docker.sock perms and gosu

.devcontainer/devcontainer.json

@@ -23,7 +23,7 @@
   },
   "initializeCommand": "touch ${localWorkspaceFolder}/.devcontainer/.env",
   "updateContentCommand": "make ansible",
-  "postAttachCommand": "zsh -l",
+  //"postAttachCommand": "zsh -l",
   "runArgs": ["--name", "${localWorkspaceFolderBasename}_devcontainer", "--hostname", "${localWorkspaceFolderBasename}","--env-file",".devcontainer/.env" ],
   "mounts": [
     "source=${localWorkspaceFolderBasename}-home,target=/home/anvil,type=volume",

Dockerfile

@@ -70,19 +70,13 @@ if [ -v DOCKER_ENTRYPOINT_DEBUG ] && [ "$DOCKER_ENTRYPOINT_DEBUG" == 1 ]; then
 fi
 
 if [ "$(id -u)" = "0" ]; then
+  groupmod -o -g ${PGID:-1000} ${USER}
+  usermod -o -u ${PUID:-1000} ${USER}
+
   # get gid of docker socket file
-  SOCK_DOCKER_GID=`ls -ng /var/run/docker.sock | cut -f3 -d' '`
-
-  # get group of docker inside container
-  CUR_DOCKER_GID=`getent group docker | cut -f3 -d: || true`
-
-  # if they dont match, adjust
-  if [ ! -z "$SOCK_DOCKER_GID" -a "$SOCK_DOCKER_GID" != "$CUR_DOCKER_GID" ]; then
-    groupmod -g ${SOCK_DOCKER_GID} -o docker
-  fi
-  if ! groups ${USER} | grep -q docker; then
-    usermod -aG docker ${USER}
-  fi
+  SOCK_DOCKER_GID=`stat -c %g /var/run/docker.sock`
+  groupmod -o -g "$SOCK_DOCKER_GID" ${USER}
+
   # Add call to gosu to drop from root user to jenkins user
   # when running original entrypoint
   set -- gosu ${USER} "$@"

Makefile

@@ -15,7 +15,10 @@ push-image: build-image
 	docker push ghcr.io/traefikturkey/onboard
 
 run-image: build-image
-	docker run -it --rm -p 9830:9830 ghcr.io/traefikturkey/onboard:latest
+	docker run -it --rm -p 9830:9830 -v /var/run/docker.sock:/var/run/docker.sock ghcr.io/traefikturkey/onboard:latest
+
+bash-image: build-image
+	docker run -it --rm -p 9830:9830 -v /var/run/docker.sock:/var/run/docker.sock ghcr.io/traefikturkey/onboard:latest bash
 
 ansible:
 	LC_ALL=C.UTF-8 ansible-playbook --inventory 127.0.0.1 --connection=local .devcontainer/ansible/requirements.yml