diff options
Diffstat (limited to 'tools')
| -rwxr-xr-x | tools/yaml-validate.py | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/tools/yaml-validate.py b/tools/yaml-validate.py index 233ec185..674449f5 100755 --- a/tools/yaml-validate.py +++ b/tools/yaml-validate.py @@ -200,6 +200,23 @@ def validate_docker_service(filename, tpl): % (expected_config_image_parameter, config_volume)) return 1 + if 'docker_config' in role_data: + docker_config = role_data['docker_config'] + for _, step in docker_config.items(): + for _, container in step.items(): + if not isinstance(container, dict): + # NOTE(mandre) this skips everything that is not a dict + # so we may ignore some containers definitions if they + # are in a map_merge for example + continue + command = container.get('command', '') + if isinstance(command, list): + command = ' '.join(map(str, command)) + if 'bootstrap_host_exec' in command \ + and container.get('user') != 'root': + print('ERROR: bootstrap_host_exec needs to run as the root user.') + return 1 + if 'parameters' in tpl: for param in required_params: if param not in tpl['parameters']: |