From 3a4b4f276cbf3d5d73175ed26397a2529e3f3846 Mon Sep 17 00:00:00 2001 From: "Chayim I. Kirshen" Date: Sun, 3 Apr 2022 15:48:22 +0300 Subject: [PATCH 1/4] initial work on privileged --- README.rst | 7 +++++++ tox_docker/config.py | 2 ++ tox_docker/plugin.py | 1 + tox_docker/tox3/config.py | 5 +++++ tox_docker/tox4/config.py | 8 ++++++++ 5 files changed, 23 insertions(+) diff --git a/README.rst b/README.rst index 64c9246..55fff75 100644 --- a/README.rst +++ b/README.rst @@ -121,6 +121,12 @@ The ``[docker:container-name]`` section may contain the following directives: test run until the container reports healthy, and will fail the test run if it never does so (within the parameters specified). +```privileged``` + A boolean string that defaults to False. By default containers are unprivileged and does + not have access to devices. When true, this corresponds to + `docker run --privileged + `__. + Command-Line Arguments ---------------------- @@ -176,6 +182,7 @@ Example healthcheck_retries = 30 healthcheck_interval = 1 healthcheck_start_period = 1 + privileged = true # Configure a bind-mounted volume on the host to store Postgres' data # NOTE: this is included for demonstration purposes of tox-docker's # volume capability; you probably _don't_ want to do this for real diff --git a/tox_docker/config.py b/tox_docker/config.py index 1721a1d..215a159 100644 --- a/tox_docker/config.py +++ b/tox_docker/config.py @@ -118,6 +118,7 @@ def __init__( ports: Optional[Collection[Port]] = None, links: Optional[Collection[Link]] = None, volumes: Optional[Collection[Volume]] = None, + privileged: Optional[bool] = False, ) -> None: self.name = name self.runas_name = runas_name(name) @@ -127,6 +128,7 @@ def __init__( self.ports: Collection[Port] = ports or {} self.links: Collection[Link] = links or {} self.mounts: Collection[Mount] = [v.docker_mount for v in volumes or ()] + self.privileged: privileged self.healthcheck_cmd = healthcheck_cmd self.healthcheck_interval = ( diff --git a/tox_docker/plugin.py b/tox_docker/plugin.py index eec57fd..6348613 100644 --- a/tox_docker/plugin.py +++ b/tox_docker/plugin.py @@ -108,6 +108,7 @@ def docker_run( ports=ports, publish_all_ports=len(ports) == 0, mounts=container_config.mounts, + privileged=container_config.privileged, ) container.reload() # TODO: why do we need this? return container diff --git a/tox_docker/tox3/config.py b/tox_docker/tox3/config.py index eaa4850..961245d 100644 --- a/tox_docker/tox3/config.py +++ b/tox_docker/tox3/config.py @@ -133,6 +133,10 @@ def parse_container_config( if reader.getstring("volumes"): volumes = [Volume(line) for line in reader.getlist("volumes")] + privileged = False + if reader.getstring("privileged"): + privileged = bool(reader.getstring("privileged") + return ContainerConfig( name=container_name, image=Image(reader.getstring("image")), @@ -146,4 +150,5 @@ def parse_container_config( ports=ports, links=links, volumes=volumes, + privileged=privileged, ) diff --git a/tox_docker/tox4/config.py b/tox_docker/tox4/config.py index 8beb390..2ddb8c8 100644 --- a/tox_docker/tox4/config.py +++ b/tox_docker/tox4/config.py @@ -52,6 +52,13 @@ def register_config(self) -> None: default=[], desc="volumes to attach", ) + self.add_config( + keys=["privileged"], + of_type=bool, + default=False, + desc="run in privileged mode", + ) + self.add_config( keys=["healthcheck_cmd"], @@ -102,4 +109,5 @@ def parse_container_config(docker_config: DockerConfigSet) -> ContainerConfig: ports=docker_config["ports"], links=docker_config["links"], volumes=docker_config["volumes"], + privileged=docker_config["privileged"] ) From e554639797619f4758c74883d7d78f24bf1d9a79 Mon Sep 17 00:00:00 2001 From: "Chayim I. Kirshen" Date: Sun, 3 Apr 2022 15:55:57 +0300 Subject: [PATCH 2/4] syntax --- tox_docker/tox3/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tox_docker/tox3/config.py b/tox_docker/tox3/config.py index 961245d..cfb31a0 100644 --- a/tox_docker/tox3/config.py +++ b/tox_docker/tox3/config.py @@ -135,7 +135,7 @@ def parse_container_config( privileged = False if reader.getstring("privileged"): - privileged = bool(reader.getstring("privileged") + privileged = bool(reader.getstring("privileged")) return ContainerConfig( name=container_name, From 7b34d93d44a8ed38716369d6fe7b323d755716e8 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Sun, 24 Apr 2022 10:53:56 +0000 Subject: [PATCH 3/4] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- tox_docker/tox4/config.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tox_docker/tox4/config.py b/tox_docker/tox4/config.py index 2ddb8c8..6bc4e11 100644 --- a/tox_docker/tox4/config.py +++ b/tox_docker/tox4/config.py @@ -59,7 +59,6 @@ def register_config(self) -> None: desc="run in privileged mode", ) - self.add_config( keys=["healthcheck_cmd"], of_type=str, @@ -109,5 +108,5 @@ def parse_container_config(docker_config: DockerConfigSet) -> ContainerConfig: ports=docker_config["ports"], links=docker_config["links"], volumes=docker_config["volumes"], - privileged=docker_config["privileged"] + privileged=docker_config["privileged"], ) From 5020a5b3870fd80be96d2a25ba2cbe581124303d Mon Sep 17 00:00:00 2001 From: "Chayim I. Kirshen" Date: Sun, 24 Apr 2022 14:08:00 +0300 Subject: [PATCH 4/4] s/:=/g --- tox_docker/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tox_docker/config.py b/tox_docker/config.py index 215a159..8819f00 100644 --- a/tox_docker/config.py +++ b/tox_docker/config.py @@ -128,7 +128,7 @@ def __init__( self.ports: Collection[Port] = ports or {} self.links: Collection[Link] = links or {} self.mounts: Collection[Mount] = [v.docker_mount for v in volumes or ()] - self.privileged: privileged + self.privileged = privileged self.healthcheck_cmd = healthcheck_cmd self.healthcheck_interval = (