search

coder / code-server

VS Code in the browser
https://coder.com
MIT License
66.47k stars 5.45k forks source link

added ubuntu noble as base image #6812

Closed WisniewskiP closed 1 month ago

WisniewskiP commented 1 month ago

Adds new ubuntu release as base image #6709

code-asher commented 1 month ago

I have not tried them, but looks like they were pushed successfully.

https://hub.docker.com/r/codercom/code-server/tags?page=&page_size=&ordering=&name=noble

WisniewskiP commented 1 month ago

@code-asher I just tried this image it starts but there are somethings that are different.

in the base ubuntu image there is ubuntu user with ID 1000:

root@fbce18fd9fc5:/# id ubuntu
uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu),4(adm),20(dialout),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev)

unfortunately you are assuming that user coder has this ID and you switch to it at the end of Dockerfile: https://github.com/coder/code-server/blob/main/ci/release-image/Dockerfile#L55

when server starts it uses ubuntu user instead of coder:

[2024-05-27T07:57:13.851Z] info  Using user-data-dir /home/ubuntu/.local/share/code-server
[2024-05-27T07:57:13.860Z] info  Using config file /home/ubuntu/.config/code-server/config.yaml
[2024-05-27T07:57:13.860Z] info  HTTP server listening on http://0.0.0.0:8080/
[2024-05-27T07:57:13.860Z] info    - Authentication is enabled
[2024-05-27T07:57:13.860Z] info      - Using password from /home/ubuntu/.config/code-server/config.yaml
[2024-05-27T07:57:13.860Z] info    - Not serving HTTPS
[2024-05-27T07:57:13.860Z] info  Session server listening on /home/ubuntu/.local/share/code-server/code-server-ipc.sock

additionally sudo expects password because of wrong user.

to fix it it would be possible to user user name instead of id in Dockerfile. I can make PR for this if you agree with this fix.

code-asher commented 1 month ago

The comment seems to imply we need to use the ID to support DOCKER_USER but I am not 100% sure that is true. If we can use the user name instead and it still works, then that seems fine to me!

If that does not work, maybe we will have to do something in the entrypoint, like check if whoami is something other than coder, and if so rename it.

WisniewskiP commented 1 month ago

I have looked at this and for me it works when I replace USER 1000 with USER coder. But in helm-chart/values.yaml you are using:

securityContext:
  enabled: true
  fsGroup: 1000
  runAsUser: 1000

this change could break some of your CI scripts and probably other scripts that are expecting user with id 1000.

code-asher commented 1 month ago

Yeah I am not sure, I have not actually used or tested the Helm chart myself.