feat(docker): allow user to specify security-opts (#2022)

Co-authored-by: dylan <dfldylan@qq.com>
Co-authored-by: jerry-yuan <i@jerryzone.cn>
This commit is contained in:
Chaim Lev-Ari
2026-03-11 08:56:42 +02:00
committed by GitHub
parent a796a03a15
commit 808ceba848
23 changed files with 165 additions and 11 deletions
+4
View File
@@ -56,6 +56,10 @@ func IsValidStackFile(stackFileContent []byte, securitySettings *portainer.Endpo
return errors.New("sysctl setting disabled for non administrator users")
}
if !securitySettings.AllowSecurityOptForRegularUsers && len(service.SecurityOpt) > 0 {
return errors.New("security-opt setting disabled for non administrator users")
}
if !securitySettings.AllowContainerCapabilitiesForRegularUsers && (len(service.CapAdd) > 0 || len(service.CapDrop) > 0) {
return errors.New("container capabilities disabled for non administrator users")
}