From 20f73b857f5974968cbcccce74fa5a5ec16a74ef Mon Sep 17 00:00:00 2001
From: Ashley Cui <acui@redhat.com>
Date: Thu, 10 Sep 2020 14:56:47 -0400
Subject: Add read-only mount to play kube

add support for read-only volume mounts in podman play kube

Signed-off-by: Ashley Cui <acui@redhat.com>
---
 pkg/domain/infra/abi/play.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'pkg/domain')

diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go
index 31ad51672..47d1c48f2 100644
--- a/pkg/domain/infra/abi/play.go
+++ b/pkg/domain/infra/abi/play.go
@@ -556,6 +556,7 @@ func kubeContainerToCreateConfig(ctx context.Context, containerYAML v1.Container
 	containerConfig.Env = envs
 
 	for _, volume := range containerYAML.VolumeMounts {
+		var readonly string
 		hostPath, exists := volumes[volume.Name]
 		if !exists {
 			return nil, errors.Errorf("Volume mount %s specified for container but not configured in volumes", volume.Name)
@@ -563,7 +564,10 @@ func kubeContainerToCreateConfig(ctx context.Context, containerYAML v1.Container
 		if err := parse.ValidateVolumeCtrDir(volume.MountPath); err != nil {
 			return nil, errors.Wrapf(err, "error in parsing MountPath")
 		}
-		containerConfig.Volumes = append(containerConfig.Volumes, fmt.Sprintf("%s:%s", hostPath, volume.MountPath))
+		if volume.ReadOnly {
+			readonly = ":ro"
+		}
+		containerConfig.Volumes = append(containerConfig.Volumes, fmt.Sprintf("%s:%s%s", hostPath, volume.MountPath, readonly))
 	}
 	return &containerConfig, nil
 }
-- 
cgit v1.2.3-54-g00ecf