" + state: started + force_kill: true + device_cgroup_rules: + - "c 42:* rmw" + register: device_cgroup_rules_1 + ignore_errors: true + +- name: cgroupns_mode (idempotency) + docker_container: + image: "{{ docker_test_image_alpine }}" + command: '/bin/sh -c "sleep 10m"' + name: "{{ cname }}" + state: started + force_kill: true + device_cgroup_rules: + - "c 42:* rmw" + register: device_cgroup_rules_2 + ignore_errors: true + +- name: cgroupns_mode (changed) + docker_container: + image: "{{ docker_test_image_alpine }}" + command: '/bin/sh -c "sleep 10m"' + name: "{{ cname }}" + state: started + force_kill: true + device_cgroup_rules: + - "c 189:* rmw" + register: device_cgroup_rules_3 + ignore_errors: true + +- name: cleanup + docker_container: + name: "{{ cname }}" + state: absent + force_kill: true + diff: false + +- assert: + that: + - device_cgroup_rules_1 is changed + - device_cgroup_rules_2 is not changed + - device_cgroup_rules_3 is changed + when: docker_api_version is version('1.28', '>=') +- assert: + that: + - device_cgroup_rules_1 is failed + - | + ('API version is ' ~ docker_api_version ~ '.') in device_cgroup_rules_1.msg and 'Minimum version required is 1.28 ' in device_cgroup_rules_1.msg + when: docker_api_version is version('1.28', '<') + #################################################################### ## dns_opts ######################################################## ####################################################################