Merge pull request #18838 from rhatdan/workdir

Add WorkingDir support to quadlet

docs/source/markdown/podman-systemd.unit.5.md

@@ -137,6 +137,7 @@ Valid options for `[Container]` are listed below:
 | UserNS=keep-id:uid=200,gid=210 | --userns keep-id:uid=200,gid=210                     |
 | VolatileTmp=true               | --tmpfs /tmp                                         |
 | Volume=/source:/dest           | --volume /source:/dest                               |
+| WorkingDir=$HOME               | --workdir $HOME                                      |
 
 Description of `[Container]` section are:
 
@@ -491,6 +492,12 @@ created by using a `$name.volume` Quadlet file.
 
 This key can be listed multiple times.
 
+### `WorkingDir=`
+
+Working directory inside the container.
+
+The default working directory for running binaries within a container is the root directory (/). The image developer can set a different default with the WORKDIR instruction. This option overrides the working directory by using the -w option.
+
 ## Kube units [Kube]
 
 Kube units are named with a `.kube` extension and contain a `[Kube]` section describing

pkg/systemd/quadlet/quadlet.go

@@ -104,6 +104,7 @@ const (
 	KeyUserNS                = "UserNS"
 	KeyVolatileTmp           = "VolatileTmp"
 	KeyVolume                = "Volume"
+	KeyWorkingDir            = "WorkingDir"
 	KeyYaml                  = "Yaml"
 )
 
@@ -168,6 +169,7 @@ var (
 		KeyUserNS:                true,
 		KeyVolatileTmp:           true,
 		KeyVolume:                true,
+		KeyWorkingDir:            true,
 	}
 
 	// Supported keys in "Volume" group
@@ -504,6 +506,10 @@ func ConvertContainer(container *parser.UnitFile, isUser bool) (*parser.UnitFile
 		}
 	}
 
+	if workdir, exists := container.Lookup(ContainerGroup, KeyWorkingDir); exists {
+		podman.addf("-w=%s", workdir)
+	}
+
 	if err := handleUserRemap(container, ContainerGroup, podman, isUser, true); err != nil {
 		return nil, err
 	}

test/e2e/quadlet/workingdir.container

@@ -0,0 +1,6 @@
+## assert-podman-final-args localhost/imagename
+## assert-podman-args "-w=%h"
+
+[Container]
+Image=localhost/imagename
+WorkingDir=%h

test/e2e/quadlet_test.go

@@ -536,51 +536,52 @@ var _ = Describe("quadlet system generator", func() {
 		Entry("basepodman.container", "basepodman.container"),
 		Entry("capabilities.container", "capabilities.container"),
 		Entry("capabilities2.container", "capabilities2.container"),
-		Entry("disableselinux.container", "disableselinux.container"),
-		Entry("nestedselinux.container", "nestedselinux.container"),
 		Entry("devices.container", "devices.container"),
+		Entry("disableselinux.container", "disableselinux.container"),
+		Entry("env-file.container", "env-file.container"),
+		Entry("env-host-false.container", "env-host-false.container"),
+		Entry("env-host.container", "env-host.container"),
 		Entry("env.container", "env.container"),
 		Entry("escapes.container", "escapes.container"),
 		Entry("exec.container", "exec.container"),
+		Entry("health.container", "health.container"),
+		Entry("hostname.container", "hostname.container"),
 		Entry("image.container", "image.container"),
 		Entry("install.container", "install.container"),
 		Entry("ip.container", "ip.container"),
 		Entry("label.container", "label.container"),
+		Entry("logdriver.container", "logdriver.container"),
+		Entry("mount.container", "mount.container"),
 		Entry("name.container", "name.container"),
+		Entry("nestedselinux.container", "nestedselinux.container"),
 		Entry("network.container", "network.container"),
 		Entry("network.quadlet.container", "network.quadlet.container"),
 		Entry("noimage.container", "noimage.container"),
 		Entry("notify.container", "notify.container"),
 		Entry("oneshot.container", "oneshot.container"),
-		Entry("rootfs.container", "rootfs.container"),
-		Entry("selinux.container", "selinux.container"),
 		Entry("other-sections.container", "other-sections.container"),
 		Entry("podmanargs.container", "podmanargs.container"),
 		Entry("ports.container", "ports.container"),
 		Entry("ports_ipv6.container", "ports_ipv6.container"),
+		Entry("pull.container", "pull.container"),
 		Entry("readonly-notmpfs.container", "readonly-notmpfs.container"),
-		Entry("readwrite.container", "readwrite.container"),
 		Entry("readwrite-notmpfs.container", "readwrite-notmpfs.container"),
-		Entry("seccomp.container", "seccomp.container"),
+		Entry("readwrite.container", "readwrite.container"),
-		Entry("shortname.container", "shortname.container"),
-		Entry("sysctl.container", "sysctl.container"),
-		Entry("timezone.container", "timezone.container"),
-		Entry("user.container", "user.container"),
-		Entry("remap-manual.container", "remap-manual.container"),
 		Entry("remap-auto.container", "remap-auto.container"),
 		Entry("remap-auto2.container", "remap-auto2.container"),
 		Entry("remap-keep-id.container", "remap-keep-id.container"),
 		Entry("remap-keep-id2.container", "remap-keep-id2.container"),
-		Entry("volume.container", "volume.container"),
+		Entry("remap-manual.container", "remap-manual.container"),
-		Entry("env-file.container", "env-file.container"),
+		Entry("rootfs.container", "rootfs.container"),
-		Entry("env-host.container", "env-host.container"),
+		Entry("seccomp.container", "seccomp.container"),
-		Entry("env-host-false.container", "env-host-false.container"),
 		Entry("secrets.container", "secrets.container"),
-		Entry("logdriver.container", "logdriver.container"),
+		Entry("selinux.container", "selinux.container"),
-		Entry("mount.container", "mount.container"),
+		Entry("shortname.container", "shortname.container"),
-		Entry("health.container", "health.container"),
+		Entry("sysctl.container", "sysctl.container"),
-		Entry("hostname.container", "hostname.container"),
+		Entry("timezone.container", "timezone.container"),
-		Entry("pull.container", "pull.container"),
+		Entry("user.container", "user.container"),
+		Entry("volume.container", "volume.container"),
+		Entry("workingdir.container", "workingdir.container"),
 
 		Entry("basic.volume", "basic.volume"),
 		Entry("label.volume", "label.volume"),