From 5a7d8001cf06ae4bf505b9ecfed6f1bb348b2715 Mon Sep 17 00:00:00 2001
From: Chojan Shang <psiace@ritelabs.net>
Date: Tue, 31 Jan 2023 19:55:01 +0800
Subject: [PATCH] chore: refine devcontainer (#1262)

* chore: refine user

Signed-off-by: Chojan Shang <psiace@outlook.com>

* chore: fix premission

Signed-off-by: Chojan Shang <psiace@outlook.com>

* chore: add sudo user

Signed-off-by: Chojan Shang <psiace@outlook.com>

---------

Signed-off-by: Chojan Shang <psiace@outlook.com>
---
 .devcontainer/Dockerfile        | 30 +++++++++++++++++++++---------
 .devcontainer/devcontainer.json |  4 ++--
 2 files changed, 23 insertions(+), 11 deletions(-)

diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
index e5ff43f541c..dad84fbd84a 100644
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -4,8 +4,6 @@ ENV TERM xterm-256color
 
 RUN apt-get update -yq && \
     apt-get install -yq locales sudo unzip file curl clang openjdk-11-jdk-headless libssl-dev make git ripgrep && \
-    curl -sSLo /tmp/lsd.deb https://github.com/Peltoche/lsd/releases/download/0.21.0/lsd_0.21.0_amd64.deb && \
-    dpkg -i /tmp/lsd.deb && \
     printf 'en_US.UTF-8 UTF-8\n' > /etc/locale.gen && \
     locale-gen && \
     rm -rf /var/lib/apt/lists/*
@@ -14,14 +12,19 @@ ENV LANGUAGE en_US
 ENV LANG en_US.UTF-8
 ENV LC_ALL en_US.UTF-8
 
-RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain stable && \
-    mkdir -p /opt/rust && \
-    rm -f /root/.bashrc && \
+
+RUN groupdel dialout && groupdel staff && \
+    groupadd -g 20 staff && groupadd -g 121 docker && \
+    useradd -u 1000 -g 100 builder && \
+    printf "builder ALL=(ALL:ALL) NOPASSWD:ALL\n" > /etc/sudoers.d/opendal && \
+    && chmod 0440 /etc/sudoers.d/builder
+
+RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain stable  && \
     rm -rf /root/.cargo/git && \
     rm -rf /root/.cargo/registry && \
+    mkdir -p /opt/rust && \
     mv /root/.cargo /opt/rust/cargo && \
-    mv /root/.rustup /opt/rust/rustup && \
-    echo '. "/opt/rust/cargo/env"' >> /root/.bashrc
+    mv /root/.rustup /opt/rust/rustup
 
 RUN ln -s $(readlink -f `which javac` | sed "s:/bin/javac::") /opt/java
 
@@ -35,11 +38,20 @@ VOLUME [ "/workspace", "/opt/rust/cargo/registry", "/opt/rust/cargo/git" ]
 
 RUN curl -L --output cargo-binstall.tgz https://github.com/cargo-bins/cargo-binstall/releases/download/v0.19.3/cargo-binstall-x86_64-unknown-linux-gnu.tgz && \
     tar xf cargo-binstall*.tgz -C /opt/rust/cargo/bin
-RUN cargo binstall taplo-cli mdbook --no-confirm
+RUN cargo binstall taplo-cli mdbook lsd --no-confirm
 
 RUN curl -qL https://github.com/rui314/mold/releases/download/v1.2.1/mold-1.2.1-$(uname -m)-linux.tar.gz -o /tmp/mold.tar.gz && \
     tar --strip-components=1 -xzf /tmp/mold.tar.gz -C /usr/local && \
     rm -rf /tmp/mold.tar.gz && \
     ln -sf /usr/local/bin/mold /usr/bin/$(uname -m)-linux-gnu-ld
 
-RUN git config --global --add safe.directory /workspaces/opendal
\ No newline at end of file
+RUN mkdir /home/builder && chown -R builder /home/builder && \
+    usermod --shell /bin/bash builder
+
+RUN curl -qL https://github.com/starship/starship/releases/latest/download/starship-$(uname -m)-unknown-linux-musl.tar.gz  -o /tmp/starship.tar.gz && \
+    tar -xzf /tmp/starship.tar.gz -C /usr/local/bin && \
+    rm -rf /tmp/starship.tar.gz && \
+    ln -sf /usr/local/bin/starship /usr/bin/starship && \
+    echo 'eval "$(starship init bash)"' >> /home/builder/.bashrc
+
+USER builder
\ No newline at end of file
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
index 9664074da49..ce051e0821d 100644
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -8,10 +8,10 @@
 	],
 	"mounts": [
 		"source=${localEnv:HOME}/.cargo/registry,target=/opt/rust/cargo/registry,type=bind,consistency=cached",
-		"source=${localEnv:HOME}/.cargo/git,target=/opt/rust/cargo/git,type=bind,consistency=cached",
-		"source=${localEnv:HOME},target=/home/builder,type=bind,consistency=cached"
+		"source=${localEnv:HOME}/.cargo/git,target=/opt/rust/cargo/git,type=bind,consistency=cached"
 	],
 	"dockerFile": "Dockerfile",
+	"remoteUser": "builder",
 	"updateRemoteUserUID": true,
 	"postAttachCommand": "bash",
 	"settings": {