diff --git a/container-templates/docker-compose/.devcontainer/Dockerfile b/container-templates/docker-compose/.devcontainer/Dockerfile index 6e7bac8db0..d4db8a1927 100644 --- a/container-templates/docker-compose/.devcontainer/Dockerfile +++ b/container-templates/docker-compose/.devcontainer/Dockerfile @@ -14,6 +14,11 @@ FROM debian:9 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -25,6 +30,14 @@ RUN apt-get update \ # * Add steps for installing needed dependencies here * # ***************************************************** # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/container-templates/docker-compose/.devcontainer/docker-compose.yml b/container-templates/docker-compose/.devcontainer/docker-compose.yml index ffa32ba644..00fe7b19c0 100644 --- a/container-templates/docker-compose/.devcontainer/docker-compose.yml +++ b/container-templates/docker-compose/.devcontainer/docker-compose.yml @@ -6,6 +6,9 @@ version: '3' services: your-service-name-here: + # Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + # user: 1000 + # Using a Dockerfile is optional, but included for completeness. build: context: . diff --git a/container-templates/dockerfile/.devcontainer/Dockerfile b/container-templates/dockerfile/.devcontainer/Dockerfile index 0bb30be197..123ff8f9b0 100644 --- a/container-templates/dockerfile/.devcontainer/Dockerfile +++ b/container-templates/dockerfile/.devcontainer/Dockerfile @@ -9,6 +9,11 @@ FROM debian:9 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -20,6 +25,14 @@ RUN apt-get update \ # * Add steps for installing needed dependencies here * # ***************************************************** # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/container-templates/dockerfile/.devcontainer/devcontainer.json b/container-templates/dockerfile/.devcontainer/devcontainer.json index 7b9bc44c0e..00acacff9d 100644 --- a/container-templates/dockerfile/.devcontainer/devcontainer.json +++ b/container-templates/dockerfile/.devcontainer/devcontainer.json @@ -11,7 +11,10 @@ // "-v","/var/run/docker.sock:/var/run/docker.sock", // Uncomment the next line if you will use a ptrace-based debugger like C++, Go, and Rust - // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" + // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined", + + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000" ], // Uncomment the next line if you want to publish any ports. diff --git a/container-templates/image/.devcontainer/devcontainer.json b/container-templates/image/.devcontainer/devcontainer.json index 3e7875f105..9176949edd 100644 --- a/container-templates/image/.devcontainer/devcontainer.json +++ b/container-templates/image/.devcontainer/devcontainer.json @@ -8,7 +8,10 @@ // The optional 'runArgs' property can be used to specify additional runtime arguments. "runArgs": [ // Uncomment the line if you will use a ptrace-based debugger like C++, Go, and Rust. - // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" + // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined", + + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000" ], // Uncomment the next line if you want to publish any ports. diff --git a/containers/azure-ansible/.devcontainer/Dockerfile b/containers/azure-ansible/.devcontainer/Dockerfile index 743dbc0211..5d79895589 100644 --- a/containers/azure-ansible/.devcontainer/Dockerfile +++ b/containers/azure-ansible/.devcontainer/Dockerfile @@ -9,6 +9,11 @@ FROM debian:9 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -50,6 +55,14 @@ RUN apt-get update \ && apt-get install -y libssl-dev libffi-dev python-dev python-pip \ && pip install ansible[azure] \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/azure-ansible/.devcontainer/devcontainer.json b/containers/azure-ansible/.devcontainer/devcontainer.json index ddeb852c82..b954c05513 100644 --- a/containers/azure-ansible/.devcontainer/devcontainer.json +++ b/containers/azure-ansible/.devcontainer/devcontainer.json @@ -5,6 +5,9 @@ // Uncomment the next line if you will use a ptrace-based debugger like C++, Go, and Rust. // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000", + "-v", "/var/run/docker.sock:/var/run/docker.sock" ], diff --git a/containers/azure-blockchain/.devcontainer/Dockerfile b/containers/azure-blockchain/.devcontainer/Dockerfile index 4c4f464b9d..946f9d9983 100644 --- a/containers/azure-blockchain/.devcontainer/Dockerfile +++ b/containers/azure-blockchain/.devcontainer/Dockerfile @@ -8,6 +8,11 @@ FROM python:2.7-stretch # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -32,6 +37,14 @@ RUN apt-get update \ && apt-get update \ && apt-get install -y azure-cli \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/azure-blockchain/.devcontainer/devcontainer.json b/containers/azure-blockchain/.devcontainer/devcontainer.json index a2bfcd3a82..fc0f176d50 100644 --- a/containers/azure-blockchain/.devcontainer/devcontainer.json +++ b/containers/azure-blockchain/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "az --version", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-vscode.azurecli", "azblockchain.azure-blockchain" diff --git a/containers/azure-cli/.devcontainer/Dockerfile b/containers/azure-cli/.devcontainer/Dockerfile index 7978146bee..afe498656b 100644 --- a/containers/azure-cli/.devcontainer/Dockerfile +++ b/containers/azure-cli/.devcontainer/Dockerfile @@ -8,6 +8,11 @@ FROM debian:9 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -22,6 +27,14 @@ RUN apt-get update \ && apt-get update \ && apt-get install -y azure-cli \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/azure-cli/.devcontainer/devcontainer.json b/containers/azure-cli/.devcontainer/devcontainer.json index 2c55e321f9..4d17eb94d5 100644 --- a/containers/azure-cli/.devcontainer/devcontainer.json +++ b/containers/azure-cli/.devcontainer/devcontainer.json @@ -2,8 +2,14 @@ "name": "Azure CLI", "dockerFile": "Dockerfile", - // Uncomment the next line if you will use a ptrace-based debugger like C++, Go, and Rust. - // "runArgs": [ "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ], + // The optional 'runArgs' property can be used to specify additional runtime arguments. + "runArgs": [ + // Uncomment the line if you will use a ptrace-based debugger like C++, Go, and Rust. + // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined", + + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000" + ], // Uncomment the next line if you want to publish any ports. // "appPort": [], diff --git a/containers/azure-functions-dotnetcore-2.1/.devcontainer/Dockerfile b/containers/azure-functions-dotnetcore-2.1/.devcontainer/Dockerfile index 7efcd46bda..34e441657a 100644 --- a/containers/azure-functions-dotnetcore-2.1/.devcontainer/Dockerfile +++ b/containers/azure-functions-dotnetcore-2.1/.devcontainer/Dockerfile @@ -8,6 +8,11 @@ FROM mcr.microsoft.com/dotnet/core/sdk:2.1 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -28,6 +33,14 @@ RUN apt-get update \ && apt-get update \ && apt-get install -y azure-cli azure-functions-core-tools \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/azure-functions-dotnetcore-2.1/.devcontainer/devcontainer.json b/containers/azure-functions-dotnetcore-2.1/.devcontainer/devcontainer.json index 259730d3f4..3785927c35 100644 --- a/containers/azure-functions-dotnetcore-2.1/.devcontainer/devcontainer.json +++ b/containers/azure-functions-dotnetcore-2.1/.devcontainer/devcontainer.json @@ -9,6 +9,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "dotnet restore", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-azuretools.vscode-azurefunctions", "ms-vscode.csharp" diff --git a/containers/azure-functions-dotnetcore-latest/.devcontainer/Dockerfile b/containers/azure-functions-dotnetcore-latest/.devcontainer/Dockerfile index 4ce21c339c..469c13205a 100644 --- a/containers/azure-functions-dotnetcore-latest/.devcontainer/Dockerfile +++ b/containers/azure-functions-dotnetcore-latest/.devcontainer/Dockerfile @@ -8,6 +8,11 @@ FROM mcr.microsoft.com/dotnet/core/sdk:latest # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -28,6 +33,14 @@ RUN apt-get update \ && apt-get update \ && apt-get install -y azure-cli azure-functions-core-tools \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/azure-functions-dotnetcore-latest/.devcontainer/devcontainer.json b/containers/azure-functions-dotnetcore-latest/.devcontainer/devcontainer.json index 61a4d66fcb..fb302f834c 100644 --- a/containers/azure-functions-dotnetcore-latest/.devcontainer/devcontainer.json +++ b/containers/azure-functions-dotnetcore-latest/.devcontainer/devcontainer.json @@ -9,6 +9,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "dotnet restore", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-azuretools.vscode-azurefunctions", "ms-vscode.csharp" diff --git a/containers/azure-functions-java-8/.devcontainer/Dockerfile b/containers/azure-functions-java-8/.devcontainer/Dockerfile index bf83c8c3b1..10b5b8326b 100644 --- a/containers/azure-functions-java-8/.devcontainer/Dockerfile +++ b/containers/azure-functions-java-8/.devcontainer/Dockerfile @@ -8,6 +8,11 @@ FROM maven:3-jdk-8 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -31,6 +36,14 @@ RUN apt-get update \ # Allow for a consistant java home location for settings - image is changing over time && if [ ! -d "/docker-java-home" ]; then ln -s "${JAVA_HOME}" /docker-java-home; fi \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/azure-functions-java-8/.devcontainer/devcontainer.json b/containers/azure-functions-java-8/.devcontainer/devcontainer.json index 509db82ea5..373f04dc03 100644 --- a/containers/azure-functions-java-8/.devcontainer/devcontainer.json +++ b/containers/azure-functions-java-8/.devcontainer/devcontainer.json @@ -9,6 +9,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "java -version", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-azuretools.vscode-azurefunctions", "vscjava.vscode-java-pack" diff --git a/containers/azure-functions-node-8/.devcontainer/Dockerfile b/containers/azure-functions-node-8/.devcontainer/Dockerfile index 188e7d0eb4..d3de2f8b15 100644 --- a/containers/azure-functions-node-8/.devcontainer/Dockerfile +++ b/containers/azure-functions-node-8/.devcontainer/Dockerfile @@ -8,6 +8,13 @@ FROM node:8 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# The node image comes with a base non-root 'node' user, so the alternate +# user here is primarily for Linux scenarios where you need to match your local +# user UID/GID. See https://aka.ms/vscode-remote/containers/non-root-user. +ARG USERNAME=vscode +ARG USER_UID=1001 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -31,6 +38,15 @@ RUN apt-get update \ # Install eslint && npm install -g eslint \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && if [ "$USER_GID" != "1000" ]; then groupadd --gid $USER_GID $USERNAME; fi \ + && if [ "$USER_UID" != "1000" ]; then useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME; fi \ + # [Optional] Uncomment the next four lines to add sudo support + # && apt-get install -y sudo \ + # && if [ "$USER_UID" != "1000" ]; then echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME; fi \ + # && echo node ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/node \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/azure-functions-node-8/.devcontainer/devcontainer.json b/containers/azure-functions-node-8/.devcontainer/devcontainer.json index f89a0c6e9a..7cb7683a8d 100644 --- a/containers/azure-functions-node-8/.devcontainer/devcontainer.json +++ b/containers/azure-functions-node-8/.devcontainer/devcontainer.json @@ -9,6 +9,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "npm install", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-azuretools.vscode-azurefunctions", "dbaeumer.vscode-eslint" diff --git a/containers/azure-functions-node-lts/.devcontainer/Dockerfile b/containers/azure-functions-node-lts/.devcontainer/Dockerfile index 7fda2fb4ca..0704175a1d 100644 --- a/containers/azure-functions-node-lts/.devcontainer/Dockerfile +++ b/containers/azure-functions-node-lts/.devcontainer/Dockerfile @@ -8,6 +8,13 @@ FROM node:lts # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# The node image comes with a base non-root 'node' user, so the alternate +# user here is primarily for Linux scenarios where you need to match your local +# user UID/GID. See https://aka.ms/vscode-remote/containers/non-root-user. +ARG USERNAME=vscode +ARG USER_UID=1001 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -28,6 +35,15 @@ RUN apt-get update \ && apt-get update \ && apt-get install -y azure-cli dotnet-sdk-2.1 azure-functions-core-tools \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && if [ "$USER_GID" != "1000" ]; then groupadd --gid $USER_GID $USERNAME; fi \ + && if [ "$USER_UID" != "1000" ]; then useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME; fi \ + # [Optional] Uncomment the next four lines to add sudo support + # && apt-get install -y sudo \ + # && if [ "$USER_UID" != "1000" ]; then echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME; fi \ + # && echo node ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/node \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Install eslint && npm install -g eslint \ # diff --git a/containers/azure-functions-node-lts/.devcontainer/devcontainer.json b/containers/azure-functions-node-lts/.devcontainer/devcontainer.json index de10df27b6..c5ada076dc 100644 --- a/containers/azure-functions-node-lts/.devcontainer/devcontainer.json +++ b/containers/azure-functions-node-lts/.devcontainer/devcontainer.json @@ -9,6 +9,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "npm install", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-azuretools.vscode-azurefunctions", "dbaeumer.vscode-eslint" diff --git a/containers/azure-functions-python-3/.devcontainer/Dockerfile b/containers/azure-functions-python-3/.devcontainer/Dockerfile index c48bcfeb66..460883a719 100644 --- a/containers/azure-functions-python-3/.devcontainer/Dockerfile +++ b/containers/azure-functions-python-3/.devcontainer/Dockerfile @@ -8,6 +8,11 @@ FROM python:3.6-stretch # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -39,6 +44,14 @@ RUN apt-get update \ && curl -sSL "https://github.com/docker/compose/releases/download/1.24.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose \ && chmod +x /usr/local/bin/docker-compose \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/azure-functions-python-3/.devcontainer/devcontainer.json b/containers/azure-functions-python-3/.devcontainer/devcontainer.json index fe21a85a82..9bfad6b335 100644 --- a/containers/azure-functions-python-3/.devcontainer/devcontainer.json +++ b/containers/azure-functions-python-3/.devcontainer/devcontainer.json @@ -4,6 +4,9 @@ "dockerFile": "Dockerfile", "appPort": [ 7071 ], "runArgs": [ + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000", + "-v","/var/run/docker.sock:/var/run/docker.sock" ], diff --git a/containers/azure-machine-learning-python-3/.devcontainer/Dockerfile b/containers/azure-machine-learning-python-3/.devcontainer/Dockerfile index 187be73189..da008f905b 100644 --- a/containers/azure-machine-learning-python-3/.devcontainer/Dockerfile +++ b/containers/azure-machine-learning-python-3/.devcontainer/Dockerfile @@ -10,6 +10,11 @@ FROM continuumio/anaconda3 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -32,6 +37,14 @@ RUN apt-get update \ && apt-get update \ && apt-get install -y docker-ce-cli \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Install pylint and Azure ML SDK && /opt/conda/bin/pip install pylint azureml-sdk[notebooks,automl] 2>&1 \ # diff --git a/containers/azure-machine-learning-python-3/.devcontainer/devcontainer.json b/containers/azure-machine-learning-python-3/.devcontainer/devcontainer.json index 76c737817f..4f2e3da2c4 100644 --- a/containers/azure-machine-learning-python-3/.devcontainer/devcontainer.json +++ b/containers/azure-machine-learning-python-3/.devcontainer/devcontainer.json @@ -1,7 +1,10 @@ { - "name": "Azure Machine Learning", - "dockerFile": "Dockerfile", + "name": "Azure Machine Learning", + "dockerFile": "Dockerfile", "runArgs": [ + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000", + "-v", "/var/run/docker.sock:/var/run/docker.sock" ], @@ -12,15 +15,15 @@ // "postCreateCommand": "pip install -r requirements.txt", "extensions": [ - "ms-toolsai.vscode-ai", - "ms-azuretools.vscode-docker" - ], - "settings": { - "remote.extensionKind": { - "ms-azuretools.vscode-docker": "workspace" - }, - "python.pythonPath": "/opt/conda/bin/python", - "python.linting.pylintEnabled": true, - "python.linting.enabled": true - } + "ms-toolsai.vscode-ai", + "ms-azuretools.vscode-docker" + ], + "settings": { + "remote.extensionKind": { + "ms-azuretools.vscode-docker": "workspace" + }, + "python.pythonPath": "/opt/conda/bin/python", + "python.linting.pylintEnabled": true, + "python.linting.enabled": true + } } \ No newline at end of file diff --git a/containers/azure-terraform/.devcontainer/Dockerfile b/containers/azure-terraform/.devcontainer/Dockerfile index e5e64b1cc3..0f0f20e5fc 100644 --- a/containers/azure-terraform/.devcontainer/Dockerfile +++ b/containers/azure-terraform/.devcontainer/Dockerfile @@ -13,6 +13,11 @@ ENV DEBIAN_FRONTEND=noninteractive ARG TERRAFORM_VERSION=0.11.13 ARG TFLINT_VERSION=0.7.5 +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -62,6 +67,14 @@ RUN apt-get update \ && rm -rf /tmp/docker-downloads \ && apt-get install -y graphviz \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/azure-terraform/.devcontainer/devcontainer.json b/containers/azure-terraform/.devcontainer/devcontainer.json index 6603986eda..4e66b46233 100644 --- a/containers/azure-terraform/.devcontainer/devcontainer.json +++ b/containers/azure-terraform/.devcontainer/devcontainer.json @@ -5,6 +5,9 @@ // Uncomment the next line if you will use a ptrace-based debugger like C++, Go, and Rust. // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000", + "-v", "/var/run/docker.sock:/var/run/docker.sock" ], diff --git a/containers/bazel/.devcontainer/Dockerfile b/containers/bazel/.devcontainer/Dockerfile index 45f77a7a9d..587cdfe4c7 100644 --- a/containers/bazel/.devcontainer/Dockerfile +++ b/containers/bazel/.devcontainer/Dockerfile @@ -11,6 +11,11 @@ ENV DEBIAN_FRONTEND=noninteractive ENV BAZEL_VERSION=0.25.2 ENV BAZEL_SHA256=5b9ab8a68c53421256909f79c47bde76a051910217531cbf35ee995448254fa7 +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -30,6 +35,14 @@ RUN apt-get update \ '\ >> $HOME/.bashrc \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/bazel/.devcontainer/devcontainer.json b/containers/bazel/.devcontainer/devcontainer.json index 8945618164..5cdfed6304 100644 --- a/containers/bazel/.devcontainer/devcontainer.json +++ b/containers/bazel/.devcontainer/devcontainer.json @@ -2,8 +2,14 @@ "name": "Bazel", "dockerFile": "Dockerfile", - // Uncomment the next line if you will use a ptrace-based debugger like C++, Go, and Rust. - // "runArgs": [ "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ] + // The optional 'runArgs' property can be used to specify additional runtime arguments. + "runArgs": [ + // Uncomment the line if you will use a ptrace-based debugger like C++, Go, and Rust. + // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined", + + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000" + ], // Uncomment the next line if you want to publish any ports. // "appPort": [], diff --git a/containers/cpp/.devcontainer/Dockerfile b/containers/cpp/.devcontainer/Dockerfile index b378552486..94cbcd62a8 100644 --- a/containers/cpp/.devcontainer/Dockerfile +++ b/containers/cpp/.devcontainer/Dockerfile @@ -8,6 +8,11 @@ FROM debian:9 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -18,6 +23,14 @@ RUN apt-get update \ # Install C++ tools && apt-get -y install build-essential cmake cppcheck valgrind \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/cpp/.devcontainer/devcontainer.json b/containers/cpp/.devcontainer/devcontainer.json index 9dc807852a..2a7f333aee 100644 --- a/containers/cpp/.devcontainer/devcontainer.json +++ b/containers/cpp/.devcontainer/devcontainer.json @@ -2,8 +2,10 @@ "name": "C++", "dockerFile": "Dockerfile", "runArgs": [ - "--cap-add=SYS_PTRACE", - "--security-opt", "seccomp=unconfined" + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000", + + "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ], // Uncomment the next line if you want to publish any ports. @@ -15,6 +17,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "gcc -v", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-vscode.cpptools" ] diff --git a/containers/dart/.devcontainer/Dockerfile b/containers/dart/.devcontainer/Dockerfile index ce991df1c9..f7350fce1f 100644 --- a/containers/dart/.devcontainer/Dockerfile +++ b/containers/dart/.devcontainer/Dockerfile @@ -11,6 +11,11 @@ ENV DEBIAN_FRONTEND=noninteractive # Add bin location to path ENV PATH="$PATH":"/root/.pub-cache/bin" +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -18,6 +23,14 @@ RUN apt-get update \ # Verify git, process tools, lsb-release (common in install instructions for CLIs) installed && apt-get -y install git procps lsb-release \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/dart/.devcontainer/devcontainer.json b/containers/dart/.devcontainer/devcontainer.json index 6c9bf141ae..15bc977921 100644 --- a/containers/dart/.devcontainer/devcontainer.json +++ b/containers/dart/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "uname -a", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "dart-code.dart-code" ] diff --git a/containers/debian-9-git/.devcontainer/Dockerfile b/containers/debian-9-git/.devcontainer/Dockerfile index 9ba0d7a3d7..66387aac4e 100644 --- a/containers/debian-9-git/.devcontainer/Dockerfile +++ b/containers/debian-9-git/.devcontainer/Dockerfile @@ -7,6 +7,11 @@ FROM debian:9 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -14,6 +19,14 @@ RUN apt-get update \ # Verify git, process tools, lsb-release (common in install instructions for CLIs) installed && apt-get -y install git procps lsb-release \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/debian-9-git/.devcontainer/devcontainer.json b/containers/debian-9-git/.devcontainer/devcontainer.json index 3ab3e4cdb5..fa07227214 100644 --- a/containers/debian-9-git/.devcontainer/devcontainer.json +++ b/containers/debian-9-git/.devcontainer/devcontainer.json @@ -1,9 +1,14 @@ { "name": "Debian 9 & Git", "dockerFile": "Dockerfile", + // The optional 'runArgs' property can be used to specify additional runtime arguments. + "runArgs": [ + // Uncomment the line if you will use a ptrace-based debugger like C++, Go, and Rust. + // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined", - // Uncomment the next line if you will use a ptrace-based debugger like C++, Go, and Rust. - // "runArgs": [ "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ], + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000" + ], // Uncomment the next line if you want to publish any ports. // "appPort": [], diff --git a/containers/docker-existing-docker-compose/.devcontainer/docker-compose.yml b/containers/docker-existing-docker-compose/.devcontainer/docker-compose.yml index 5d83caf646..6b3574c520 100644 --- a/containers/docker-existing-docker-compose/.devcontainer/docker-compose.yml +++ b/containers/docker-existing-docker-compose/.devcontainer/docker-compose.yml @@ -7,6 +7,9 @@ version: '3' services: # Update this to the name of the service you want to work with in your docker-compose.yml file your-service-name-here: + # Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + # user: 1000 + # Uncomment if you want to add a different Dockerfile in the .devcontainer folder # build: # context: . diff --git a/containers/docker-existing-dockerfile/.devcontainer/devcontainer.json b/containers/docker-existing-dockerfile/.devcontainer/devcontainer.json index 6cfa366059..3a40fd57e2 100644 --- a/containers/docker-existing-dockerfile/.devcontainer/devcontainer.json +++ b/containers/docker-existing-dockerfile/.devcontainer/devcontainer.json @@ -15,6 +15,9 @@ // Uncomment the next line if you will be using a ptrace-based debugger like C++, Go, and Rust. // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" + + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000" ], // Uncomment the next line if you want to publish any ports. diff --git a/containers/docker-in-docker-compose/.devcontainer/Dockerfile b/containers/docker-in-docker-compose/.devcontainer/Dockerfile index 4404701a91..4f92f4cc9d 100644 --- a/containers/docker-in-docker-compose/.devcontainer/Dockerfile +++ b/containers/docker-in-docker-compose/.devcontainer/Dockerfile @@ -12,6 +12,11 @@ ENV DEBIAN_FRONTEND=noninteractive # Docker Compose version ARG COMPOSE_VERSION=1.24.0 +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -30,6 +35,14 @@ RUN apt-get update \ && curl -sSL "https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose \ && chmod +x /usr/local/bin/docker-compose \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/docker-in-docker-compose/.devcontainer/docker-compose.yml b/containers/docker-in-docker-compose/.devcontainer/docker-compose.yml index 4e2f12a06f..400be59e9b 100644 --- a/containers/docker-in-docker-compose/.devcontainer/docker-compose.yml +++ b/containers/docker-in-docker-compose/.devcontainer/docker-compose.yml @@ -6,6 +6,9 @@ version: '3' services: docker-in-docker: + # Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + # user: 1000 + build: context: . dockerfile: Dockerfile diff --git a/containers/docker-in-docker/.devcontainer/Dockerfile b/containers/docker-in-docker/.devcontainer/Dockerfile index 739754a1e1..d7c325f5dc 100644 --- a/containers/docker-in-docker/.devcontainer/Dockerfile +++ b/containers/docker-in-docker/.devcontainer/Dockerfile @@ -13,6 +13,11 @@ ENV DEBIAN_FRONTEND=noninteractive # Docker Compose version ARG COMPOSE_VERSION=1.24.0 +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -31,6 +36,14 @@ RUN apt-get update \ && curl -sSL "https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose \ && chmod +x /usr/local/bin/docker-compose \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/dotnetcore-2.1-fsharp/.devcontainer/Dockerfile b/containers/dotnetcore-2.1-fsharp/.devcontainer/Dockerfile index 36220a345a..c70d137f52 100644 --- a/containers/dotnetcore-2.1-fsharp/.devcontainer/Dockerfile +++ b/containers/dotnetcore-2.1-fsharp/.devcontainer/Dockerfile @@ -8,6 +8,11 @@ FROM mcr.microsoft.com/dotnet/core/sdk:2.1 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -18,6 +23,14 @@ RUN apt-get update \ # Install F# && apt-get install -y fsharp \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/dotnetcore-2.1-fsharp/.devcontainer/devcontainer.json b/containers/dotnetcore-2.1-fsharp/.devcontainer/devcontainer.json index 5add94a759..6e93375c76 100644 --- a/containers/dotnetcore-2.1-fsharp/.devcontainer/devcontainer.json +++ b/containers/dotnetcore-2.1-fsharp/.devcontainer/devcontainer.json @@ -8,6 +8,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "dotnet restore", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "Ionide.Ionide-fsharp", "ms-vscode.csharp" diff --git a/containers/dotnetcore-2.1/.devcontainer/Dockerfile b/containers/dotnetcore-2.1/.devcontainer/Dockerfile index bbaa0a33d4..f4d59a6a97 100644 --- a/containers/dotnetcore-2.1/.devcontainer/Dockerfile +++ b/containers/dotnetcore-2.1/.devcontainer/Dockerfile @@ -8,6 +8,11 @@ FROM mcr.microsoft.com/dotnet/core/sdk:2.1 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -15,6 +20,14 @@ RUN apt-get update \ # Verify git, process tools, lsb-release (common in install instructions for CLIs) installed && apt-get -y install git procps lsb-release \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/dotnetcore-2.1/.devcontainer/devcontainer.json b/containers/dotnetcore-2.1/.devcontainer/devcontainer.json index bc5f03edd9..80bdab377c 100644 --- a/containers/dotnetcore-2.1/.devcontainer/devcontainer.json +++ b/containers/dotnetcore-2.1/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "dotnet restore" + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-vscode.csharp" ] diff --git a/containers/dotnetcore-latest-fsharp/.devcontainer/Dockerfile b/containers/dotnetcore-latest-fsharp/.devcontainer/Dockerfile index 42700552e1..72e18ccb6e 100644 --- a/containers/dotnetcore-latest-fsharp/.devcontainer/Dockerfile +++ b/containers/dotnetcore-latest-fsharp/.devcontainer/Dockerfile @@ -8,6 +8,11 @@ FROM mcr.microsoft.com/dotnet/core/sdk:latest # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -18,6 +23,14 @@ RUN apt-get update \ # Install F# && apt-get install -y fsharp \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/dotnetcore-latest-fsharp/.devcontainer/devcontainer.json b/containers/dotnetcore-latest-fsharp/.devcontainer/devcontainer.json index 44d7680397..340f5e2977 100644 --- a/containers/dotnetcore-latest-fsharp/.devcontainer/devcontainer.json +++ b/containers/dotnetcore-latest-fsharp/.devcontainer/devcontainer.json @@ -8,6 +8,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "dotnet restore", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "Ionide.Ionide-fsharp", "ms-vscode.csharp" diff --git a/containers/dotnetcore-latest/.devcontainer/Dockerfile b/containers/dotnetcore-latest/.devcontainer/Dockerfile index fe619a34c0..c9846487ae 100644 --- a/containers/dotnetcore-latest/.devcontainer/Dockerfile +++ b/containers/dotnetcore-latest/.devcontainer/Dockerfile @@ -8,6 +8,11 @@ FROM mcr.microsoft.com/dotnet/core/sdk:latest # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -15,6 +20,14 @@ RUN apt-get update \ # Verify git, process tools, lsb-release (common in install instructions for CLIs) installed && apt-get -y install git procps lsb-release \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/dotnetcore-latest/.devcontainer/devcontainer.json b/containers/dotnetcore-latest/.devcontainer/devcontainer.json index e7a9f46f6b..766ef5a921 100644 --- a/containers/dotnetcore-latest/.devcontainer/devcontainer.json +++ b/containers/dotnetcore-latest/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "dotnet restore", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-vscode.csharp" ] diff --git a/containers/elm/.devcontainer/Dockerfile b/containers/elm/.devcontainer/Dockerfile index 655901a789..cb427e5b20 100644 --- a/containers/elm/.devcontainer/Dockerfile +++ b/containers/elm/.devcontainer/Dockerfile @@ -11,6 +11,10 @@ ENV DEBIAN_FRONTEND=noninteractive # Configuring Elm version ARG ELM_VERSION=0.19.0 +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID # Configure apt and install packages RUN apt-get update \ @@ -23,6 +27,14 @@ RUN apt-get update \ # Install elm globally && wget -O - https://github.com/elm/compiler/releases/download/${ELM_VERSION}/binary-for-linux-64-bit.gz | gunzip -c > /usr/local/bin/elm && chmod +x /usr/local/bin/elm \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/elm/.devcontainer/devcontainer.json b/containers/elm/.devcontainer/devcontainer.json index 03e781e425..1062dd3a9c 100644 --- a/containers/elm/.devcontainer/devcontainer.json +++ b/containers/elm/.devcontainer/devcontainer.json @@ -12,6 +12,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "elm make", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "sbrink.elm" ] diff --git a/containers/go/.devcontainer/Dockerfile b/containers/go/.devcontainer/Dockerfile index b3ef7f92bf..e6383fac31 100644 --- a/containers/go/.devcontainer/Dockerfile +++ b/containers/go/.devcontainer/Dockerfile @@ -8,6 +8,11 @@ FROM golang:1 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt, install packages and tools RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -46,6 +51,14 @@ RUN apt-get update \ github.com/mgechev/revive \ github.com/derekparker/delve/cmd/dlv 2>&1 \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/go/.devcontainer/devcontainer.json b/containers/go/.devcontainer/devcontainer.json index f7f4a6f75f..d6f378f987 100644 --- a/containers/go/.devcontainer/devcontainer.json +++ b/containers/go/.devcontainer/devcontainer.json @@ -2,8 +2,10 @@ "name": "Go", "dockerFile": "Dockerfile", "runArgs": [ - "--cap-add=SYS_PTRACE", - "--security-opt", "seccomp=unconfined" + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000", + + "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ], // Uncomment the next line if you want to publish any ports. @@ -12,6 +14,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "go version", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-vscode.go" ], diff --git a/containers/java-11/.devcontainer/devcontainer.json b/containers/java-11/.devcontainer/devcontainer.json index be775b6b10..eac19f3e38 100644 --- a/containers/java-11/.devcontainer/devcontainer.json +++ b/containers/java-11/.devcontainer/devcontainer.json @@ -8,6 +8,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "java -version", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "vscjava.vscode-java-pack" ], diff --git a/containers/java-12/.devcontainer/devcontainer.json b/containers/java-12/.devcontainer/devcontainer.json index dad13a38c3..7fd9b223ad 100644 --- a/containers/java-12/.devcontainer/devcontainer.json +++ b/containers/java-12/.devcontainer/devcontainer.json @@ -8,6 +8,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "java -version", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "vscjava.vscode-java-pack" ], diff --git a/containers/java-8-tomcat-8.5/.devcontainer/devcontainer.json b/containers/java-8-tomcat-8.5/.devcontainer/devcontainer.json index 3dd6f10e23..38c7de1b9a 100644 --- a/containers/java-8-tomcat-8.5/.devcontainer/devcontainer.json +++ b/containers/java-8-tomcat-8.5/.devcontainer/devcontainer.json @@ -8,6 +8,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "java -version", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "vscjava.vscode-java-pack", "adashen.vscode-tomcat" diff --git a/containers/java-8/.devcontainer/Dockerfile b/containers/java-8/.devcontainer/Dockerfile index 004da059d8..b60efa5e12 100644 --- a/containers/java-8/.devcontainer/Dockerfile +++ b/containers/java-8/.devcontainer/Dockerfile @@ -5,13 +5,26 @@ FROM openjdk:8-jdk +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt ENV DEBIAN_FRONTEND=noninteractive RUN apt-get update \ - && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 - -# Verify git, needed tools installed -RUN apt-get -y install git procps curl lsb-release + && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ + # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # + # Verify git, needed tools installed + && apt-get -y install git procps curl lsb-release #-------------------Uncomment the following steps to install Maven CLI Tools---------------------------------- # ARG MAVEN_VERSION=3.6.1 diff --git a/containers/java-8/.devcontainer/devcontainer.json b/containers/java-8/.devcontainer/devcontainer.json index 76a0194ead..8f7d95cd1d 100644 --- a/containers/java-8/.devcontainer/devcontainer.json +++ b/containers/java-8/.devcontainer/devcontainer.json @@ -8,6 +8,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "java -version", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "vscjava.vscode-java-pack" ], diff --git a/containers/javascript-node-8/.devcontainer/Dockerfile b/containers/javascript-node-8/.devcontainer/Dockerfile index 613e900348..f896e73af2 100644 --- a/containers/javascript-node-8/.devcontainer/Dockerfile +++ b/containers/javascript-node-8/.devcontainer/Dockerfile @@ -8,6 +8,13 @@ FROM node:8 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# The node image comes with a base non-root 'node' user, so the alternate +# user here is primarily for Linux scenarios where you need to match your local +# user UID/GID. See https://aka.ms/vscode-remote/containers/non-root-user. +ARG USERNAME=vscode +ARG USER_UID=1001 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -29,6 +36,16 @@ RUN apt-get update \ # Install eslint globally && npm install -g eslint \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && echo "$USER_UID" \ + && if [ "$USER_GID" != "1000" ]; then groupadd --gid $USER_GID $USERNAME; fi \ + && if [ "$USER_UID" != "1000" ]; then useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME; fi \ + # [Optional] Uncomment the next four lines to add sudo support + # && apt-get install -y sudo \ + # && if [ "$USER_UID" != "1000" ]; then echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME; fi \ + # && echo node ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/node \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/javascript-node-8/.devcontainer/devcontainer.json b/containers/javascript-node-8/.devcontainer/devcontainer.json index c91ec052e7..f59c088773 100644 --- a/containers/javascript-node-8/.devcontainer/devcontainer.json +++ b/containers/javascript-node-8/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "yarn install", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "dbaeumer.vscode-eslint" ] diff --git a/containers/javascript-node-lts-mongo/.devcontainer/Dockerfile b/containers/javascript-node-lts-mongo/.devcontainer/Dockerfile index a690abe313..8e715a280b 100644 --- a/containers/javascript-node-lts-mongo/.devcontainer/Dockerfile +++ b/containers/javascript-node-lts-mongo/.devcontainer/Dockerfile @@ -8,6 +8,13 @@ FROM node:lts # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# The node image comes with a base non-root 'node' user, so the alternate +# user here is primarily for Linux scenarios where you need to match your local +# user UID/GID. See https://aka.ms/vscode-remote/containers/non-root-user. +ARG USERNAME=vscode +ARG USER_UID=1001 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -29,6 +36,15 @@ RUN apt-get update \ # Install eslint globally && npm install -g eslint \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && if [ "$USER_GID" != "1000" ]; then groupadd --gid $USER_GID $USERNAME; fi \ + && if [ "$USER_UID" != "1000" ]; then useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME; fi \ + # [Optional] Uncomment the next four lines to add sudo support + # && apt-get install -y sudo \ + # && if [ "$USER_UID" != "1000" ]; then echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME; fi \ + # && echo node ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/node \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/javascript-node-lts-mongo/.devcontainer/docker-compose.yml b/containers/javascript-node-lts-mongo/.devcontainer/docker-compose.yml index 51cb42d7b7..cc3dfe1ba5 100644 --- a/containers/javascript-node-lts-mongo/.devcontainer/docker-compose.yml +++ b/containers/javascript-node-lts-mongo/.devcontainer/docker-compose.yml @@ -6,6 +6,9 @@ version: '3' services: web: + # Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + # user: 1000 + build: context: . dockerfile: Dockerfile diff --git a/containers/javascript-node-lts-postgres/.devcontainer/Dockerfile b/containers/javascript-node-lts-postgres/.devcontainer/Dockerfile index 4c89fb0f13..a57eb91c45 100644 --- a/containers/javascript-node-lts-postgres/.devcontainer/Dockerfile +++ b/containers/javascript-node-lts-postgres/.devcontainer/Dockerfile @@ -8,6 +8,13 @@ FROM node:lts # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# The node image comes with a base non-root 'node' user, so the alternate +# user here is primarily for Linux scenarios where you need to match your local +# user UID/GID. See https://aka.ms/vscode-remote/containers/non-root-user. +ARG USERNAME=vscode +ARG USER_UID=1001 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -29,6 +36,15 @@ RUN apt-get update \ # Install eslint globally && npm install -g eslint \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && if [ "$USER_GID" != "1000" ]; then groupadd --gid $USER_GID $USERNAME; fi \ + && if [ "$USER_UID" != "1000" ]; then useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME; fi \ + # [Optional] Uncomment the next four lines to add sudo support + # && apt-get install -y sudo \ + # && if [ "$USER_UID" != "1000" ]; then echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME; fi \ + # && echo node ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/node \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/javascript-node-lts-postgres/.devcontainer/docker-compose.yml b/containers/javascript-node-lts-postgres/.devcontainer/docker-compose.yml index 552915bb6e..2937be1c04 100644 --- a/containers/javascript-node-lts-postgres/.devcontainer/docker-compose.yml +++ b/containers/javascript-node-lts-postgres/.devcontainer/docker-compose.yml @@ -6,6 +6,9 @@ version: '3' services: web: + # Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + # user: 1000 + build: context: . dockerfile: Dockerfile diff --git a/containers/javascript-node-lts/.devcontainer/Dockerfile b/containers/javascript-node-lts/.devcontainer/Dockerfile index a690abe313..8e715a280b 100644 --- a/containers/javascript-node-lts/.devcontainer/Dockerfile +++ b/containers/javascript-node-lts/.devcontainer/Dockerfile @@ -8,6 +8,13 @@ FROM node:lts # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# The node image comes with a base non-root 'node' user, so the alternate +# user here is primarily for Linux scenarios where you need to match your local +# user UID/GID. See https://aka.ms/vscode-remote/containers/non-root-user. +ARG USERNAME=vscode +ARG USER_UID=1001 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -29,6 +36,15 @@ RUN apt-get update \ # Install eslint globally && npm install -g eslint \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && if [ "$USER_GID" != "1000" ]; then groupadd --gid $USER_GID $USERNAME; fi \ + && if [ "$USER_UID" != "1000" ]; then useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME; fi \ + # [Optional] Uncomment the next four lines to add sudo support + # && apt-get install -y sudo \ + # && if [ "$USER_UID" != "1000" ]; then echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME; fi \ + # && echo node ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/node \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/javascript-node-lts/.devcontainer/devcontainer.json b/containers/javascript-node-lts/.devcontainer/devcontainer.json index 24e77248cd..ff2a6b3dd2 100644 --- a/containers/javascript-node-lts/.devcontainer/devcontainer.json +++ b/containers/javascript-node-lts/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "yarn install", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "dbaeumer.vscode-eslint" ] diff --git a/containers/kubernetes-helm/.devcontainer/Dockerfile b/containers/kubernetes-helm/.devcontainer/Dockerfile index eb2133f1b0..143759a338 100644 --- a/containers/kubernetes-helm/.devcontainer/Dockerfile +++ b/containers/kubernetes-helm/.devcontainer/Dockerfile @@ -9,6 +9,11 @@ FROM debian:9 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -50,6 +55,14 @@ RUN apt-get update \ fi' \ >> $HOME/.bashrc \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/kubernetes-helm/.devcontainer/devcontainer.json b/containers/kubernetes-helm/.devcontainer/devcontainer.json index 5d2b4b3be9..e43d26de60 100644 --- a/containers/kubernetes-helm/.devcontainer/devcontainer.json +++ b/containers/kubernetes-helm/.devcontainer/devcontainer.json @@ -5,6 +5,9 @@ // Uncomment the next line if you will use a ptrace-based debugger like C++, Go, and Rust. // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000", + "--mount", "type=bind,source=/var/run/docker.sock,target=/var/run/docker.sock", "--mount", "type=bind,source=${env:HOME}${env:USERPROFILE}/.kube,target=/root/.kube-localhost", diff --git a/containers/markdown/.devcontainer/Dockerfile b/containers/markdown/.devcontainer/Dockerfile index f5cf4d1422..7ded188e9e 100644 --- a/containers/markdown/.devcontainer/Dockerfile +++ b/containers/markdown/.devcontainer/Dockerfile @@ -8,6 +8,11 @@ FROM debian:9 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ # @@ -17,6 +22,14 @@ RUN apt-get update \ # Verify git and needed tools are installed && apt-get install -y git procps lsb-release \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/markdown/.devcontainer/devcontainer.json b/containers/markdown/.devcontainer/devcontainer.json index cb97aeda2d..468ff652a7 100644 --- a/containers/markdown/.devcontainer/devcontainer.json +++ b/containers/markdown/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "uname -a" + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "yzhang.markdown-all-in-one", "streetsidesoftware.code-spell-checker", diff --git a/containers/perl/.devcontainer/devcontainer.json b/containers/perl/.devcontainer/devcontainer.json index f938eedca3..254da5fa33 100644 --- a/containers/perl/.devcontainer/devcontainer.json +++ b/containers/perl/.devcontainer/devcontainer.json @@ -2,8 +2,10 @@ "name": "Perl", "dockerFile": "Dockerfile", "runArgs": [ - "--cap-add=SYS_PTRACE", - "--security-opt", "seccomp=unconfined" + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000", + + "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ], // Uncomment the next line if you want to publish any ports. @@ -15,6 +17,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "perl -v", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "mortenhenriksen.perl-debug", "d9705996.perl-toolbox" diff --git a/containers/php-7/.devcontainer/devcontainer.json b/containers/php-7/.devcontainer/devcontainer.json index 9c7cb5ac53..0a91ae8b04 100644 --- a/containers/php-7/.devcontainer/devcontainer.json +++ b/containers/php-7/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "php -v", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "felixfbecker.php-debug", "felixfbecker.php-intellisense" diff --git a/containers/plantuml/.devcontainer/devcontainer.json b/containers/plantuml/.devcontainer/devcontainer.json index bd4f08d338..caf22179c0 100644 --- a/containers/plantuml/.devcontainer/devcontainer.json +++ b/containers/plantuml/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "java -version", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "jebbs.plantuml" ] diff --git a/containers/powershell/.devcontainer/devcontainer.json b/containers/powershell/.devcontainer/devcontainer.json index f2fd532edc..e08e20e547 100644 --- a/containers/powershell/.devcontainer/devcontainer.json +++ b/containers/powershell/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. This gets run in bash which is why we call `pwsh`. // "postCreateCommand": "pwsh -c '$PSVersionTable'", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-vscode.powershell" ] diff --git a/containers/puppet/.devcontainer/devcontainer.json b/containers/puppet/.devcontainer/devcontainer.json index bda24e4074..cf2af04a0b 100644 --- a/containers/puppet/.devcontainer/devcontainer.json +++ b/containers/puppet/.devcontainer/devcontainer.json @@ -11,8 +11,11 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "pdk --version", - "extensions": [ - "jpogran.puppet-vscode", - "rebornix.Ruby" - ] + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + + "extensions": [ + "jpogran.puppet-vscode", + "rebornix.Ruby" + ] } diff --git a/containers/python-2/.devcontainer/devcontainer.json b/containers/python-2/.devcontainer/devcontainer.json index cf4a63e84b..4637b7d0a6 100644 --- a/containers/python-2/.devcontainer/devcontainer.json +++ b/containers/python-2/.devcontainer/devcontainer.json @@ -9,6 +9,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "java -version", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-python.python" ], diff --git a/containers/python-3-anaconda/.devcontainer/devcontainer.json b/containers/python-3-anaconda/.devcontainer/devcontainer.json index 06e70c4fec..ae20437a69 100644 --- a/containers/python-3-anaconda/.devcontainer/devcontainer.json +++ b/containers/python-3-anaconda/.devcontainer/devcontainer.json @@ -9,6 +9,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "python --version", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-python.python" ], diff --git a/containers/python-3-miniconda/.devcontainer/devcontainer.json b/containers/python-3-miniconda/.devcontainer/devcontainer.json index 1cdba66fd1..3012f699f2 100644 --- a/containers/python-3-miniconda/.devcontainer/devcontainer.json +++ b/containers/python-3-miniconda/.devcontainer/devcontainer.json @@ -9,6 +9,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "python --version", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-python.python" ], diff --git a/containers/python-3-postgres/.devcontainer/docker-compose.yml b/containers/python-3-postgres/.devcontainer/docker-compose.yml index 5276c3a52a..00aab4b469 100644 --- a/containers/python-3-postgres/.devcontainer/docker-compose.yml +++ b/containers/python-3-postgres/.devcontainer/docker-compose.yml @@ -2,6 +2,9 @@ version: '3' services: app: + # Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + # user: 1000 + build: context: .. dockerfile: .devcontainer/Dockerfile diff --git a/containers/python-3/.devcontainer/devcontainer.json b/containers/python-3/.devcontainer/devcontainer.json index 527ae81f81..473993657a 100644 --- a/containers/python-3/.devcontainer/devcontainer.json +++ b/containers/python-3/.devcontainer/devcontainer.json @@ -9,6 +9,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "python --version", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-python.python" ], diff --git a/containers/r/.devcontainer/devcontainer.json b/containers/r/.devcontainer/devcontainer.json index cadf4b77e9..2511352379 100644 --- a/containers/r/.devcontainer/devcontainer.json +++ b/containers/r/.devcontainer/devcontainer.json @@ -2,8 +2,10 @@ "name": "R", "dockerFile": "Dockerfile", "runArgs": [ - "--cap-add=SYS_PTRACE", - "--security-opt", "seccomp=unconfined" + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000", + + "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ], // Uncomment the next line if you want to publish any ports. @@ -11,8 +13,12 @@ // Uncomment the next line if you want to add in default container specific settings.json values // "settings": { "workbench.colorTheme": "Quiet Light" }, - - "postCreateCommand": "R --version", + + // Uncomment the next line to run commands after the container is created. + // "postCreateCommand": "R --version", + + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], "extensions": [ "ikuyadeu.r", diff --git a/containers/ruby-2-rails-5/.devcontainer/devcontainer.json b/containers/ruby-2-rails-5/.devcontainer/devcontainer.json index 60e217ae8f..2917c53882 100644 --- a/containers/ruby-2-rails-5/.devcontainer/devcontainer.json +++ b/containers/ruby-2-rails-5/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "cd ${input:projectName} && bundle install", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "rebornix.Ruby" ] diff --git a/containers/ruby-2-sinatra/.devcontainer/devcontainer.json b/containers/ruby-2-sinatra/.devcontainer/devcontainer.json index f693b77ebc..d6dfa77e8d 100644 --- a/containers/ruby-2-sinatra/.devcontainer/devcontainer.json +++ b/containers/ruby-2-sinatra/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "rebornix.Ruby" ] diff --git a/containers/ruby-2/.devcontainer/devcontainer.json b/containers/ruby-2/.devcontainer/devcontainer.json index 9ef34351b0..6c6964bc8f 100644 --- a/containers/ruby-2/.devcontainer/devcontainer.json +++ b/containers/ruby-2/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "ruby --version", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "rebornix.Ruby" ] diff --git a/containers/rust/.devcontainer/devcontainer.json b/containers/rust/.devcontainer/devcontainer.json index fd17882fc5..d78ddb62b3 100644 --- a/containers/rust/.devcontainer/devcontainer.json +++ b/containers/rust/.devcontainer/devcontainer.json @@ -2,10 +2,13 @@ "name": "Rust", "dockerFile": "Dockerfile", "runArgs": [ - "--cap-add=SYS_PTRACE", - "--security-opt", "seccomp=unconfined" + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000", + + "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ], + // Uncomment the next line if you want to publish any ports. // "appPort": [], diff --git a/containers/swift-4/.devcontainer/devcontainer.json b/containers/swift-4/.devcontainer/devcontainer.json index 87b59a18d8..fbddb791c5 100644 --- a/containers/swift-4/.devcontainer/devcontainer.json +++ b/containers/swift-4/.devcontainer/devcontainer.json @@ -2,9 +2,10 @@ "name": "Swift 4", "dockerFile": "Dockerfile", "runArgs": [ - "--cap-add=SYS_PTRACE", - "--security-opt", - "seccomp=unconfined" + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000", + + "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ], // Uncomment the next line if you want to publish any ports. diff --git a/containers/typescript-node-8/.devcontainer/Dockerfile b/containers/typescript-node-8/.devcontainer/Dockerfile index a159ac8c0e..209700f583 100644 --- a/containers/typescript-node-8/.devcontainer/Dockerfile +++ b/containers/typescript-node-8/.devcontainer/Dockerfile @@ -8,6 +8,13 @@ FROM node:8 # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# The node image comes with a base non-root 'node' user, so the alternate +# user here is primarily for Linux scenarios where you need to match your local +# user UID/GID. See https://aka.ms/vscode-remote/containers/non-root-user. +ARG USERNAME=vscode +ARG USER_UID=1001 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -29,6 +36,15 @@ RUN apt-get update \ # Install tslint and typescript globally && npm install -g tslint typescript \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && if [ "$USER_GID" != "1000" ]; then groupadd --gid $USER_GID $USERNAME; fi \ + && if [ "$USER_UID" != "1000" ]; then useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME; fi \ + # [Optional] Uncomment the next four lines to add sudo support + # && apt-get install -y sudo \ + # && if [ "$USER_UID" != "1000" ]; then echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME; fi \ + # && echo node ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/node \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/typescript-node-8/.devcontainer/devcontainer.json b/containers/typescript-node-8/.devcontainer/devcontainer.json index e06bbcda70..409e0de28f 100644 --- a/containers/typescript-node-8/.devcontainer/devcontainer.json +++ b/containers/typescript-node-8/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "yarn install", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-vscode.vscode-typescript-tslint-plugin" ] diff --git a/containers/typescript-node-lts/.devcontainer/Dockerfile b/containers/typescript-node-lts/.devcontainer/Dockerfile index 3f53406e44..47204be7cd 100644 --- a/containers/typescript-node-lts/.devcontainer/Dockerfile +++ b/containers/typescript-node-lts/.devcontainer/Dockerfile @@ -8,6 +8,13 @@ FROM node:lts # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# The node image comes with a base non-root 'node' user, so the alternate +# user here is primarily for Linux scenarios where you need to match your local +# user UID/GID. See https://aka.ms/vscode-remote/containers/non-root-user. +ARG USERNAME=vscode +ARG USER_UID=1001 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -29,6 +36,15 @@ RUN apt-get update \ # Install tslint and typescript globally && npm install -g tslint typescript \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && if [ "$USER_GID" != "1000" ]; then groupadd --gid $USER_GID $USERNAME; fi \ + && if [ "$USER_UID" != "1000" ]; then useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME; fi \ + # [Optional] Uncomment the next four lines to add sudo support + # && apt-get install -y sudo \ + # && if [ "$USER_UID" != "1000" ]; then echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME; fi \ + # && echo node ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/node \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/typescript-node-lts/.devcontainer/devcontainer.json b/containers/typescript-node-lts/.devcontainer/devcontainer.json index e6e1dd704e..65bc562f78 100644 --- a/containers/typescript-node-lts/.devcontainer/devcontainer.json +++ b/containers/typescript-node-lts/.devcontainer/devcontainer.json @@ -11,6 +11,9 @@ // Uncomment the next line to run commands after the container is created. // "postCreateCommand": "yarn install", + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "runArgs": [ "-u", "1000" ], + "extensions": [ "ms-vscode.vscode-typescript-tslint-plugin" ] diff --git a/containers/ubuntu-18.04-git/.devcontainer/Dockerfile b/containers/ubuntu-18.04-git/.devcontainer/Dockerfile index f64ca3c100..2957bd9faa 100644 --- a/containers/ubuntu-18.04-git/.devcontainer/Dockerfile +++ b/containers/ubuntu-18.04-git/.devcontainer/Dockerfile @@ -7,6 +7,11 @@ FROM ubuntu:bionic # Avoid warnings by switching to noninteractive ENV DEBIAN_FRONTEND=noninteractive +# Or your actual UID, GID on Linux if not the default 1000 +ARG USERNAME=vscode +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # Configure apt and install packages RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \ @@ -14,6 +19,14 @@ RUN apt-get update \ # Verify git, process tools, lsb-release (common in install instructions for CLIs) installed && apt-get -y install git procps lsb-release \ # + # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. + && groupadd --gid $USER_GID $USERNAME \ + && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \ + # [Optional] Uncomment the next three lines to add sudo support + # && apt-get install -y sudo \ + # && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ + # && chmod 0440 /etc/sudoers.d/$USERNAME \ + # # Clean up && apt-get autoremove -y \ && apt-get clean -y \ diff --git a/containers/ubuntu-18.04-git/.devcontainer/devcontainer.json b/containers/ubuntu-18.04-git/.devcontainer/devcontainer.json index 27a6ce2bb0..3bf4318083 100644 --- a/containers/ubuntu-18.04-git/.devcontainer/devcontainer.json +++ b/containers/ubuntu-18.04-git/.devcontainer/devcontainer.json @@ -1,9 +1,14 @@ { "name": "Ubuntu 18.04 & Git", "dockerFile": "Dockerfile", - - // Uncomment the next line if you will use a ptrace-based debugger like C++, Go, and Rust. - // "runArgs": [ "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ], + // The optional 'runArgs' property can be used to specify additional runtime arguments. + "runArgs": [ + // Uncomment the line if you will use a ptrace-based debugger like C++, Go, and Rust. + // "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined", + + // Uncomment the next line to use a non-root user. See https://aka.ms/vscode-remote/containers/non-root-user. + // "-u", "1000" + ], // Uncomment the next line if you want to publish any ports. // "appPort": [],