From dd35349899c06b2006301f1c9bc415301edf2f10 Mon Sep 17 00:00:00 2001 From: Feng Shengqin Date: Fri, 27 Jul 2018 16:03:37 +0800 Subject: [PATCH] Give extended privileges to the container Depends-On: Ifdeb97e92ac6d7b21aa91641c38c8af62d9d8d56 Change-Id: I250fa8aacc388d62266fca0f99141ca84c2ef85b Implements: blueprint support-zun-create-privileged --- zunclient/api_versions.py | 2 +- zunclient/osc/v1/containers.py | 16 ++++++++++++++++ zunclient/tests/unit/test_shell.py | 8 ++++---- zunclient/tests/unit/v1/test_containers.py | 6 ++++-- zunclient/v1/containers.py | 2 +- zunclient/v1/containers_shell.py | 14 ++++++++++++++ 6 files changed, 40 insertions(+), 8 deletions(-) diff --git a/zunclient/api_versions.py b/zunclient/api_versions.py index 5fb3a98b..5dc5dfe5 100644 --- a/zunclient/api_versions.py +++ b/zunclient/api_versions.py @@ -31,7 +31,7 @@ if not LOG.handlers: HEADER_NAME = "OpenStack-API-Version" SERVICE_TYPE = "container" MIN_API_VERSION = '1.1' -MAX_API_VERSION = '1.20' +MAX_API_VERSION = '1.21' DEFAULT_API_VERSION = MAX_API_VERSION _SUBSTITUTIONS = {} diff --git a/zunclient/osc/v1/containers.py b/zunclient/osc/v1/containers.py index 476f984a..aa649edb 100644 --- a/zunclient/osc/v1/containers.py +++ b/zunclient/osc/v1/containers.py @@ -179,6 +179,12 @@ class CreateContainer(command.ShowOne): action='store_true', default=False, help='The flag of healing non-existent container in docker') + parser.add_argument( + '--privileged', + dest='privileged', + action='store_true', + default=False, + help='Give extended privileges to this container') return parser def take_action(self, parsed_args): @@ -202,6 +208,8 @@ class CreateContainer(command.ShowOne): zun_utils.check_restart_policy(parsed_args.restart) if parsed_args.interactive: opts['interactive'] = True + if parsed_args.privileged: + opts['privileged'] = True opts['hints'] = zun_utils.format_args(parsed_args.hint) opts['nets'] = zun_utils.parse_nets(parsed_args.net) opts['mounts'] = zun_utils.parse_mounts(parsed_args.mount) @@ -797,6 +805,12 @@ class RunContainer(command.ShowOne): action='store_true', default=False, help='The flag of healing non-existent container in docker') + parser.add_argument( + '--privileged', + dest='privileged', + action='store_true', + default=False, + help='Give extended privileges to this container') return parser def take_action(self, parsed_args): @@ -820,6 +834,8 @@ class RunContainer(command.ShowOne): zun_utils.check_restart_policy(parsed_args.restart) if parsed_args.interactive: opts['interactive'] = True + if parsed_args.privileged: + opts['privileged'] = True opts['hints'] = zun_utils.format_args(parsed_args.hint) opts['nets'] = zun_utils.parse_nets(parsed_args.net) opts['mounts'] = zun_utils.parse_mounts(parsed_args.mount) diff --git a/zunclient/tests/unit/test_shell.py b/zunclient/tests/unit/test_shell.py index caf71e46..b90b1c2f 100644 --- a/zunclient/tests/unit/test_shell.py +++ b/zunclient/tests/unit/test_shell.py @@ -246,7 +246,7 @@ class ShellTest(utils.TestCase): project_domain_id='', project_domain_name='', user_domain_id='', user_domain_name='', profile=None, endpoint_override=None, insecure=False, cacert=None, - version=api_versions.APIVersion('1.20')) + version=api_versions.APIVersion('1.21')) def test_main_option_region(self): self.make_env() @@ -274,7 +274,7 @@ class ShellTest(utils.TestCase): project_domain_id='', project_domain_name='', user_domain_id='', user_domain_name='', profile=None, endpoint_override=None, insecure=False, cacert=None, - version=api_versions.APIVersion('1.20')) + version=api_versions.APIVersion('1.21')) @mock.patch('zunclient.client.Client') def test_main_endpoint_internal(self, mock_client): @@ -288,7 +288,7 @@ class ShellTest(utils.TestCase): project_domain_id='', project_domain_name='', user_domain_id='', user_domain_name='', profile=None, endpoint_override=None, insecure=False, cacert=None, - version=api_versions.APIVersion('1.20')) + version=api_versions.APIVersion('1.21')) class ShellTestKeystoneV3(ShellTest): @@ -320,4 +320,4 @@ class ShellTestKeystoneV3(ShellTest): user_domain_id='', user_domain_name='Default', endpoint_override=None, insecure=False, profile=None, cacert=None, - version=api_versions.APIVersion('1.20')) + version=api_versions.APIVersion('1.21')) diff --git a/zunclient/tests/unit/v1/test_containers.py b/zunclient/tests/unit/v1/test_containers.py index 34fe3e98..f56c3c0f 100644 --- a/zunclient/tests/unit/v1/test_containers.py +++ b/zunclient/tests/unit/v1/test_containers.py @@ -36,7 +36,8 @@ CONTAINER1 = {'id': '1234', 'runtime': 'runc', 'hostname': 'testhost', 'disk': '20', - 'auto_heal': False + 'auto_heal': False, + 'privileged': False, } CONTAINER2 = {'id': '1235', @@ -56,7 +57,8 @@ CONTAINER2 = {'id': '1235', 'auto_remove': False, 'runtime': 'runc', 'hostname': 'testhost', - 'auto_heal': False + 'auto_heal': False, + 'privileged': True, } NETWORK1 = {'net_id': '99e90853-e1fd-4c57-a116-9e335deaa592', diff --git a/zunclient/v1/containers.py b/zunclient/v1/containers.py index a17dd357..a62d6e8a 100644 --- a/zunclient/v1/containers.py +++ b/zunclient/v1/containers.py @@ -25,7 +25,7 @@ CREATION_ATTRIBUTES = ['name', 'image', 'command', 'cpu', 'memory', 'restart_policy', 'interactive', 'image_driver', 'security_groups', 'hints', 'nets', 'auto_remove', 'runtime', 'hostname', 'mounts', 'disk', - 'availability_zone', 'auto_heal'] + 'availability_zone', 'auto_heal', 'privileged'] class Container(base.Resource): diff --git a/zunclient/v1/containers_shell.py b/zunclient/v1/containers_shell.py index 2f890a40..9b9f1c5a 100644 --- a/zunclient/v1/containers_shell.py +++ b/zunclient/v1/containers_shell.py @@ -148,6 +148,11 @@ def _show_container(container): action='store_true', default=False, help='The flag of healing non-existent container in docker.') +@utils.arg('--privileged', + dest='privileged', + action='store_true', + default=False, + help='Give extended privileges to this container') def do_create(cs, args): """Create a container.""" opts = {} @@ -177,6 +182,8 @@ def do_create(cs, args): opts['restart_policy'] = zun_utils.check_restart_policy(args.restart) if args.interactive: opts['interactive'] = True + if args.privileged: + opts['privileged'] = True opts = zun_utils.remove_null_parms(**opts) _show_container(cs.containers.create(**opts)) @@ -635,6 +642,11 @@ def do_kill(cs, args): action='store_true', default=False, help='The flag of healing non-existent container in docker.') +@utils.arg('--privileged', + dest='privileged', + action='store_true', + default=False, + help='Give extended privileges to this container') def do_run(cs, args): """Run a command in a new container.""" opts = {} @@ -664,6 +676,8 @@ def do_run(cs, args): opts['restart_policy'] = zun_utils.check_restart_policy(args.restart) if args.interactive: opts['interactive'] = True + if args.privileged: + opts['privileged'] = True opts = zun_utils.remove_null_parms(**opts) container = cs.containers.run(**opts) _show_container(container)