diff --git a/roles/service/defaults/main.yaml b/roles/service/defaults/main.yaml index 88d10ab..32db134 100644 --- a/roles/service/defaults/main.yaml +++ b/roles/service/defaults/main.yaml @@ -1,6 +1,7 @@ --- service_domains: [] +service_container_user: "" service_container_publish_ports: [] service_container_mounts: [] service_container_env: {} diff --git a/roles/service/meta/argument_specs.yaml b/roles/service/meta/argument_specs.yaml index cd08d65..1f610e7 100644 --- a/roles/service/meta/argument_specs.yaml +++ b/roles/service/meta/argument_specs.yaml @@ -25,6 +25,11 @@ argument_specs: description: "The image to run in the service container(s), in FQIN format (registry/imagename:tag)." type: str required: true + service_container_user: + description: The UID to run as inside the container + type: str + required: false + default: "" service_container_publish_ports: description: "A list of published ports in docker format (::)" type: list diff --git a/roles/service/tasks/main.yaml b/roles/service/tasks/main.yaml index 8324a23..cc91ac2 100644 --- a/roles/service/tasks/main.yaml +++ b/roles/service/tasks/main.yaml @@ -21,6 +21,7 @@ vars: container_name: "{{ service_name }}" container_image: "{{ service_container_image }}" + container_user: "{{ service_container_user }}" container_mounts: "{{ _service_container_mounts }}" container_publish_ports: "{{ service_container_publish_ports }}" container_networks: diff --git a/roles/service/tasks/validation.yaml b/roles/service/tasks/validation.yaml index da9eb22..ecdedb5 100644 --- a/roles/service/tasks/validation.yaml +++ b/roles/service/tasks/validation.yaml @@ -1,4 +1,9 @@ --- +- name: Fail if service_container_user is not string + ansible.builtin.fail: + msg: "service_container_user must be a string, not int." + when: service_container_user is not string + - name: Fail if service_database_type is postgres but service_postgres_tag is not set ansible.builtin.fail: msg: "service_postgres_tag needs to be set when database type is postgres"