Pass user ID and group ID to docker native image build in linux, by d…

…efault docker container will run as root
quarkusio · Apr 4, 2019 · fd84b2f · fd84b2f
1 parent 4a2f9c7
commit fd84b2f
Showing 1 changed file with 41 additions and 1 deletion.
diff --git a/core/creator/src/main/java/io/quarkus/creator/phase/nativeimage/NativeImagePhase.java b/core/creator/src/main/java/io/quarkus/creator/phase/nativeimage/NativeImagePhase.java
@@ -20,7 +20,7 @@
 import java.io.BufferedReader;
 import java.io.File;
 import java.io.IOException;
-import java.io.PrintStream;
+import java.io.InputStreamReader;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Path;
@@ -313,6 +313,46 @@ public void provideOutcome(AppCreator ctx) throws AppCreatorException {
             // E.g. "/usr/bin/docker run -v {{PROJECT_DIR}}:/project --rm quarkus/graalvm-native-image"
             nativeImage = new ArrayList<>();
             Collections.addAll(nativeImage, containerRuntime, "run", "-v", outputDir.toAbsolutePath() + ":/project:z", "--rm");
+            if (IS_LINUX & "docker".equals(containerRuntime)) {
+                try {
+                    BufferedReader reader;
+                    StringBuilder builder;
+                    String uid = null;
+                    String gid = null;
+
+                    ProcessBuilder idPB = new ProcessBuilder().command("id", "-ur");
+                    Process process = idPB.start();
+
+                    if (process.waitFor() == 0) {
+                        reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
+                        builder = new StringBuilder();
+                        String line;
+                        while ((line = reader.readLine()) != null) {
+                            builder.append(line);
+                        }
+                        uid = builder.toString();
+                    }
+
+                    idPB = new ProcessBuilder().command("id", "-gr");
+                    process = idPB.start();
+
+                    if (process.waitFor() == 0) {
+                        reader = new BufferedReader(new InputStreamReader(process.getInputStream()));
+                        builder = new StringBuilder();
+                        String line = null;
+                        while ((line = reader.readLine()) != null) {
+                            builder.append(line);
+                        }
+                        gid = builder.toString();
+                    }
+
+                    if (uid != null & gid != null & !"".equals(uid) & !"".equals(gid)) {
+                        Collections.addAll(nativeImage, "--user", uid.concat(":").concat(gid));
+                    }
+                } catch (Exception e) {
+                    //swallow exception here, docker container will run as root by default
+                }
+            }
             nativeImage.addAll(containerRuntimeOptions);
             nativeImage.add(this.builderImage);
         } else {