fix aws cli root user stuff

joshuanianji · Jan 9, 2024 · 0d8b5a5 · 0d8b5a5
1 parent 9db83bc
commit 0d8b5a5
Show file tree

Hide file tree

Showing 7 changed files with 73 additions and 41 deletions.
diff --git a/src/aws-cli-persistence/devcontainer-feature.json b/src/aws-cli-persistence/devcontainer-feature.json
@@ -15,5 +15,5 @@
     "installsAfter": [
         "ghcr.io/devcontainers/features/aws-cli"
     ],
-    "postCreateCommand": "sudo chown -R $USER:$USER /dc/aws-cli"
+    "postStartCommand": "/usr/local/share/aws-cli-persistence-post-create.sh"
 }
diff --git a/src/aws-cli-persistence/install.sh b/src/aws-cli-persistence/install.sh
@@ -23,3 +23,23 @@ fi
 ln -s /dc/aws-cli "$_REMOTE_USER_HOME/.aws"
 # chown .aws folder
 chown -R "${_REMOTE_USER}:${_REMOTE_USER}" "$_REMOTE_USER_HOME/.aws"
+
+# --- Generate a 'aws-cli-persistence-post-create.sh' script to be executed by the 'postCreateCommand' lifecycle hook
+# Looks like this is the best way to run a script in lifecycle hooks
+# Source: https://github.com/devcontainers/features/blob/562305d37b97d47331d96306ffc2a0a3cce55e64/src/git-lfs/install.sh#L190C1-L190C109
+POST_CREATE_SCRIPT_PATH="/usr/local/share/aws-cli-persistence-post-create.sh"
+
+tee "$POST_CREATE_SCRIPT_PATH" >/dev/null \
+  <<'EOF'
+#!/bin/sh
+
+set -e
+
+# if the user is not root, chown /dc/aws-cli to the user
+if [ "$(id -u)" != "0" ]; then
+    echo "Running post-start.sh for user $USER"
+    sudo chown -R "$USER:$USER" /dc/aws-cli
+fi
+EOF
+
+chmod 755 "$POST_CREATE_SCRIPT_PATH"
diff --git a/test/aws-cli-persistence/default.sh b/test/aws-cli-persistence/default.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+set -e
+
+# This script is the "default" test script for the aws-cli-persistence feature.
+# It is not run as a scenario, but is run by other test scripts.
+
+# Optional: Import test library
+source dev-container-features-test-lib
+
+# check that `aws --help` works
+check "help" bash -c "aws help | grep 'usage'"
+
+# check that `.aws` and `/dc/aws-cli` exist under the user (should be node)
+check "~/.aws existence" bash -c "ls -la ~ | grep '.aws'"
+check "/dc/aws-cli existence" bash -c "ls -la /dc | grep 'aws-cli'"
+
+# check that the folders are owned by the user
+# `stat -c "%U %G" ~/.aws` returns "$USER $GROUP", in this case "node node"
+# https://askubuntu.com/a/175060
+echo "Checking ownership of ~/.aws and /dc/aws-cli (ensure it is owned by $USER)"
+stat -c "%U" /dc/aws-cli
+
+check "~/.aws owned by user" bash -c "test \"$(stat -c "%U" ~/.aws)\" = \"$USER\""
+check "/dc/aws-cli owned by user" bash -c "test \"$(stat -c "%U" /dc/aws-cli)\" = \"$USER\""
+
+# Report result
+reportResults
diff --git a/test/aws-cli-persistence/root_user.sh b/test/aws-cli-persistence/root_user.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+set -e
+
+source dev-container-features-test-lib
+
+# Run default test script (in same folder)
+# See: https://github.com/devcontainers/features/blob/562305d37b97d47331d96306ffc2a0a3cce55e64/test/azure-cli/install_extensions_bookworm.sh
+./default.sh
diff --git a/test/aws-cli-persistence/scenarios.json b/test/aws-cli-persistence/scenarios.json
@@ -15,5 +15,13 @@
                 "configureZshAsDefaultShell": true
             }
         }
+    },
+    "root_user": {
+        "image": "mcr.microsoft.com/devcontainers/base:debian",
+        "features": {
+            "aws-cli-persistence": {},
+            "ghcr.io/devcontainers/features/aws-cli": {}
+        },
+        "remoteUser": "root"
     }
-}
+}
diff --git a/test/aws-cli-persistence/with_node.sh b/test/aws-cli-persistence/with_node.sh
@@ -2,24 +2,6 @@
 
 set -e
 
-# Optional: Import test library
-source dev-container-features-test-lib
-
-# check that `aws --help` works
-check "help" bash -c "aws help | grep 'usage'"
-
-# check that `.aws` and `/dc/aws-cli` exist under the user (should be node)
-check "~/.aws existence" bash -c "ls -la ~ | grep '.aws'"
-check "/dc/aws-cli existence" bash -c "ls -la /dc | grep 'aws-cli'"
-
-# check that the folders are owned by the user
-# `stat -c "%U %G" ~/.aws` returns "$USER $GROUP", in this case "node node"
-# https://askubuntu.com/a/175060
-echo "Checking ownership of ~/.aws and /dc/aws-cli"
-stat -c "%U %G" /dc/aws-cli
-
-check "~/.aws owned by user" bash -c "test \"$(stat -c "%U %G" ~/.aws)\" = 'node node'"
-check "/dc/aws-cli owned by user" bash -c "test \"$(stat -c "%U %G" /dc/aws-cli)\" = 'node node'"
-
-# Report result
-reportResults
+# Run default test script (in same folder)
+# See: https://github.com/devcontainers/features/blob/562305d37b97d47331d96306ffc2a0a3cce55e64/test/azure-cli/install_extensions_bookworm.sh
+./default.sh
diff --git a/test/aws-cli-persistence/zsh_shell.sh b/test/aws-cli-persistence/zsh_shell.sh
@@ -2,21 +2,6 @@
 
 set -e
 
-# Optional: Import test library
-source dev-container-features-test-lib
-
-# check that `aws --help` works
-check "help" bash -c "aws help | grep 'usage'"
-
-# check that `.aws` and `/dc/aws-cli` exist under the user (should be node)
-check "~/.aws existence" bash -c "ls -la ~ | grep '.aws'"
-check "/dc/aws-cli existence" bash -c "ls -la /dc | grep 'aws-cli'"
-
-# check that the folders are owned by the user
-# `stat -c "%U %G" ~/.aws` returns "$USER $GROUP", in this case "node node"
-# https://askubuntu.com/a/175060
-check "~/.aws owned by user" bash -c "test \"$(stat -c "%U %G" ~/.aws)\" = 'node node'"
-check "/dc/aws-cli owned by user" bash -c "test \"$(stat -c "%U %G" /dc/aws-cli)\" = 'node node'"
-
-# Report result
-reportResults
+# Run default test script (in same folder)
+# See: https://github.com/devcontainers/features/blob/562305d37b97d47331d96306ffc2a0a3cce55e64/test/azure-cli/install_extensions_bookworm.sh
+./default.sh