Add security_opt for create/start

Signed-off-by: Eric Windisch <[email protected]>

Author: ewindisch

docker/client.py

@@ -444,7 +444,7 @@ def create_container(self, image, command=None, hostname=None, user=None,
                          network_disabled=False, name=None, entrypoint=None,
                          cpu_shares=None, working_dir=None, domainname=None,
                          memswap_limit=0, cpuset=None, host_config=None,
-                         mac_address=None, labels=None):
+                         mac_address=None, labels=None, security_opt=None):
 
         if isinstance(volumes, six.string_types):
             volumes = [volumes, ]
@@ -458,7 +458,8 @@ def create_container(self, image, command=None, hostname=None, user=None,
             self._version, image, command, hostname, user, detach, stdin_open,
             tty, mem_limit, ports, environment, dns, volumes, volumes_from,
             network_disabled, entrypoint, cpu_shares, working_dir, domainname,
-            memswap_limit, cpuset, host_config, mac_address, labels
+            memswap_limit, cpuset, host_config, mac_address, labels,
+            security_opt
         )
         return self.create_container_from_config(config, name)
 
@@ -869,7 +870,8 @@ def start(self, container, binds=None, port_bindings=None, lxc_conf=None,
               publish_all_ports=False, links=None, privileged=False,
               dns=None, dns_search=None, volumes_from=None, network_mode=None,
               restart_policy=None, cap_add=None, cap_drop=None, devices=None,
-              extra_hosts=None, read_only=None, pid_mode=None):
+              extra_hosts=None, read_only=None, pid_mode=None,
+              security_opt=None):
 
         if utils.compare_version('1.10', self._version) < 0:
             if dns is not None:
@@ -897,7 +899,8 @@ def start(self, container, binds=None, port_bindings=None, lxc_conf=None,
             privileged=privileged, dns_search=dns_search, cap_add=cap_add,
             cap_drop=cap_drop, volumes_from=volumes_from, devices=devices,
             network_mode=network_mode, restart_policy=restart_policy,
-            extra_hosts=extra_hosts, read_only=read_only, pid_mode=pid_mode
+            extra_hosts=extra_hosts, read_only=read_only, pid_mode=pid_mode,
+            security_opt=security_opt
         )
 
         if isinstance(container, dict):

docker/utils/utils.py

@@ -353,7 +353,7 @@ def create_host_config(
     publish_all_ports=False, links=None, privileged=False,
     dns=None, dns_search=None, volumes_from=None, network_mode=None,
     restart_policy=None, cap_add=None, cap_drop=None, devices=None,
-    extra_hosts=None, read_only=None, pid_mode=None
+    extra_hosts=None, read_only=None, pid_mode=None, security_opt=None
 ):
     host_config = {}
 
@@ -394,6 +394,9 @@ def create_host_config(
     if dns is not None:
         host_config['Dns'] = dns
 
+    if security_opt is not None:
+        host_config['SecurityOpt'] = security_opt
+
     if volumes_from is not None:
         if isinstance(volumes_from, six.string_types):
             volumes_from = volumes_from.split(',')
@@ -444,7 +447,7 @@ def create_container_config(
     dns=None, volumes=None, volumes_from=None, network_disabled=False,
     entrypoint=None, cpu_shares=None, working_dir=None, domainname=None,
     memswap_limit=0, cpuset=None, host_config=None, mac_address=None,
-    labels=None
+    labels=None, security_opt=None
 ):
     if isinstance(command, six.string_types):
         command = shlex.split(str(command))
@@ -542,5 +545,6 @@ def create_container_config(
         'MemorySwap': memswap_limit,
         'HostConfig': host_config,
         'MacAddress': mac_address,
-        'Labels': labels
+        'Labels': labels,
+        'SecurityOpt': security_opt,
     }