templates/node
Template
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Default to a non-root user

Browse Source
This commit is contained in:
Chuck Lantz
2019-08-05 22:47:53 +00:00
parent 5049f5084e
commit 8e8bdf032a
3 changed files with 36 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
.devcontainer/Dockerfile
View File

@@ -8,9 +8,16 @@ FROM node:10
# Avoid warnings by switching to noninteractive
ENV DEBIAN_FRONTEND=noninteractive
# The node image comes with a base non-root 'node' user, so the alternate
# user here is primarily for Linux scenarios where you need to match your local
# user UID/GID. See https://aka.ms/vscode-remote/containers/non-root-user.
ARG USERNAME=vscode
ARG USER_UID=1001
ARG USER_GID=$USER_UID
# Configure apt and install packages
RUN apt-get update \
&& apt-get -y install --no-install-recommends apt-utils 2>&1 \
&& apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \
#
# Verify git and needed tools are installed
&& apt-get install -y git procps \
@@ -29,10 +36,19 @@ RUN apt-get update \
# Install eslint globally
&& npm install -g eslint \
#
# Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user.
&& if [ "$USER_GID" != "1000" ]; then groupadd --gid $USER_GID $USERNAME; fi \
&& if [ "$USER_UID" != "1000" ]; then useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME; fi \
# [Optional] Add sudo support for non-root users
&& apt-get install -y sudo \
&& if [ "$USER_UID" != "1000" ]; then echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME; fi \
&& echo node ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/node \
&& chmod 0440 /etc/sudoers.d/$USERNAME \
#
# Clean up
&& apt-get autoremove -y \
&& apt-get clean -y \
&& rm -rf /var/lib/apt/lists/*
# Switch back to dialog for any ad-hoc use of apt-get
ENV DEBIAN_FRONTEND=dialog
ENV DEBIAN_FRONTEND=

23
.devcontainer/devcontainer.json
View File

@@ -1,12 +1,15 @@
{
"name": "Node.js Sample",
"dockerFile": "Dockerfile",
"appPort": 3000,
"extensions": [
"dbaeumer.vscode-eslint"
],
"settings": {
"terminal.integrated.shell.linux": "/bin/bash"
},
"postCreateCommand": "yarn install"
"name": "Node.js Sample",
"dockerFile": "Dockerfile",
"appPort": 3000,
"extensions": [
"dbaeumer.vscode-eslint"
],
"settings": {
"terminal.integrated.shell.linux": "/bin/bash"
},
"postCreateCommand": "yarn install",
// Comment out the next line to run as root instead. Linux users, update the next line and
// Dockerfile with your user's UID/GID if not 1000.
"runArgs": [ "-u", "1000" ]
}