builder/docker: runner support for --device

builder/docker/config.go

@@ -39,6 +39,9 @@ type Config struct {
 	// for work [file provisioner](/docs/provisioners/file). This defaults
 	// to c:/packer-files on windows and /packer-files on other systems.
 	ContainerDir string `mapstructure:"container_dir" required:"false"`
+	// An array of devices which will be accessible in container when it's run
+	// without `--privileged` flag.
+	Device []string `mapstructure:"device" required:"false"`
 	// Throw away the container when the build is complete. This is useful for
 	// the [artifice
 	// post-processor](/docs/post-processors/artifice).

builder/docker/config.hcl2spec.go

@@ -66,6 +66,7 @@ type FlatConfig struct {
 	Changes                   []string          `mapstructure:"changes" cty:"changes" hcl:"changes"`
 	Commit                    *bool             `mapstructure:"commit" required:"true" cty:"commit" hcl:"commit"`
 	ContainerDir              *string           `mapstructure:"container_dir" required:"false" cty:"container_dir" hcl:"container_dir"`
+	Device                    []string          `mapstructure:"device" required:"false" cty:"device" hcl:"device"`
 	Discard                   *bool             `mapstructure:"discard" required:"true" cty:"discard" hcl:"discard"`
 	CapAdd                    []string          `mapstructure:"cap_add" required:"false" cty:"cap_add" hcl:"cap_add"`
 	CapDrop                   []string          `mapstructure:"cap_drop" required:"false" cty:"cap_drop" hcl:"cap_drop"`
@@ -161,6 +162,7 @@ func (*FlatConfig) HCL2Spec() map[string]hcldec.Spec {
 		"changes":                      &hcldec.AttrSpec{Name: "changes", Type: cty.List(cty.String), Required: false},
 		"commit":                       &hcldec.AttrSpec{Name: "commit", Type: cty.Bool, Required: false},
 		"container_dir":                &hcldec.AttrSpec{Name: "container_dir", Type: cty.String, Required: false},
+		"device":                       &hcldec.AttrSpec{Name: "device", Type: cty.List(cty.String), Required: false},
 		"discard":                      &hcldec.AttrSpec{Name: "discard", Type: cty.Bool, Required: false},
 		"cap_add":                      &hcldec.AttrSpec{Name: "cap_add", Type: cty.List(cty.String), Required: false},
 		"cap_drop":                     &hcldec.AttrSpec{Name: "cap_drop", Type: cty.List(cty.String), Required: false},

builder/docker/driver.go

@@ -66,6 +66,7 @@ type Driver interface {
 type ContainerConfig struct {
 	Image      string
 	RunCommand []string
+	Device     []string
 	CapAdd     []string
 	CapDrop    []string
 	Volumes    map[string]string

builder/docker/driver_docker.go

@@ -265,6 +265,9 @@ func (d *DockerDriver) StartContainer(config *ContainerConfig) (string, error) {
 
 	// Args that we're going to pass to Docker
 	args := []string{"run"}
+	for _, v := range config.Device {
+		args = append(args, "--device", v)
+	}
 	for _, v := range config.CapAdd {
 		args = append(args, "--cap-add", v)
 	}

builder/docker/step_run.go

@@ -25,6 +25,7 @@ func (s *StepRun) Run(ctx context.Context, state multistep.StateBag) multistep.S
 	runConfig := ContainerConfig{
 		Image:      config.Image,
 		RunCommand: config.RunCommand,
+		Device:     config.Device,
 		TmpFs:      config.TmpFs,
 		Volumes:    make(map[string]string),
 		CapAdd:     config.CapAdd,

website/pages/partials/builder/docker/Config-not-required.mdx

@@ -10,6 +10,9 @@
   for work [file provisioner](/docs/provisioners/file). This defaults
   to c:/packer-files on windows and /packer-files on other systems.
 
+- `device` ([]string) - An array of devices which will be accessible in container when it's run
+  without `--privileged` flag.
+
 - `cap_add` ([]string) - An array of additional Linux capabilities to grant to the container.
 
 - `cap_drop` ([]string) - An array of Linux capabilities to drop from the container.