mirror of
https://github.com/docker/compose.git
synced 2025-07-27 15:44:08 +02:00
Merge pull request #1335 from chernjie/pid_readonly
docker-compose create --readonly
This commit is contained in:
commit
7fb9ec29c4
@ -17,6 +17,7 @@ DOCKER_CONFIG_KEYS = [
|
|||||||
'env_file',
|
'env_file',
|
||||||
'environment',
|
'environment',
|
||||||
'extra_hosts',
|
'extra_hosts',
|
||||||
|
'read_only',
|
||||||
'hostname',
|
'hostname',
|
||||||
'image',
|
'image',
|
||||||
'labels',
|
'labels',
|
||||||
|
@ -24,6 +24,7 @@ DOCKER_START_KEYS = [
|
|||||||
'dns_search',
|
'dns_search',
|
||||||
'env_file',
|
'env_file',
|
||||||
'extra_hosts',
|
'extra_hosts',
|
||||||
|
'read_only',
|
||||||
'net',
|
'net',
|
||||||
'pid',
|
'pid',
|
||||||
'privileged',
|
'privileged',
|
||||||
@ -442,6 +443,7 @@ class Service(object):
|
|||||||
restart = parse_restart_spec(options.get('restart', None))
|
restart = parse_restart_spec(options.get('restart', None))
|
||||||
|
|
||||||
extra_hosts = build_extra_hosts(options.get('extra_hosts', None))
|
extra_hosts = build_extra_hosts(options.get('extra_hosts', None))
|
||||||
|
read_only = options.get('read_only', None)
|
||||||
|
|
||||||
return create_host_config(
|
return create_host_config(
|
||||||
links=self._get_links(link_to_self=one_off),
|
links=self._get_links(link_to_self=one_off),
|
||||||
@ -456,6 +458,7 @@ class Service(object):
|
|||||||
cap_add=cap_add,
|
cap_add=cap_add,
|
||||||
cap_drop=cap_drop,
|
cap_drop=cap_drop,
|
||||||
extra_hosts=extra_hosts,
|
extra_hosts=extra_hosts,
|
||||||
|
read_only=read_only,
|
||||||
pid_mode=pid
|
pid_mode=pid
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -328,7 +328,7 @@ dns_search:
|
|||||||
- dc2.example.com
|
- dc2.example.com
|
||||||
```
|
```
|
||||||
|
|
||||||
### working\_dir, entrypoint, user, hostname, domainname, mem\_limit, privileged, restart, stdin\_open, tty, cpu\_shares, cpuset
|
### working\_dir, entrypoint, user, hostname, domainname, mem\_limit, privileged, restart, stdin\_open, tty, cpu\_shares, cpuset, read\_only
|
||||||
|
|
||||||
Each of these is a single value, analogous to its
|
Each of these is a single value, analogous to its
|
||||||
[docker run](https://docs.docker.com/reference/run/) counterpart.
|
[docker run](https://docs.docker.com/reference/run/) counterpart.
|
||||||
@ -351,6 +351,7 @@ restart: always
|
|||||||
|
|
||||||
stdin_open: true
|
stdin_open: true
|
||||||
tty: true
|
tty: true
|
||||||
|
read_only: true
|
||||||
```
|
```
|
||||||
|
|
||||||
## Compose documentation
|
## Compose documentation
|
||||||
|
@ -177,6 +177,13 @@ class ServiceTest(DockerClientTestCase):
|
|||||||
service.start_container(container)
|
service.start_container(container)
|
||||||
self.assertEqual(container.inspect()['Config']['Cpuset'], '0')
|
self.assertEqual(container.inspect()['Config']['Cpuset'], '0')
|
||||||
|
|
||||||
|
def test_create_container_with_read_only_root_fs(self):
|
||||||
|
read_only = True
|
||||||
|
service = self.create_service('db', read_only=read_only)
|
||||||
|
container = service.create_container()
|
||||||
|
service.start_container(container)
|
||||||
|
self.assertEqual(container.get('HostConfig.ReadonlyRootfs'), read_only, container.get('HostConfig'))
|
||||||
|
|
||||||
def test_create_container_with_specified_volume(self):
|
def test_create_container_with_specified_volume(self):
|
||||||
host_path = '/tmp/host-path'
|
host_path = '/tmp/host-path'
|
||||||
container_path = '/container-path'
|
container_path = '/container-path'
|
||||||
|
Loading…
x
Reference in New Issue
Block a user