Adds pid and namespace mode (#96)

* adds `pid` and `userns` mode for containers. Closes #88 and #17 * updates CHANGELOG
2025-12-28 18:49:49 -05:00 · 2018-10-11 10:55:18 +02:00 · 2018-10-11 10:55:18 +02:00 · b1b79b5743
commit b1b79b5743
parent 85e56c1ab0
5 changed files with 31 additions and 0 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -2,6 +2,7 @@

 IMPROVEMENTS
 * Add support for running tests on Windows [GH-54] and ([#90](https://github.com/terraform-providers/terraform-provider-docker/pull/90))
+* Add options for PID and user namespace mode [GH-88] and ([#96](https://github.com/terraform-providers/terraform-provider-docker/pull/96))

 BUG FIXES
 * Fixes issue with internal and external ports on containers [GH-8] and ([#89](https://github.com/terraform-providers/terraform-provider-docker/pull/90))
--- a/docker/resource_docker_container.go
+++ b/docker/resource_docker_container.go
@ -411,6 +411,17 @@ func resourceDockerContainer() *schema.Resource {
 				Set:      schema.HashString,
 			},

+			"pid_mode": &schema.Schema{
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+			},
+			"userns_mode": &schema.Schema{
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+			},
+
 			"upload": &schema.Schema{
 				Type:     schema.TypeSet,
 				Optional: true,
--- a/docker/resource_docker_container_funcs.go
+++ b/docker/resource_docker_container_funcs.go
@ -190,6 +190,13 @@ func resourceDockerContainerCreate(d *schema.ResourceData, meta interface{}) err
 		hostConfig.NetworkMode = container.NetworkMode(v.(string))
 	}

+	if v, ok := d.GetOk("userns_mode"); ok {
+		hostConfig.UsernsMode = container.UsernsMode(v.(string))
+	}
+	if v, ok := d.GetOk("pid_mode"); ok {
+		hostConfig.PidMode = container.PidMode(v.(string))
+	}
+
 	var retContainer container.ContainerCreateCreatedBody

 	if retContainer, err = client.ContainerCreate(context.Background(), config, hostConfig, networkingConfig, d.Get("name").(string)); err != nil {
--- a/docker/resource_docker_container_test.go
+++ b/docker/resource_docker_container_test.go
@ -249,6 +249,13 @@ func TestAccDockerContainer_customized(t *testing.T) {
 			return fmt.Errorf("Container doesn't have a correct nofile soft limit")
 		}

+		if c.HostConfig.PidMode != "host" {
+			return fmt.Errorf("Container doesn't have a correct pid mode")
+		}
+		if c.HostConfig.UsernsMode != "testuser:231072:65536" {
+			return fmt.Errorf("Container doesn't have a correct userns mode")
+		}
+
 		return nil
 	}

@ -593,6 +600,9 @@ resource "docker_container" "foo" {
 		hard = 262144
 		soft = 200000
 	}
+
+	pid_mode 		= "host"
+	userns_mode = "testuser:231072:65536"
 }

 resource "docker_network" "test_network" {
--- a/website/docs/r/container.html.markdown
+++ b/website/docs/r/container.html.markdown
@ -92,6 +92,8 @@ data is stored in them. See [the docker documentation][linkdoc] for more details
 * `upload` - (Optional, block) See [File Upload](#upload) below for details.
 * `ulimit` - (Optional, block) See [Ulimits](#ulimits) below for
  details.
+* `pid_mode` - (Optional, string) The PID (Process) Namespace mode for the container. Either `container:<name|id>` or `host`.
+* `userns_mode` - (Optional, string) Sets the usernamespace mode for the container when usernamespace remapping option is enabled.

 <a id="capabilities"></a>
 ### Capabilities