Skip to content

Instantly share code, notes, and snippets.

@queeup

queeup/vscode-podman-silverblue.md

Forked from theonlyfoxy/vscode-devcontainer-podman-nvidia-silverblue.md
Created August 24, 2023 23:48
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save queeup/1c9713745be5ef7ce426795045a9ae9f to your computer and use it in GitHub Desktop.
Save queeup/1c9713745be5ef7ce426795045a9ae9f to your computer and use it in GitHub Desktop.
Download ZIP
Raw
vscode-podman-silverblue.md

Using VSCode Flatpak to launch Podman containers for DevContainers with Support for "Container Features" (In SilverBlue)

Setup

Install Visual Studio Code

Install Visual Studio Code and a Podman tool

~ flatpak --user install flathub com.visualstudio.code

Override Flatpak to allow /tmp access

*Required for Container Build.

flatpak override --user --filesystem=/tmp com.visualstudio.code

Podman Access inside Flatpak

Being in a Flatpak, we will need access to host's podman (or docker) to be able to use the containers. Place this in your ~/.local/bin/podman-host

#!/bin/bash
# Privileged and Security-Opt Disable are needed for SELinux 
# to allow Workspace Read-Write Permission and Building DevContainer Features.

set -x
if [ "$1" == "exec" ]; then
  # Remove 'exec' from $@
  shift
  script='
    result_command="podman exec"
    for i in $(printenv | grep "=" | grep -Ev " |\"" |
        grep -Ev "^(HOST|HOSTNAME|HOME|PATH|SHELL|USER|_)"); do
      result_command=$result_command --env="$i"
    done
    exec ${result_command} "$@"
  '
  exec flatpak-spawn --host sh -c "$script" - "$@"
elif [[ "$1" == "run"* ]]; then
  # Remove 'run' from $@
  shift
  exec flatpak-spawn --host podman run --privileged "$@"
elif [[ "$1" == "buildx"* ]]; then
  # Remove 'buildx build' from $@
  shift 2
  exec flatpak-spawn --host podman build --security-opt label=disable "$@"
else
  exec flatpak-spawn --host podman "$@"
fi

and make it executable: chmod +x ~/.local/bin/podman-host.

Open VSCode settings (Ctrl+,) and head to Remote>Containers>Docker Path and set it to the path of podman-exec, like in the example

image

This will give a way to execute host's container manager from within the flatpak app.

Podman Short-Name Conflict

Place this in your ~/.config/containers/registries.conf

unqualified-search-registries = [ "docker.io", "quay.io", "registry.fedoraproject.org", "registry.access.redhat.com"]
short-name-mode="disabled"

Finalizing

Your devcontainers configurations should work out of the box without any modification now!

Note

For some official VSCode devcontainers, you may need to append additional config.

{
"remoteUser": "root",
"containerUser": "vscode",
}

Bonus

Here is a fully functional devcontainer example. It includes USB-Passthrough, GPU-Passthrough, X11 Integration, VNC Integration and set of extensions for Embedded Development.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment