cli/command/container: add completion for --cap-add, --cap-drop

With this patch: docker run --cap-add <TAB> ALL CAP_KILL CAP_SETUID CAP_AUDIT_CONTROL CAP_LEASE CAP_SYSLOG CAP_AUDIT_READ CAP_LINUX_IMMUTABLE CAP_SYS_ADMIN CAP_AUDIT_WRITE CAP_MAC_ADMIN CAP_SYS_BOOT CAP_BLOCK_SUSPEND CAP_MAC_OVERRIDE CAP_SYS_CHROOT CAP_BPF CAP_MKNOD CAP_SYS_MODULE CAP_CHECKPOINT_RESTORE CAP_NET_ADMIN CAP_SYS_NICE CAP_CHOWN CAP_NET_BIND_SERVICE CAP_SYS_PACCT CAP_DAC_OVERRIDE CAP_NET_BROADCAST CAP_SYS_PTRACE CAP_DAC_READ_SEARCH CAP_NET_RAW CAP_SYS_RAWIO CAP_FOWNER CAP_PERFMON CAP_SYS_RESOURCE CAP_FSETID CAP_SETFCAP CAP_SYS_TIME CAP_IPC_LOCK CAP_SETGID CAP_SYS_TTY_CONFIG CAP_IPC_OWNER CAP_SETPCAP CAP_WAKE_ALARM Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-07-05 15:54:09 +02:00 · 2024-07-05 15:54:09 +02:00 · f30158dbf8
parent e4dd8b1898
commit f30158dbf8
3 changed files with 73 additions and 0 deletions
--- a/cli/command/container/completion.go
+++ b/cli/command/container/completion.go
@ -0,0 +1,69 @@
 package container
 import (
 	"github.com/docker/cli/cli/command/completion"
 	"github.com/spf13/cobra"
 )
 // allLinuxCapabilities is a list of all known Linux capabilities.
 //
 // This list was based on the containerd pkg/cap package;
 // https://github.com/containerd/containerd/blob/v1.7.19/pkg/cap/cap_linux.go#L133-L181
 //
 // TODO(thaJeztah): add descriptions, and enable descriptions for our completion scripts (cobra.CompletionOptions.DisableDescriptions is currently set to "true")
 var allLinuxCapabilities = []string{
 	"ALL", // magic value for "all capabilities"
 	// caps35 is the caps of kernel 3.5 (37 entries)
 	"CAP_CHOWN",            // 2.2
 	"CAP_DAC_OVERRIDE",     // 2.2
 	"CAP_DAC_READ_SEARCH",  // 2.2
 	"CAP_FOWNER",           // 2.2
 	"CAP_FSETID",           // 2.2
 	"CAP_KILL",             // 2.2
 	"CAP_SETGID",           // 2.2
 	"CAP_SETUID",           // 2.2
 	"CAP_SETPCAP",          // 2.2
 	"CAP_LINUX_IMMUTABLE",  // 2.2
 	"CAP_NET_BIND_SERVICE", // 2.2
 	"CAP_NET_BROADCAST",    // 2.2
 	"CAP_NET_ADMIN",        // 2.2
 	"CAP_NET_RAW",          // 2.2
 	"CAP_IPC_LOCK",         // 2.2
 	"CAP_IPC_OWNER",        // 2.2
 	"CAP_SYS_MODULE",       // 2.2
 	"CAP_SYS_RAWIO",        // 2.2
 	"CAP_SYS_CHROOT",       // 2.2
 	"CAP_SYS_PTRACE",       // 2.2
 	"CAP_SYS_PACCT",        // 2.2
 	"CAP_SYS_ADMIN",        // 2.2
 	"CAP_SYS_BOOT",         // 2.2
 	"CAP_SYS_NICE",         // 2.2
 	"CAP_SYS_RESOURCE",     // 2.2
 	"CAP_SYS_TIME",         // 2.2
 	"CAP_SYS_TTY_CONFIG",   // 2.2
 	"CAP_MKNOD",            // 2.4
 	"CAP_LEASE",            // 2.4
 	"CAP_AUDIT_WRITE",      // 2.6.11
 	"CAP_AUDIT_CONTROL",    // 2.6.11
 	"CAP_SETFCAP",          // 2.6.24
 	"CAP_MAC_OVERRIDE",     // 2.6.25
 	"CAP_MAC_ADMIN",        // 2.6.25
 	"CAP_SYSLOG",           // 2.6.37
 	"CAP_WAKE_ALARM",       // 3.0
 	"CAP_BLOCK_SUSPEND",    // 3.5
 	// caps316 is the caps of kernel 3.16 (38 entries)
 	"CAP_AUDIT_READ",
 	// caps58 is the caps of kernel 5.8 (40 entries)
 	"CAP_PERFMON",
 	"CAP_BPF",
 	// caps59 is the caps of kernel 5.9 (41 entries)
 	"CAP_CHECKPOINT_RESTORE",
 }
 func completeLinuxCapabilityNames(cmd *cobra.Command, args []string, toComplete string) (names []string, _ cobra.ShellCompDirective) {
 	return completion.FromList(allLinuxCapabilities...)(cmd, args, toComplete)
 }
--- a/cli/command/container/create.go
+++ b/cli/command/container/create.go
@ -78,6 +78,8 @@ func NewCreateCommand(dockerCli command.Cli) *cobra.Command {
 	command.AddTrustVerificationFlags(flags, &options.untrusted, dockerCli.ContentTrustEnabled())
 	copts = addFlags(flags)
 	_ = cmd.RegisterFlagCompletionFunc("cap-add", completeLinuxCapabilityNames)
 	_ = cmd.RegisterFlagCompletionFunc("cap-drop", completeLinuxCapabilityNames)
 	_ = cmd.RegisterFlagCompletionFunc("env", completion.EnvVarNames)
 	_ = cmd.RegisterFlagCompletionFunc("env-file", completion.FileNames)
 	_ = cmd.RegisterFlagCompletionFunc("network", completion.NetworkNames(dockerCli))
--- a/cli/command/container/run.go
+++ b/cli/command/container/run.go
@ -69,6 +69,8 @@ func NewRunCommand(dockerCli command.Cli) *cobra.Command {
 	command.AddTrustVerificationFlags(flags, &options.untrusted, dockerCli.ContentTrustEnabled())
 	copts = addFlags(flags)
 	_ = cmd.RegisterFlagCompletionFunc("cap-add", completeLinuxCapabilityNames)
 	_ = cmd.RegisterFlagCompletionFunc("cap-drop", completeLinuxCapabilityNames)
 	_ = cmd.RegisterFlagCompletionFunc("env", completion.EnvVarNames)
 	_ = cmd.RegisterFlagCompletionFunc("env-file", completion.FileNames)
 	_ = cmd.RegisterFlagCompletionFunc("network", completion.NetworkNames(dockerCli))