diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 5c82908..9a82694 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -8,9 +8,16 @@ FROM node:10 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# The node image comes with a base non-root 'node' user, so the alternate +# user here is primarily for Linux scenarios where you need to match your local +# user UID/GID. See https://aka.ms/vscode-remote/containers/non-root-user. +ARG USERNAME=vscode +ARG USER_UID=1001 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ - && apt-get -y install --no-install-recommends apt-utils 2>&1 \ + && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ # # Verify git and needed tools are installed && apt-get install -y git procps \ @@ -29,10 +36,19 @@ RUN apt-get update \ # Install eslint globally && npm install -g eslint \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && if [ "$USER_GID" != "1000" ]; then groupadd --gid $USER_GID $USERNAME; fi \ + && if [ "$USER_UID" != "1000" ]; then useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME; fi \ + # [Optional] Add sudo support for non-root users + && apt-get install -y sudo \ + && if [ "$USER_UID" != "1000" ]; then echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME; fi \ + && echo node ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/node \ + && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ && rm -rf /var/lib/apt/lists/* # Switch back to dialog for any ad-hoc use of apt-get -ENV DEBIAN_FRONTEND=dialog \ No newline at end of file +ENV DEBIAN_FRONTEND= diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index f40b470..426c9b8 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,12 +1,15 @@ { - "name": "Node.js Sample", - "dockerFile": "Dockerfile", - "appPort": 3000, - "extensions": [ - "dbaeumer.vscode-eslint" - ], - "settings": { - "terminal.integrated.shell.linux": "/bin/bash" - }, - "postCreateCommand": "yarn install" + "name": "Node.js Sample", + "dockerFile": "Dockerfile", + "appPort": 3000, + "extensions": [ + "dbaeumer.vscode-eslint" + ], + "settings": { + "terminal.integrated.shell.linux": "/bin/bash" + }, + "postCreateCommand": "yarn install", + // Comment out the next line to run as root instead. Linux users, update the next line and + // Dockerfile with your user's UID/GID if not 1000. + "runArgs": [ "-u", "1000" ] } \ No newline at end of file diff --git a/README.md b/README.md index 8c4925f..43de6ba 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,9 @@ Follow these steps to open this sample in a container: 1. If this is your first time using a development container, please follow the [getting started steps](https://aka.ms/vscode-remote/containers/getting-started). -2. If you're not yet in a development container: +2. **Linux users:** Update `USER_UID` and `USER_GID` in `.devcontainer/Dockerfile` and `"runArgs": [ "-u": "1000" ]` in `.devcontainer/devcontainer.json` with your user UID/GID if not 1000 to avoid creating files as root. + +3. If you're not yet in a development container: - Clone this repository. - Press F1 and select the **Remote-Containers: Open Folder in Container...** command. - Select the cloned copy of this folder, wait for the container to start, and try things out! @@ -19,6 +21,8 @@ Follow these steps to open this sample in a container: One you have this sample opened in a container, you'll be able to work with it like you would locally. +> **Note:** This container runs as a non-root user with sudo access by default. Comment out `"runArgs":["-u", "1000"]` in `.devcontainer/devcontainer.json` if you'd prefer to run as root. + Some things to try: 1. **Edit:**