I’m increasingly relying on VS Code’s Remote Container features for remote development in clients’ cloud computing systems. It’s a little fiddly (I wouldn’t say I’m a Docker expert, either) but it mostly works out of the box, and the ability to encapsulate my environment makes a lot of other things easier.
I ran into a new problem recently, though, on a remote compute instance with multiple Unix user accounts and VS Code’s default Python 3 image. VS Code’s containers are set up with a non-root user named vscode, linked to the user and group IDs 1000:1000. Mostly that’s fine, but this time (because I’d set up a few user accounts) my UID was, e.g., 1005, not 1000, and my primary GID was totally different. The container needs to get this wiring right for permissions to be consistent inside and outside of the container.
It wasn’t super clear to me initially, but the answer seems to be manually updating the container’s user (vscode) directly in the container’s Dockerfile. Lifting directives from “Change the UID/GID of an existing container user” works like a charm, and I also appended another group:
ARG USERNAME=vscode
ARG USER_UID=1005
ARG USER_GID=10
RUN groupmod --gid $USER_GID $USERNAME \
&& usermod --uid $USER_UID --gid $USER_GID $USERNAME \
&& usermod -aG $USER_UID $USERNAME \
&& chown -R $USER_UID:$USER_GID /home/$USERNAME
USER $USERNAME
The only thing left to do, I think, is figure out how automate
this for the others on my team so that at creation time the
container picks up id -u and id -g and populates the relevant
fields automatically.