github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
a9ac5f9cb5
containerd/oci
History
Akihiro Suda 3eda46af12
oci: fix additional GIDs 
Test suite:
```yaml

---
apiVersion: v1
kind: Pod
metadata:
  name: test-no-option
  annotations:
    description: "Equivalent of `docker run` (no option)"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=0(root) gid=0(root) groups=0(root),10(wheel)" ]']
---
apiVersion: v1
kind: Pod
metadata:
  name: test-group-add-1-group-add-1234
  annotations:
    description: "Equivalent of `docker run --group-add 1 --group-add 1234`"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=0(root) gid=0(root) groups=0(root),1(daemon),10(wheel),1234" ]']
  securityContext:
    supplementalGroups: [1, 1234]
---
apiVersion: v1
kind: Pod
metadata:
  name: test-user-1234
  annotations:
    description: "Equivalent of `docker run --user 1234`"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=1234 gid=0(root) groups=0(root)" ]']
  securityContext:
    runAsUser: 1234
---
apiVersion: v1
kind: Pod
metadata:
  name: test-user-1234-1234
  annotations:
    description: "Equivalent of `docker run --user 1234:1234`"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=1234 gid=1234 groups=1234" ]']
  securityContext:
    runAsUser: 1234
    runAsGroup: 1234
---
apiVersion: v1
kind: Pod
metadata:
  name: test-user-1234-group-add-1234
  annotations:
    description: "Equivalent of `docker run --user 1234 --group-add 1234`"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=1234 gid=0(root) groups=0(root),1234" ]']
  securityContext:
    runAsUser: 1234
    supplementalGroups: [1234]
```

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2023-02-10 15:53:00 +09:00
..
client.go Licence header added 2018-02-19 10:32:26 +09:00
mounts_freebsd.go oci: appendOSMounts(): remove unused error, and move 2022-12-27 10:23:26 +01:00
mounts.go oci: appendOSMounts(): remove unused error, and move 2022-12-27 10:23:26 +01:00
spec_opts_linux_test.go oci: fix additional GIDs 2023-02-10 15:53:00 +09:00
spec_opts_linux.go Make OCI spec opts available on all platforms 2023-01-11 13:03:58 -08:00
spec_opts_nonlinux.go Make OCI spec opts available on all platforms 2023-01-11 13:03:58 -08:00
spec_opts_test.go Add basic spec and mounts for Darwin 2023-01-12 17:00:40 -08:00
spec_opts_unix_test.go Cleanup build constraints 2022-12-08 09:36:20 -08:00
spec_opts_unix.go Make OCI spec opts available on all platforms 2023-01-11 13:03:58 -08:00
spec_opts_windows_test.go Updates oci image config to support upstream ArgsEscaped 2022-10-11 13:29:56 -07:00
spec_opts_windows.go Have separate spec builder for each platform 2023-01-11 13:12:25 -08:00
spec_opts.go oci: fix additional GIDs 2023-02-10 15:53:00 +09:00
spec_test.go Add basic spec and mounts for Darwin 2023-01-12 17:00:40 -08:00
spec.go Add basic spec and mounts for Darwin 2023-01-12 17:00:40 -08:00
utils_unix_go116_test.go Cleanup build constraints 2022-12-08 09:36:20 -08:00
utils_unix_go117_test.go Cleanup build constraints 2022-12-08 09:36:20 -08:00
utils_unix_test.go Cleanup build constraints 2022-12-08 09:36:20 -08:00
utils_unix.go Cleanup build constraints 2022-12-08 09:36:20 -08:00