From 404852be4ad8dc886927ee8a2ae5162aaf60e974 Mon Sep 17 00:00:00 2001
From: Aditya R <arajan@redhat.com>
Date: Mon, 20 Jun 2022 14:56:28 +0530
Subject: [PATCH] demo: use unshare for rootless invocations

Use `buildah unshare` to invoke `buildah mount` when demos are invoked
from rootless environments

* buildah_mult_stage: only unshare on needed steps
* buildah-scratch-demo: unshare entire script since it uses pkg managers
  commands which don't work well in rootless session without unshare.

[NO NEW TESTS NEEDED]

Signed-off-by: Aditya R <arajan@redhat.com>
---
 demos/README.md               | 10 +++++++++-
 demos/buildah-scratch-demo.sh | 16 ++++++++++++++++
 demos/buildah_multi_stage.sh  | 16 ++++++++++++++++
 3 files changed, 41 insertions(+), 1 deletion(-)

diff --git a/demos/README.md b/demos/README.md
index 4b0092245..6b80bdea8 100644
--- a/demos/README.md
+++ b/demos/README.md
@@ -25,7 +25,15 @@ This demo builds a container image from scratch. The container is going to injec
 
 Please make sure you have installed Buildah and Podman. Also this demo uses Quay.io to push the image to that registry when it is completed. If you are not logged in then it will fail at that step and finish. If you wish to login to Quay.io before running the demo, then it will push to your repository successfully.
 
-    $ sudo buildah login quay.io
+```bash
+# Rootful session
+$ sudo buildah login quay.io
+#
+#  or
+#
+# Rootless session
+$ buildah login quay.io
+```
 
 There are several variables you will want to set that are listed at the top of the script. The name for the container image, your quay.io username, your name, and the Fedora release number:
 
diff --git a/demos/buildah-scratch-demo.sh b/demos/buildah-scratch-demo.sh
index 9fbe919f5..315ff13ee 100755
--- a/demos/buildah-scratch-demo.sh
+++ b/demos/buildah-scratch-demo.sh
@@ -7,6 +7,22 @@
 #   buildah login quay.io
 # Set some of the variables below
 
+#################
+#  is_rootless  #  Check if we run as normal user
+#################
+function is_rootless() {
+    [ "$(id -u)" -ne 0 ]
+}
+
+## Steps in this demo use pkg-managers like dnf and yum which
+## must be invoked as root. Similarly `buildah mount` only work
+## as root. The `buildah unshare` command switches your user
+## session to root within the user namespace.
+if is_rootless; then
+  buildah unshare $0
+  exit
+fi
+
 demoimg=myshdemo
 quayuser=ipbabble
 myname=WilliamHenry
diff --git a/demos/buildah_multi_stage.sh b/demos/buildah_multi_stage.sh
index 67af6f86f..43af14b8f 100755
--- a/demos/buildah_multi_stage.sh
+++ b/demos/buildah_multi_stage.sh
@@ -5,6 +5,22 @@
 # Assumptions install buildah and podman
 # Set some of the variables below
 
+
+#################
+#  is_rootless  #  Check if we run as normal user
+#################
+function is_rootless() {
+    [ "$(id -u)" -ne 0 ]
+}
+
+## The `buildah mount` only work as root so use
+## `buildah unshare` command which switches your
+## user session to root within the user namespace.
+if is_rootless; then
+  buildah unshare $0
+  exit
+fi
+
 demoimg=mymultidemo
 quayuser=myquayuser
 myname=MyName