Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support --security-opt #297

Open
heitorPB opened this issue Nov 24, 2023 · 1 comment
Open

Support --security-opt #297

heitorPB opened this issue Nov 24, 2023 · 1 comment
Labels
stage/accepted theme/driver type/enhancement

Comments

@heitorPB
Copy link

I'm migrating a codebase (in Golang) that generates Nomad jobs from Docker driver to Podman.

I'm hitting the following error:

Nov 24 12:50:13 alien nomad[328531]:     2023-11-24T12:50:13.010-0300 [INFO]  client.alloc_runner.task_runner: Task event: alloc_id=db0c43a7-e0ec-c8d4-56bd-6f0f7da06b92 task=Upload type="Failed Validation"
Nov 24 12:50:13 alien nomad[328531]:   msg=
Nov 24 12:50:13 alien nomad[328531]:   | 2 errors occurred:
Nov 24 12:50:13 alien nomad[328531]:   | \t* failed to parse config:
Nov 24 12:50:13 alien nomad[328531]:   | \t* Invalid label: No argument or block type is named "security_opt".
Nov 24 12:50:13 alien nomad[328531]:   |
Nov 24 12:50:13 alien nomad[328531]:    failed=false
Nov 24 12:50:13 alien nomad[328531]:     2023-11-24T12:50:13.014-0300 [ERROR] client.alloc_runner.task_runner: running driver failed: alloc_id=db0c43a7-e0ec-c8d4-56bd-6f0f7da06b92 task=Upload
Nov 24 12:50:13 alien nomad[328531]:   error=
Nov 24 12:50:13 alien nomad[328531]:   | 2 errors occurred:
Nov 24 12:50:13 alien nomad[328531]:   | \t* failed to parse config:
Nov 24 12:50:13 alien nomad[328531]:   | \t* Invalid label: No argument or block type is named "security_opt".

The Docker driver supports the --security-opt flag (Nomad Docs). But the Podman driver doesn't.

This flag is supported in Podman: Podman docs - security-opt.

I'd like to request this feature. Or a mentor to guide/help me implement it :)
@lgfa29
Copy link
Contributor

lgfa29 commented Nov 25, 2023

Oi @heitorPB tudo bem? 🙂

I think this is nice feature request, and a good first issue to contribute if you're interested. This PR should point you o the right places that need to be modified: #203

More specifically you would need to:

  • Update taskConfigSpec with the new configuration.
  • Update TaskConfig with a new field for the configuration.
  • Update Driver.StartTask() to read the config value and set it to createOpts.
  • Write a test to verify the flag is actually set.
  • Update README.md and CHANGELOG.md

Let us know if you would be interested in working on this. Feel free to reach out if you have any question!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stage/accepted theme/driver type/enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lgfa29 @heitorPB