diff --git a/skipper/runner.py b/skipper/runner.py index dc86468..2d306b5 100644 --- a/skipper/runner.py +++ b/skipper/runner.py @@ -91,6 +91,9 @@ def _run_nested(fqdn_image, environment, command, interactive, name, net, publis except KeyError: pass + if utils.get_runtime_command() == "podman": + cmd += ['--group-add', 'keep-groups'] + if use_cache: cmd += ['-e', 'SKIPPER_USE_CACHE_IMAGE=True'] diff --git a/tests/test_runner_podman.py b/tests/test_runner_podman.py index 4bd33cd..d1781e9 100644 --- a/tests/test_runner_podman.py +++ b/tests/test_runner_podman.py @@ -82,6 +82,7 @@ def test_run_simple_command_nested_network_exist(self, resource_filename_mock, c '-e', 'SKIPPER_UID=%(user_uid)s' % dict(user_uid=USER_ID), '-e', 'HOME=%(homedir)s' % dict(homedir=HOME_DIR), '-e', 'CONTAINER_RUNTIME_COMMAND=%(runtime_command)s' % dict(runtime_command=utils.get_runtime_command()), + '--group-add', 'keep-groups', '-v', get_volume_mapping('%(homedir)s/.netrc:%(homedir)s/.netrc:ro' % dict(homedir=HOME_DIR)), '-v', get_volume_mapping('%(homedir)s/.gitconfig:%(homedir)s/.gitconfig:ro' % dict(homedir=HOME_DIR)), '-v', get_volume_mapping('%(homedir)s/.docker/config.json:%(homedir)s/.docker/config.json:ro' % dict(homedir=HOME_DIR)), @@ -123,6 +124,7 @@ def test_run_simple_command_nested_network_not_exist(self, resource_filename_moc '-e', 'SKIPPER_UID=%(user_uid)s' % dict(user_uid=USER_ID), '-e', 'HOME=%(homedir)s' % dict(homedir=HOME_DIR), '-e', 'CONTAINER_RUNTIME_COMMAND=%(runtime_command)s' % dict(runtime_command=utils.get_runtime_command()), + '--group-add', 'keep-groups', '-v', get_volume_mapping('%(homedir)s/.netrc:%(homedir)s/.netrc:ro' % dict(homedir=HOME_DIR)), '-v', get_volume_mapping('%(homedir)s/.gitconfig:%(homedir)s/.gitconfig:ro' % dict(homedir=HOME_DIR)), '-v', get_volume_mapping('%(homedir)s/.docker/config.json:%(homedir)s/.docker/config.json:ro' % dict(homedir=HOME_DIR)), @@ -164,6 +166,7 @@ def test_run_complex_command_nested(self, resource_filename_mock, check_output_m '-e', 'SKIPPER_UID=%(user_uid)s' % dict(user_uid=USER_ID), '-e', 'HOME=%(homedir)s' % dict(homedir=HOME_DIR), '-e', 'CONTAINER_RUNTIME_COMMAND=%(runtime_command)s' % dict(runtime_command=utils.get_runtime_command()), + '--group-add', 'keep-groups', '-v', get_volume_mapping('%(homedir)s/.netrc:%(homedir)s/.netrc:ro' % dict(homedir=HOME_DIR)), '-v', get_volume_mapping('%(homedir)s/.gitconfig:%(homedir)s/.gitconfig:ro' % dict(homedir=HOME_DIR)), '-v', get_volume_mapping('%(homedir)s/.docker/config.json:%(homedir)s/.docker/config.json:ro' % dict(homedir=HOME_DIR)), @@ -209,6 +212,7 @@ def test_run_non_existent_unauthorized_volume(self, resource_filename_mock, '-e', 'SKIPPER_UID=%(user_uid)s' % dict(user_uid=USER_ID), '-e', 'HOME=%(homedir)s' % dict(homedir=HOME_DIR), '-e', 'CONTAINER_RUNTIME_COMMAND=%(runtime_command)s' % dict(runtime_command=utils.get_runtime_command()), + '--group-add', 'keep-groups', '-v', get_volume_mapping('%(homedir)s/.netrc:%(homedir)s/.netrc:ro' % dict(homedir=HOME_DIR)), '-v', get_volume_mapping('%(homedir)s/.gitconfig:%(homedir)s/.gitconfig:ro' % dict(homedir=HOME_DIR)), '-v', get_volume_mapping('%(homedir)s/.docker/config.json:%(homedir)s/.docker/config.json:ro' % dict(homedir=HOME_DIR)), @@ -252,6 +256,7 @@ def test_run_complex_command_nested_with_env(self, resource_filename_mock, check '-e', 'SKIPPER_UID=%(user_uid)s' % dict(user_uid=USER_ID), '-e', 'HOME=%(homedir)s' % dict(homedir=HOME_DIR), '-e', 'CONTAINER_RUNTIME_COMMAND=%(runtime_command)s' % dict(runtime_command=utils.get_runtime_command()), + '--group-add', 'keep-groups', '-v', get_volume_mapping('%(homedir)s/.netrc:%(homedir)s/.netrc:ro' % dict(homedir=HOME_DIR)), '-v', get_volume_mapping('%(homedir)s/.gitconfig:%(homedir)s/.gitconfig:ro' % dict(homedir=HOME_DIR)), '-v', get_volume_mapping('%(homedir)s/.docker/config.json:%(homedir)s/.docker/config.json:ro' % dict(homedir=HOME_DIR)),