Skip to content

Instantly share code, notes, and snippets.

@MateuszKubuszok
Created September 26, 2018 11:07
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save MateuszKubuszok/096962fa5cc42d8d69ac9002472021a1 to your computer and use it in GitHub Desktop.
Docker without root owning all files created outside
version: '3.2'
services:
build:
context: .
dockerfile: Dockerfile
restart: "no"
environment:
LOCAL_USER_ID: $USER_ID
LOCAL_USER: $USER
volumes:
- "$HOME:/home/$USER:z"
- ".:/build:z"
FROM anapsix/alpine-java:8_jdk
RUN apk add su-exec
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
WORKDIR /build
CMD ["sh"]
#!/bin/bash
export USER_ID=${LOCAL_USER_ID}
export USER=$LOCAL_USER
echo "Starting with UID : $USER_ID : $USER"
/usr/sbin/adduser -s /bin/zsh -u $USER_ID -h /home/$USER -D $USER
export HOME=/home/$USER
/sbin/su-exec "$USER" "$@"
# ensure that both $USER and $USER_ID are set
alias docker-compose="USER_ID=`id -u $USER` docker-compose "
docker-compose up
@MateuszKubuszok
Copy link
Author

When running Docker in Linux sometimes I need to write files outside Docker - e.g. I use it to build and run app agains prod env with Docker, while I edit files locally and build output is used by IDE.

But I quite often end up with situation when files generated by Docker are not accessible by IDE (not build run outside the Docker) because they are owned by user from inside a Docker container. This code is a workaround which aligns internal user's name and ID with the host' ones, so that files created on the outside are seen as owned by current user.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment