From 4631f5b283b95abb30b91a858517609d3fb2022c Mon Sep 17 00:00:00 2001
From: cdoern <cdoern@redhat.com>
Date: Mon, 11 Oct 2021 11:01:36 -0400
Subject: Kube Gen run as user/group issues

Removed the inclusion of RunAsUser or RunAsGroup unless a container is run with the --user flag. When building from an image
the user will be pulled from there anyway

resolves #11914

Signed-off-by: cdoern <cdoern@redhat.com>
---
 libpod/kube.go | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'libpod/kube.go')

diff --git a/libpod/kube.go b/libpod/kube.go
index 816fe9cc3..452c2b02e 100644
--- a/libpod/kube.go
+++ b/libpod/kube.go
@@ -485,6 +485,10 @@ func containerToV1Container(ctx context.Context, c *Container) (v1.Container, []
 		kubeContainer.Command = nil
 	}
 
+	if imgData.User == c.User() {
+		kubeSec.RunAsGroup, kubeSec.RunAsUser = nil, nil
+	}
+
 	kubeContainer.WorkingDir = c.WorkingDir()
 	kubeContainer.Ports = ports
 	// This should not be applicable
-- 
cgit v1.2.3-54-g00ecf