0

Is there any method to install VS Code in a docker container as a web-based editor that can be run in a rootless mode (no sudo in container entrypoint scripts etc.)?

E.g. to run it in this scenario:

docker run -u 12345 --cap-drop=all repo/rootless-vscode

mirekphd
  • 4,799
  • 3
  • 38
  • 59
  • Added specific details and test, reduced to just one method to avoid opinion poll to address the closing voters concerns. – mirekphd Jun 27 '22 at 19:36

1 Answers1

0

Here is an example of how it can be done with code-server. Note that it needs root permissions to install the server, but runs it as newuser.

FROM ubuntu:22.04

RUN apt update
RUN apt install -y sudo curl

RUN curl -fsSL https://code-server.dev/install.sh | sh

RUN useradd -ms /bin/bash newuser

USER newuser

CMD [ "code-server", "--bind-addr", "0.0.0.0:8080" ]

For a more complete example, check out their code-server CI release Dockerfile.

Dorin Botan
  • 1,224
  • 8
  • 19
  • Very concise! Would be nice if it worked without root though (see test...) – mirekphd Jun 28 '22 at 17:17
  • @mirekphd Do you mean running Docker without root on your host? Are you able to run any other docker container without root? – Dorin Botan Jun 29 '22 at 09:19
  • Hi, I meant: running containerized apps without any extra capabilities ("rootless") and with a random user ID assigned at runtime - this is the reality of many corporate clusters (Openshift / OKD / hardened k8s) (see test from my question) – mirekphd Jun 29 '22 at 09:49