Add device_cgroup_rules support

"device_cgroup_rules: []" is defined in the Compose file specification,
and corresponds to "podman run --device-cgroup-rule="

Signed-off-by: Jeremy Visser <jeremy@visser.name>

newsfragments/device_cgroup_rules.feature

@@ -0,0 +1 @@
+Added support for the "device_cgroup_rules" property in services.

podman_compose.py

@@ -1074,6 +1074,8 @@ async def container_to_args(compose, cnt, detached=True):
         podman_args.extend(["--group-add", item])
     for item in cnt.get("devices", []):
         podman_args.extend(["--device", item])
+    for item in cnt.get("device_cgroup_rules", []):
+        podman_args.extend(["--device-cgroup-rule", item])
     for item in norm_as_list(cnt.get("dns")):
         podman_args.extend(["--dns", item])
     for item in norm_as_list(cnt.get("dns_opt")):

tests/unit/test_container_to_args.py

@@ -611,3 +611,26 @@ class TestContainerToArgs(unittest.IsolatedAsyncioTestCase):
                 "busybox",
             ],
         )
+
+    async def test_device(self):
+        c = create_compose_mock()
+        cnt = get_minimal_container()
+
+        cnt['devices'] = ['/dev/ttyS0']
+        cnt['device_cgroup_rules'] = ['c 100:200 rwm']
+
+        args = await container_to_args(c, cnt)
+        self.assertEqual(
+            args,
+            [
+                "--name=project_name_service_name1",
+                "-d",
+                "--device",
+                "/dev/ttyS0",
+                "--device-cgroup-rule",
+                "c 100:200 rwm",
+                "--network=bridge",
+                "--network-alias=service_name",
+                "busybox",
+            ],
+        )