conformance: test non-root USER before WORKDIR

Add a test that checks who owns a WORKDIR if it's created after USER
sets a non-root default runtime user.

Signed-off-by: Nalin Dahyabhai <[email protected]>

Author: nalind

dockerclient/conformance_test.go

@@ -458,6 +458,16 @@ func TestConformanceInternal(t *testing.T) {
 			ContextDir: "testdata/multistage",
 			Dockerfile: "Dockerfile.env",
 		},
+		{
+			Name:       "nonroot-USER-before-WORKDIR-used",
+			ContextDir: "testdata/user-workdir",
+			Dockerfile: "Dockerfile.used",
+		},
+		{
+			Name:       "nonroot-USER-before-WORKDIR-notused",
+			ContextDir: "testdata/user-workdir",
+			Dockerfile: "Dockerfile.notused",
+		},
 	}
 
 	for i, test := range testCases {

dockerclient/testdata/user-workdir/Dockerfile.notused

@@ -0,0 +1,4 @@
+FROM alpine
+RUN adduser -D buildtest
+USER buildtest
+WORKDIR /workdir/created/deep/below

dockerclient/testdata/user-workdir/Dockerfile.used

@@ -0,0 +1,5 @@
+FROM alpine
+RUN adduser -D buildtest
+USER buildtest
+WORKDIR /workdir/created/deep/below
+RUN ls -l /workdir