I am using a from debian in a VSCode devcontainer on my mac:
FROM debian
# Create sudo user "dev"
ARG USERNAME=dev
ARG USER_UID=1000
ARG USER_GID=$USER_UID
# Create the `dev` user
# https://code.visualstudio.com/remote/advancedcontainers/add-nonroot-user
RUN groupadd --gid $USER_GID $USERNAME \
&& useradd --uid $USER_UID --gid $USER_GID -m $USERNAME \
&& apt-get update \
&& apt-get install -y sudo \
&& echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \
&& chmod 0440 /etc/sudoers.d/$USERNAME
USER $USERNAME
# Install docker
RUN sudo apt install -y \
ca-certificates \
curl \
gnupg \
lsb-release
RUN sudo mkdir -p /etc/apt/keyrings
RUN curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
RUN echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
RUN sudo apt update
RUN sudo apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
RUN sudo usermod -aG docker $USERNAME
I'm trying to use the host docker socket. By using a bind mount.
"source=/var/run/docker.sock,target=/var/run/docker.sock,type=bind",
My non-root user in the docker group and docker works with sudo:
➜ free2z git:(metarepo) ✗ groups
dev docker
➜ free2z git:(metarepo) ✗ docker ps
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission denied
➜ free2z git:(metarepo) ✗ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9167a45c8223 vsc-free2z-597acf8d147e25327effb72c17e8d21f "/bin/sh -c 'echo Co…" 20 hours ago Up 20 hours gallant_morse
