Support --security-opt

[heitorPB]

I'm migrating a codebase (in Golang) that generates Nomad jobs from Docker driver to Podman.

I'm hitting the following error:

Nov 24 12:50:13 alien nomad[328531]:     2023-11-24T12:50:13.010-0300 [INFO]  client.alloc_runner.task_runner: Task event: alloc_id=db0c43a7-e0ec-c8d4-56bd-6f0f7da06b92 task=Upload type="Failed Validation"
Nov 24 12:50:13 alien nomad[328531]:   msg=
Nov 24 12:50:13 alien nomad[328531]:   | 2 errors occurred:
Nov 24 12:50:13 alien nomad[328531]:   | \t* failed to parse config:
Nov 24 12:50:13 alien nomad[328531]:   | \t* Invalid label: No argument or block type is named "security_opt".
Nov 24 12:50:13 alien nomad[328531]:   |
Nov 24 12:50:13 alien nomad[328531]:    failed=false
Nov 24 12:50:13 alien nomad[328531]:     2023-11-24T12:50:13.014-0300 [ERROR] client.alloc_runner.task_runner: running driver failed: alloc_id=db0c43a7-e0ec-c8d4-56bd-6f0f7da06b92 task=Upload
Nov 24 12:50:13 alien nomad[328531]:   error=
Nov 24 12:50:13 alien nomad[328531]:   | 2 errors occurred:
Nov 24 12:50:13 alien nomad[328531]:   | \t* failed to parse config:
Nov 24 12:50:13 alien nomad[328531]:   | \t* Invalid label: No argument or block type is named "security_opt".

The Docker driver supports the --security-opt flag (Nomad Docs). But the Podman driver doesn't.

This flag is supported in Podman: Podman docs - security-opt.

I'd like to request this feature. Or a mentor to guide/help me implement it :)

[lgfa29]

Oi @heitorPB tudo bem? 🙂

I think this is nice feature request, and a good first issue to contribute if you're interested. This PR should point you o the right places that need to be modified: https://github.com/hashicorp/nomad-driver-podman/pull/203

More specifically you would need to:

• [ ] Update taskConfigSpec with the new configuration.
• [ ] Update TaskConfig with a new field for the configuration.
• [ ] Update Driver.StartTask() to read the config value and set it to createOpts.
• [ ] Write a test to verify the flag is actually set.
• [ ] Update README.md and CHANGELOG.md

Let us know if you would be interested in working on this. Feel free to reach out if you have any question!