From 0e761d7c451fc1c4dd8a1a5e12e84d34a49991ef Mon Sep 17 00:00:00 2001 From: Chuck Lantz Date: Tue, 6 Aug 2019 02:00:41 +0000 Subject: [PATCH 1/4] Default to non-root user --- .devcontainer/Dockerfile | 31 ++++++++++++++++++++++--------- .devcontainer/devcontainer.json | 5 ++++- README.md | 10 +++++++--- 3 files changed, 33 insertions(+), 13 deletions(-) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index bafa6c3..6ff3dc9 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -8,18 +8,31 @@ FROM php:7-cli # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ - && apt-get -y install --no-install-recommends apt-utils 2>&1 \ + && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ # # Install git, procps, lsb-release (useful for CLI installs) - && apt-get -y install git procps lsb-release \ - # - # Install xdebug - && yes | pecl install xdebug \ - && echo "zend_extension=$(find /usr/local/lib/php/extensions/ -name xdebug.so)" > /usr/local/etc/php/conf.d/xdebug.ini \ - && echo "xdebug.remote_enable=on" >> /usr/local/etc/php/conf.d/xdebug.ini \ - && echo "xdebug.remote_autostart=on" >> /usr/local/etc/php/conf.d/xdebug.ini \ + && apt-get -y install git procps iproute2 lsb-release \ + # + # Install xdebug + && yes | pecl install xdebug \ + && echo "zend_extension=$(find /usr/local/lib/php/extensions/ -name xdebug.so)" > /usr/local/etc/php/conf.d/xdebug.ini \ + && echo "xdebug.remote_enable=on" >> /usr/local/etc/php/conf.d/xdebug.ini \ + && echo "xdebug.remote_autostart=on" >> /usr/local/etc/php/conf.d/xdebug.ini \ + # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Add sudo support for non-root user + && apt-get install -y sudo \ + && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + && chmod 0440 /etc/sudoers.d/$USERNAME \ # # Clean up && apt-get autoremove -y \ @@ -27,6 +40,6 @@ RUN apt-get update \ && rm -rf /var/lib/apt/lists/* # Switch back to dialog for any ad-hoc use of apt-get -ENV DEBIAN_FRONTEND=dialog +ENV DEBIAN_FRONTEND= diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 6e44ac4..467f33d 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -8,5 +8,8 @@ ], "settings": { "terminal.integrated.shell.linux": "/bin/bash" - } + }, + // Comment out the next line to run as root instead. Linux users, + // update Dockerfile with your user's UID/GID if not 1000. + "runArgs": [ "-u", "vscode" ] } \ No newline at end of file diff --git a/README.md b/README.md index 8560011..e302fa0 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ This is a sample project that lets you try out the **[VS Code Remote - Containers](https://aka.ms/vscode-remote/containers)** extension in a few easy steps. -> **Note:** If you're following the quick start, you can jump to the [Things to try](#things-to-try) section. +> **Note:** If you're following the quick start, you can jump to the [Things to try](#things-to-try) section. ## Setting up the development container @@ -10,7 +10,9 @@ Follow these steps to open this sample in a container: 1. If this is your first time using a development container, please follow the [getting started steps](https://aka.ms/vscode-remote/containers/getting-started). -2. If you're not yet in a development container: +2. **Linux users:** Update `USER_UID` and `USER_GID` in `.devcontainer/Dockerfile` with your user UID/GID if not 1000 to avoid creating files as root. + +3. If you're not yet in a development container: - Clone this repository. - Press F1 and select the **Remote-Containers: Open Folder in Container...** command. - Select the cloned copy of this folder, wait for the container to start, and try things out! @@ -19,6 +21,8 @@ Follow these steps to open this sample in a container: Once you have this sample opened in a container, you'll be able to work with it like you would locally. +> **Note:** This container runs as a non-root user with sudo access by default. Comment out `"runArgs": ["-u", "vscode"]` in `.devcontainer/devcontainer.json` if you'd prefer to run as root. + Some things to try: 1. **Edit:** @@ -37,7 +41,7 @@ Some things to try: - Click "Open Browser" in the notification that appears to access the web app on this new port. - Look back at the terminal, and you should see the output from your site navigations - Edit the text on line 21 in `index.php` and refresh the page to see the changes immediately take affect - + ## Contributing This project welcomes contributions and suggestions. Most contributions require you to agree to a From df591f421b424102be0cfdd5a2f859413f0e239f Mon Sep 17 00:00:00 2001 From: Chuck Lantz Date: Thu, 22 Aug 2019 23:55:39 +0000 Subject: [PATCH 2/4] Add info on debugging a server --- .vscode/launch.json | 14 ++++++++++++++ README.md | 12 ++++++++++-- 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/.vscode/launch.json b/.vscode/launch.json index 675d51f..c69965a 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -8,6 +8,20 @@ "program": "${workspaceFolder}/index.php", "cwd": "${workspaceFolder}", "port": 9000 + }, + { + "name": "Listen for XDebug", + "type": "php", + "request": "launch", + "port": 9000 + }, + { + "name": "Launch currently open script", + "type": "php", + "request": "launch", + "program": "${file}", + "cwd": "${fileDirname}", + "port": 9000 } ] } \ No newline at end of file diff --git a/README.md b/README.md index e302fa0..48af4a0 100644 --- a/README.md +++ b/README.md @@ -29,18 +29,26 @@ Some things to try: - Open `index.php` - Try adding some code and check out the language features. 1. **Terminal:** Press ctrl+shift+\` and type `uname` and other Linux commands from the terminal window. -1. **Build, Run, and Debug:** +1. **Run and Debug:** - Open `index.php` - Add a breakpoint (e.g. on line 4). - Press F5 to launch the app in the container. - Once the breakpoint is hit, try hovering over variables, examining locals, and more. 1. **Running a server:** - - From the terminal, run `php -S localhost:8000` + - From the terminal, run `php -S 0.0.0.0:8000` - Press F1 and run the **Remote-Containers: Forward Port from Container...** command. - Select port `8000`. - Click "Open Browser" in the notification that appears to access the web app on this new port. - Look back at the terminal, and you should see the output from your site navigations - Edit the text on line 21 in `index.php` and refresh the page to see the changes immediately take affect +1. **Attach debugger to the server:** + - Follow the previous steps to start up a PHP server and open a browser on port `8000` + - Press F1 and select the **View: Show Debug** command + - Pick "Listen for XDebug" from the dropdown + - Press F5 to attach the debugger + - Add a breakpoint to `index.php` if you haven't already + - Reload your browser window + - Once the breakpoint is hit, try hovering over variables, examining locals, and more. ## Contributing From f8beedbfbfe165cb38a7f30cf2ba45953eb77507 Mon Sep 17 00:00:00 2001 From: Chuck Lantz Date: Thu, 22 Aug 2019 23:57:25 +0000 Subject: [PATCH 3/4] Fix --- .devcontainer/devcontainer.json | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 467f33d..718ec00 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,15 +1,12 @@ - { - "name": "PHP", - "dockerFile": "Dockerfile", - "extensions": [ + "name": "PHP", + "dockerFile": "Dockerfile", + "extensions": [ "felixfbecker.php-debug", - "felixfbecker.php-intellisense" - ], - "settings": { - "terminal.integrated.shell.linux": "/bin/bash" - }, - // Comment out the next line to run as root instead. Linux users, - // update Dockerfile with your user's UID/GID if not 1000. - "runArgs": [ "-u", "vscode" ] + "felixfbecker.php-intellisense" + ], + "settings": { + "terminal.integrated.shell.linux": "/bin/bash" + }, + "runArgs": [ "-u", "vscode"] } \ No newline at end of file From 9d95718df0c1e1925b3933ab73e234a6df636cc8 Mon Sep 17 00:00:00 2001 From: Chuck Lantz Date: Mon, 26 Aug 2019 14:01:30 -0700 Subject: [PATCH 4/4] Update comments --- .devcontainer/devcontainer.json | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 718ec00..03b2f2a 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,12 +1,25 @@ { "name": "PHP", - "dockerFile": "Dockerfile", - "extensions": [ - "felixfbecker.php-debug", - "felixfbecker.php-intellisense" - ], + "dockerFile": "Dockerfile", + + // Comment out the next line to run as root instead. Linux users, update + // Dockerfile with your user's UID/GID if not 1000. + "runArgs": ["-u", "vscode"], + + // Use 'settings' to set *default* container specific settings.json values on container create. + // You can edit these settings after create using File > Preferences > Settings > Remote. "settings": { "terminal.integrated.shell.linux": "/bin/bash" - }, - "runArgs": [ "-u", "vscode"] + }, + + // Uncomment the next line if you want to publish any ports. + // "appPort": [], + + // Uncomment the next line to run commands after the container is created. + // "postCreateCommand": "php -v", + + "extensions": [ + "felixfbecker.php-debug", + "felixfbecker.php-intellisense" + ] } \ No newline at end of file