opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-12-01 10:38:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

remote: fix implementation of build with --userns=auto for API

Browse Source 
`podman-remote` and Libpod API does not supports build with
`--userns=auto` since `IDMappingOptions` were not implemented for API
and bindings, following PR implements passing `IDMappingOptions` via
bindings to API.

Closes: https://github.com/containers/podman/issues/15476

Signed-off-by: Aditya R <arajan@redhat.com>
This commit is contained in:
Aditya R
2022-08-25 12:10:53 +05:30
parent b1247b62bd
commit e00272cd99
4 changed files with 49 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
test/e2e/run_userns_test.go
View File

@@ -8,6 +8,7 @@ import (
"strings"
. "github.com/containers/podman/v4/test/utils"
"github.com/containers/storage"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
. "github.com/onsi/gomega/gexec"
@@ -42,6 +43,33 @@ var _ = Describe("Podman UserNS support", func() {
})
// Note: Lot of tests for build with --userns=auto are already there in buildah
// but they are skipped in podman CI because bud tests are executed in rootfull
// environment ( where mappings for the `containers` user is not present in /etc/subuid )
// causing them to skip hence this is a redundant test for sanity to make sure
// we don't break this feature for podman-remote.
It("podman build with --userns=auto", func() {
u, err := user.Current()
Expect(err).To(BeNil())
name := u.Name
if name == "root" {
name = "containers"
}
content, err := ioutil.ReadFile("/etc/subuid")
if err != nil {
Skip("cannot read /etc/subuid")
}
if !strings.Contains(string(content), name) {
Skip("cannot find mappings for the current user")
}
session := podmanTest.Podman([]string{"build", "-f", "build/Containerfile.userns-auto", "-t", "test", "--userns=auto"})
session.WaitWithDefaultTimeout()
Expect(session).Should(Exit(0))
// `1024` is the default size or length of the range of user IDs
// that is mapped between the two user namespaces by --userns=auto.
Expect(session.OutputToString()).To(ContainSubstring(fmt.Sprintf("%d", storage.AutoUserNsMinSize)))
})
It("podman uidmapping and gidmapping", func() {
session := podmanTest.Podman([]string{"run", "--uidmap=0:100:5000", "--gidmap=0:200:5000", "alpine", "echo", "hello"})
session.WaitWithDefaultTimeout()
@@ -157,6 +185,8 @@ var _ = Describe("Podman UserNS support", func() {
session.WaitWithDefaultTimeout()
Expect(session).Should(Exit(0))
l := session.OutputToString()
// `1024` is the default size or length of the range of user IDs
// that is mapped between the two user namespaces by --userns=auto.
Expect(l).To(ContainSubstring("1024"))
m[l] = l
}