(.devcontainer.json): Development container opens project with incorrect permissions #19979
Assignees
Labels
@aws-cdk/aws-workspaces
Related Amazon WorkSpaces
bug
This issue is a bug.
needs-triage
This issue or PR still needs to be triaged.
package/tools
Related to AWS CDK Tools or CLI
Comments
CarlosDomingues
added
bug
github-actions
bot
added
@aws-cdk/aws-workspaces
4 tasks
mergify bot
pushed a commit
that referenced
this issue
Apr 26, 2022
Docker `jsii/superchain` image, which is used as a base image of devcontainer, has a default non-root user `superchain` which UID is `1001`. If the container host's workspace directory is not owned by UID `1001`, users may not be able to modify files inside the container because of the insufficient permission. .devcontainer.json has a workaround option [`updateRemoteUserUID`](https://code.visualstudio.com/docs/remote/devcontainerjson-reference#_general-devcontainerjson-properties) which updates container's non-root user's UID at runtime. This PR sets `remoteUser` explicitly in .devcontainer.json to make `updateRemoteUserUID` work. fixes #19979 ---- ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
When opening the project with VS Code's Remote - Containers extension, my
/workspacesdirectory has permissions to UID 1000. However, the image's default non-root user (superchain) has UID 1001.As result,
postCrateCommandwill fail, files cannot be edited and scripts cannot be executed (without sudo).I was able to workaround that by explicitly configuring the non-root user:
{ "name": "Dev Container Definition - AWS CDK", "image": "jsii/superchain:1-buster-slim", "postCreateCommand": "yarn build --skip-test --no-bail --skip-prereqs --skip-compat", "extensions": [ "dbaeumer.vscode-eslint@2.1.5" ], "remoteUser": "superchain" }Expected Behavior
I expected
.devcontainer.jsonto work out of the box.Current Behavior
I had to make changes to
.devcontainer.json.Reproduction Steps
Open the project using VS Code's Remote - Containers and try to edit any file.
Possible Solution
Explicitly configure the
superchainnon-root user in.devcontainer.json.Additional Information/Context
No response
CDK CLI Version
N/A
Framework Version
No response
Node.js Version
N/A
OS
Linux Fedora
Language
Typescript
Language Version
No response
Other information
No response
The text was updated successfully, but these errors were encountered: