No ability to customise the capabilities that Docker keeps

[kdesysadmin]

As part of our Continuous Integration system it seems that certain unit tests we run require the CAP_SYS_PTRACE capability to be retained, something Docker drops by default. While Docker allows specifying which capabilities to keep, this plugin unfortunately doesn't have such an option.

As we'd like to be able to support these unit tests properly, could the ability to keep certain specified Capabilities please be added? For our purposes using privileged containers isn't workable.

[KostyaSha]

https://github.com/KostyaSha/yet-another-docker-plugin/blob/master/yet-another-docker-plugin/src/main/java/com/github/kostyasha/yad/commons/DockerCreateContainer.java + config.groovy

But it depends on https://github.com/docker-java/docker-java/blob/master/src/main/java/com/github/dockerjava/api/command/CreateContainerCmd.java and https://github.com/docker-java/docker-java/blob/master/src/main/java/com/github/dockerjava/api/model/Capability.java Seems for jenkins we need also enum

[kdesysadmin]

Sorry, i'm not sure what you mean here - is this something which can be scripted using Groovy that i've missed?

[KostyaSha]

No, YAD needs additional createcontainer options that available in docker-java

[kdesysadmin]

Okay. Will we need to find someone to work on this (ie. do you have plans to implement this at some point)?

[KostyaSha]

Sorry, very busy. I plan to go through issues soon and resolve as much as i can.

[kdesysadmin]

Not a problem. If we can provide a patch / PR will that make things easier?

[KostyaSha]

feel free to popup if you still need it.

[bcooksley]

This change is something we are very much still interested in yes.

[timosachsenberg]

same problem here. any updates?