diff --git a/builder/docker/config.go b/builder/docker/config.go index 8a2fde3fb..51822290a 100644 --- a/builder/docker/config.go +++ b/builder/docker/config.go @@ -39,6 +39,9 @@ type Config struct { // for work [file provisioner](/docs/provisioners/file). This defaults // to c:/packer-files on windows and /packer-files on other systems. ContainerDir string `mapstructure:"container_dir" required:"false"` + // An array of devices which will be accessible in container when it's run + // without `--privileged` flag. + Device []string `mapstructure:"device" required:"false"` // Throw away the container when the build is complete. This is useful for // the [artifice // post-processor](/docs/post-processors/artifice). diff --git a/builder/docker/config.hcl2spec.go b/builder/docker/config.hcl2spec.go index 64707a083..72d0e2c56 100644 --- a/builder/docker/config.hcl2spec.go +++ b/builder/docker/config.hcl2spec.go @@ -66,6 +66,7 @@ type FlatConfig struct { Changes []string `mapstructure:"changes" cty:"changes" hcl:"changes"` Commit *bool `mapstructure:"commit" required:"true" cty:"commit" hcl:"commit"` ContainerDir *string `mapstructure:"container_dir" required:"false" cty:"container_dir" hcl:"container_dir"` + Device []string `mapstructure:"device" required:"false" cty:"device" hcl:"device"` Discard *bool `mapstructure:"discard" required:"true" cty:"discard" hcl:"discard"` CapAdd []string `mapstructure:"cap_add" required:"false" cty:"cap_add" hcl:"cap_add"` CapDrop []string `mapstructure:"cap_drop" required:"false" cty:"cap_drop" hcl:"cap_drop"` @@ -161,6 +162,7 @@ func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec { "changes": &hcldec.AttrSpec{Name: "changes", Type: cty.List(cty.String), Required: false}, "commit": &hcldec.AttrSpec{Name: "commit", Type: cty.Bool, Required: false}, "container_dir": &hcldec.AttrSpec{Name: "container_dir", Type: cty.String, Required: false}, + "device": &hcldec.AttrSpec{Name: "device", Type: cty.List(cty.String), Required: false}, "discard": &hcldec.AttrSpec{Name: "discard", Type: cty.Bool, Required: false}, "cap_add": &hcldec.AttrSpec{Name: "cap_add", Type: cty.List(cty.String), Required: false}, "cap_drop": &hcldec.AttrSpec{Name: "cap_drop", Type: cty.List(cty.String), Required: false}, diff --git a/builder/docker/driver.go b/builder/docker/driver.go index 6ab9bd378..816c49f1a 100644 --- a/builder/docker/driver.go +++ b/builder/docker/driver.go @@ -66,6 +66,7 @@ type Driver interface { type ContainerConfig struct { Image string RunCommand []string + Device []string CapAdd []string CapDrop []string Volumes map[string]string diff --git a/builder/docker/driver_docker.go b/builder/docker/driver_docker.go index c30b5473b..10e78c7d3 100644 --- a/builder/docker/driver_docker.go +++ b/builder/docker/driver_docker.go @@ -265,6 +265,9 @@ func (d *DockerDriver) StartContainer(config *ContainerConfig) (string, error) { // Args that we're going to pass to Docker args := []string{"run"} + for _, v := range config.Device { + args = append(args, "--device", v) + } for _, v := range config.CapAdd { args = append(args, "--cap-add", v) } diff --git a/builder/docker/step_run.go b/builder/docker/step_run.go index cce06a787..89f953dd2 100644 --- a/builder/docker/step_run.go +++ b/builder/docker/step_run.go @@ -25,6 +25,7 @@ func (s *StepRun) Run(ctx context.Context, state multistep.StateBag) multistep.S runConfig := ContainerConfig{ Image: config.Image, RunCommand: config.RunCommand, + Device: config.Device, TmpFs: config.TmpFs, Volumes: make(map[string]string), CapAdd: config.CapAdd, diff --git a/website/pages/partials/builder/docker/Config-not-required.mdx b/website/pages/partials/builder/docker/Config-not-required.mdx index 173de0e12..602d32d35 100644 --- a/website/pages/partials/builder/docker/Config-not-required.mdx +++ b/website/pages/partials/builder/docker/Config-not-required.mdx @@ -10,6 +10,9 @@ for work [file provisioner](/docs/provisioners/file). This defaults to c:/packer-files on windows and /packer-files on other systems. +- `device` ([]string) - An array of devices which will be accessible in container when it's run + without `--privileged` flag. + - `cap_add` ([]string) - An array of additional Linux capabilities to grant to the container. - `cap_drop` ([]string) - An array of Linux capabilities to drop from the container.