opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-19 16:33:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

Incorporate user from image inspect data in play kube

Browse Source 
before, when an image signified a user, play kube ignored it. Incorporate that information.

Signed-off-by: Peter Hunt <pehunt@redhat.com>
This commit is contained in:
Peter Hunt
2019-03-18 14:07:35 -04:00
parent 6e4c32967e
commit ce81ca3631
1 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
cmd/podman/play_kube.go
View File

@ -1,6 +1,7 @@
package main package main
import ( import (
"context"
"fmt" "fmt"
"io" "io"
"io/ioutil" "io/ioutil"
@ -186,7 +187,7 @@ func playKubeYAMLCmd(c *cliconfig.KubePlayValues) error {
if err != nil { if err != nil {
return err return err
} }
createConfig, err := kubeContainerToCreateConfig(container, runtime, newImage, namespaces, volumes) createConfig, err := kubeContainerToCreateConfig(ctx, container, runtime, newImage, namespaces, volumes)
if err != nil { if err != nil {
return err return err
} }
@ -231,7 +232,7 @@ func getPodPorts(containers []v1.Container) []ocicni.PortMapping {
} }
// kubeContainerToCreateConfig takes a v1.Container and returns a createconfig describing a container // kubeContainerToCreateConfig takes a v1.Container and returns a createconfig describing a container
func kubeContainerToCreateConfig(containerYAML v1.Container, runtime *libpod.Runtime, newImage *image2.Image, namespaces map[string]string, volumes map[string]string) (*createconfig.CreateConfig, error) { func kubeContainerToCreateConfig(ctx context.Context, containerYAML v1.Container, runtime *libpod.Runtime, newImage *image2.Image, namespaces map[string]string, volumes map[string]string) (*createconfig.CreateConfig, error) {
var ( var (
containerConfig createconfig.CreateConfig containerConfig createconfig.CreateConfig
envs map[string]string envs map[string]string
@ -243,6 +244,14 @@ func kubeContainerToCreateConfig(containerYAML v1.Container, runtime *libpod.Run
containerConfig.Name = containerYAML.Name containerConfig.Name = containerYAML.Name
containerConfig.Tty = containerYAML.TTY containerConfig.Tty = containerYAML.TTY
containerConfig.WorkDir = containerYAML.WorkingDir containerConfig.WorkDir = containerYAML.WorkingDir
imageData, _ := newImage.Inspect(ctx)
containerConfig.User = "0"
if imageData != nil {
containerConfig.User = imageData.Config.User
}
if containerConfig.SecurityOpts != nil { if containerConfig.SecurityOpts != nil {
if containerYAML.SecurityContext.ReadOnlyRootFilesystem != nil { if containerYAML.SecurityContext.ReadOnlyRootFilesystem != nil {
containerConfig.ReadOnlyRootfs = *containerYAML.SecurityContext.ReadOnlyRootFilesystem containerConfig.ReadOnlyRootfs = *containerYAML.SecurityContext.ReadOnlyRootFilesystem
@ -280,6 +289,7 @@ func kubeContainerToCreateConfig(containerYAML v1.Container, runtime *libpod.Run
for _, e := range containerYAML.Env { for _, e := range containerYAML.Env {
envs[e.Name] = e.Value envs[e.Name] = e.Value
} }
containerConfig.Env = envs
for _, volume := range containerYAML.VolumeMounts { for _, volume := range containerYAML.VolumeMounts {
host_path, exists := volumes[volume.Name] host_path, exists := volumes[volume.Name]
@ -291,6 +301,5 @@ func kubeContainerToCreateConfig(containerYAML v1.Container, runtime *libpod.Run
} }
containerConfig.Volumes = append(containerConfig.Volumes, fmt.Sprintf("%s:%s", host_path, volume.MountPath)) containerConfig.Volumes = append(containerConfig.Volumes, fmt.Sprintf("%s:%s", host_path, volume.MountPath))
} }
containerConfig.Env = envs
return &containerConfig, nil return &containerConfig, nil
} }