2 files changed, 43 insertions, 1 deletions

diff --git a/libpod/kube.go b/libpod/kube.go
index 0c4f9f0a0..6feb69fea 100644
--- a/libpod/kube.go
+++ b/libpod/kube.go
@@ -676,8 +676,18 @@ func generateKubeSecurityContext(c *Container) (*v1.SecurityContext, error) {
 			return nil, errors.Wrapf(err, "unable to sync container during YAML generation")
 		}
 
+		mountpoint := c.state.Mountpoint
+		if mountpoint == "" {
+			var err error
+			mountpoint, err = c.mount()
+			if err != nil {
+				return nil, errors.Wrapf(err, "failed to mount %s mountpoint", c.ID())
+			}
+			defer c.unmount(false)
+		}
 		logrus.Debugf("Looking in container for user: %s", c.User())
-		execUser, err := lookup.GetUserGroupInfo(c.state.Mountpoint, c.User(), nil)
+
+		execUser, err := lookup.GetUserGroupInfo(mountpoint, c.User(), nil)
 		if err != nil {
 			return nil, err
 		}
diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go
index d7c697f28..21e006c20 100644
--- a/test/e2e/generate_kube_test.go
+++ b/test/e2e/generate_kube_test.go
@@ -734,4 +734,36 @@ ENTRYPOINT /bin/sleep`
 		kube.WaitWithDefaultTimeout()
 		Expect(kube.ExitCode()).To(Equal(0))
 	})
+
+	It("podman generate kube based on user in container", func() {
+		// Build an image with an entrypoint.
+		containerfile := `FROM quay.io/libpod/alpine:latest
+RUN adduser -u 10001 -S test1
+USER test1`
+
+		targetPath, err := CreateTempDirInTempDir()
+		Expect(err).To(BeNil())
+		containerfilePath := filepath.Join(targetPath, "Containerfile")
+		err = ioutil.WriteFile(containerfilePath, []byte(containerfile), 0644)
+		Expect(err).To(BeNil())
+
+		image := "generatekube:test"
+		session := podmanTest.Podman([]string{"build", "-f", containerfilePath, "-t", image})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+
+		session = podmanTest.Podman([]string{"create", "--pod", "new:testpod", image, "test1"})
+		session.WaitWithDefaultTimeout()
+		Expect(session.ExitCode()).To(Equal(0))
+
+		kube := podmanTest.Podman([]string{"generate", "kube", "testpod"})
+		kube.WaitWithDefaultTimeout()
+		Expect(kube.ExitCode()).To(Equal(0))
+
+		pod := new(v1.Pod)
+		err = yaml.Unmarshal(kube.Out.Contents(), pod)
+		Expect(err).To(BeNil())
+		Expect(*pod.Spec.Containers[0].SecurityContext.RunAsUser).To(Equal(int64(10001)))
+	})
+
 })