From 36e57c2f6784492d82b0bbd0f6617547ab328e43 Mon Sep 17 00:00:00 2001
From: nexdrew <andrewbgoode@gmail.com>
Date: Thu, 21 May 2020 07:38:50 -0400
Subject: [PATCH 1/3] add --security-opt

---
 README.md                          |  1 +
 index.js                           |  3 +++
 test/fixtures/inspect-one-two.json | 13 ++++++++++++-
 test/test-cli.js                   | 10 ++++++++++
 4 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index ab5b877..5914a51 100644
--- a/README.md
+++ b/README.md
@@ -194,6 +194,7 @@ array.forEach((r) => {
 | `HostConfig.UTSMode`         | `--uts`          |
 | `HostConfig.RestartPolicy`   | `--restart`      |
 | `HostConfig.ExtraHosts`      | `--add-host`     |
+| `HostConfig.SecurityOpt`     | `--security-opt` |
 | `Config.Hostname`            | `-h`             |
 | `Config.Domainname`          | `--domainname`   |
 | `Config.ExposedPorts`        | `--expose`       |
diff --git a/index.js b/index.js
index 91d359a..a13b7c1 100644
--- a/index.js
+++ b/index.js
@@ -125,6 +125,9 @@ function toRunCommand (inspectObj, name) {
     })
   }
   if (isCompatible('--add-host', modes)) rc = appendArray(rc, '--add-host', hostcfg.ExtraHosts)
+  // TODO hostcfg.GroupAdd
+  // TODO hostcfg.PidMode
+  rc = appendArray(rc, '--security-opt', hostcfg.SecurityOpt, quote)
 
   const cfg = inspectObj.Config || {}
 
diff --git a/test/fixtures/inspect-one-two.json b/test/fixtures/inspect-one-two.json
index 61998a4..c575869 100644
--- a/test/fixtures/inspect-one-two.json
+++ b/test/fixtures/inspect-one-two.json
@@ -84,7 +84,18 @@
       "Privileged": false,
       "PublishAllPorts": true,
       "ReadonlyRootfs": false,
-      "SecurityOpt": null,
+      "SecurityOpt": [
+        "label=level:s0:c100,c200",
+        "label=user:USER",
+        "label=role:ROLE",
+        "label=type:TYPE",
+        "label=level:LEVEL",
+        "label=disable",
+        "apparmor=docker-default",
+        "no-new-privileges:true",
+        "seccomp=unconfined",
+        "label=type:svirt_apache_t"
+      ],
       "UTSMode": "host",
       "UsernsMode": "",
       "ShmSize": 67108864,
diff --git a/test/test-cli.js b/test/test-cli.js
index 6aaacf3..a325d12 100644
--- a/test/test-cli.js
+++ b/test/test-cli.js
@@ -33,6 +33,16 @@ const expectedOneTwo = '\n' +
   '--uts host ' +
   '--restart on-failure:5 ' +
   '--add-host xyz:1.2.3.4 --add-host abc:5.6.7.8 ' +
+  '--security-opt \'label=level:s0:c100,c200\' ' +
+  '--security-opt \'label=user:USER\' ' +
+  '--security-opt \'label=role:ROLE\' ' +
+  '--security-opt \'label=type:TYPE\' ' +
+  '--security-opt \'label=level:LEVEL\' ' +
+  '--security-opt \'label=disable\' ' +
+  '--security-opt \'apparmor=docker-default\' ' +
+  '--security-opt \'no-new-privileges:true\' ' +
+  '--security-opt \'seccomp=unconfined\' ' +
+  '--security-opt \'label=type:svirt_apache_t\' ' +
   '--expose 4700/tcp --expose 4702/tcp ' +
   '-l com.docker.compose.config-hash=\'9f94e0df059d6b68fa0e306b9ee555b4fb9d6dbdb3982a0b0f6c7adca2945f26\' ' +
   '-l com.docker.compose.container-number=\'1\' ' +

From 3475490011d80ce434ea482e571daa9253f92d63 Mon Sep 17 00:00:00 2001
From: nexdrew <andrewbgoode@gmail.com>
Date: Thu, 21 May 2020 07:51:49 -0400
Subject: [PATCH 2/3] add --pid

---
 README.md                          | 1 +
 index.js                           | 2 +-
 test/fixtures/inspect-one-two.json | 2 +-
 test/test-cli.js                   | 1 +
 4 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 5914a51..76cd57d 100644
--- a/README.md
+++ b/README.md
@@ -194,6 +194,7 @@ array.forEach((r) => {
 | `HostConfig.UTSMode`         | `--uts`          |
 | `HostConfig.RestartPolicy`   | `--restart`      |
 | `HostConfig.ExtraHosts`      | `--add-host`     |
+| `HostConfig.PidMode`         | `--pid`          |
 | `HostConfig.SecurityOpt`     | `--security-opt` |
 | `Config.Hostname`            | `-h`             |
 | `Config.Domainname`          | `--domainname`   |
diff --git a/index.js b/index.js
index a13b7c1..72d4cb1 100644
--- a/index.js
+++ b/index.js
@@ -126,7 +126,7 @@ function toRunCommand (inspectObj, name) {
   }
   if (isCompatible('--add-host', modes)) rc = appendArray(rc, '--add-host', hostcfg.ExtraHosts)
   // TODO hostcfg.GroupAdd
-  // TODO hostcfg.PidMode
+  if (hostcfg.PidMode) rc = append(rc, '--pid', hostcfg.PidMode)
   rc = appendArray(rc, '--security-opt', hostcfg.SecurityOpt, quote)
 
   const cfg = inspectObj.Config || {}
diff --git a/test/fixtures/inspect-one-two.json b/test/fixtures/inspect-one-two.json
index c575869..8cd4dcd 100644
--- a/test/fixtures/inspect-one-two.json
+++ b/test/fixtures/inspect-one-two.json
@@ -80,7 +80,7 @@
         "/project_rrservice_1:/project_service_1/project_rrservice_1"
       ],
       "OomScoreAdj": 0,
-      "PidMode": "",
+      "PidMode": "container:9ca8ac5c5b829c5c0a65a290b7c4eb74e9ba36f69344ee11392841fd41d5e3de",
       "Privileged": false,
       "PublishAllPorts": true,
       "ReadonlyRootfs": false,
diff --git a/test/test-cli.js b/test/test-cli.js
index a325d12..a88e6ec 100644
--- a/test/test-cli.js
+++ b/test/test-cli.js
@@ -33,6 +33,7 @@ const expectedOneTwo = '\n' +
   '--uts host ' +
   '--restart on-failure:5 ' +
   '--add-host xyz:1.2.3.4 --add-host abc:5.6.7.8 ' +
+  '--pid container:9ca8ac5c5b829c5c0a65a290b7c4eb74e9ba36f69344ee11392841fd41d5e3de ' +
   '--security-opt \'label=level:s0:c100,c200\' ' +
   '--security-opt \'label=user:USER\' ' +
   '--security-opt \'label=role:ROLE\' ' +

From 4b2937d141d363d922af822ffd90398e26b05218 Mon Sep 17 00:00:00 2001
From: nexdrew <andrewbgoode@gmail.com>
Date: Thu, 21 May 2020 08:03:15 -0400
Subject: [PATCH 3/3] add --group-add

---
 README.md                          | 1 +
 index.js                           | 2 +-
 test/fixtures/inspect-one-two.json | 6 +++++-
 test/test-cli.js                   | 1 +
 4 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 76cd57d..521297b 100644
--- a/README.md
+++ b/README.md
@@ -194,6 +194,7 @@ array.forEach((r) => {
 | `HostConfig.UTSMode`         | `--uts`          |
 | `HostConfig.RestartPolicy`   | `--restart`      |
 | `HostConfig.ExtraHosts`      | `--add-host`     |
+| `HostConfig.GroupAdd`        | `--group-add`    |
 | `HostConfig.PidMode`         | `--pid`          |
 | `HostConfig.SecurityOpt`     | `--security-opt` |
 | `Config.Hostname`            | `-h`             |
diff --git a/index.js b/index.js
index 72d4cb1..667fbf5 100644
--- a/index.js
+++ b/index.js
@@ -125,7 +125,7 @@ function toRunCommand (inspectObj, name) {
     })
   }
   if (isCompatible('--add-host', modes)) rc = appendArray(rc, '--add-host', hostcfg.ExtraHosts)
-  // TODO hostcfg.GroupAdd
+  rc = appendArray(rc, '--group-add', hostcfg.GroupAdd)
   if (hostcfg.PidMode) rc = append(rc, '--pid', hostcfg.PidMode)
   rc = appendArray(rc, '--security-opt', hostcfg.SecurityOpt, quote)
 
diff --git a/test/fixtures/inspect-one-two.json b/test/fixtures/inspect-one-two.json
index 8cd4dcd..12bb273 100644
--- a/test/fixtures/inspect-one-two.json
+++ b/test/fixtures/inspect-one-two.json
@@ -284,7 +284,11 @@
       "DnsOptions": [],
       "DnsSearch": [],
       "ExtraHosts": null,
-      "GroupAdd": null,
+      "GroupAdd": [
+        "audio",
+        "nogroup",
+        "777"
+      ],
       "IpcMode": "",
       "Cgroup": "",
       "Links": null,
diff --git a/test/test-cli.js b/test/test-cli.js
index a88e6ec..660bf2f 100644
--- a/test/test-cli.js
+++ b/test/test-cli.js
@@ -66,6 +66,7 @@ const expectedOneTwo = '\n' +
   '--runtime nvidia ' +
   '--volumes-from admiring_brown --volumes-from silly_jang ' +
   '--restart no ' +
+  '--group-add audio --group-add nogroup --group-add 777 ' +
   '-h 46d567b2ef86 ' +
   '--domainname rekcod.xyz ' +
   '-e \'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\' ' +