From 1d4c1d4c0ac74cb4b8440fcf822f31baf625c755 Mon Sep 17 00:00:00 2001 From: Ulf Axelsson Date: Tue, 23 Sep 2025 14:00:01 +0200 Subject: [PATCH] Add --user mapping when running the az cli container Map to the current executing user when running the az cli container so that any files created in the mapped volumes will be owned by the correct user --- src/main.ts | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/main.ts b/src/main.ts index 9cbdc581..ea750480 100644 --- a/src/main.ts +++ b/src/main.ts @@ -55,14 +55,22 @@ export async function main() { const hostAzureConfigDir = process.env.AZURE_CONFIG_DIR || path.join(process.env.HOME, '.azure'); const containerAzureConfigDir = '/root/.azure'; + // Get current user's UID and GID + const { stdout: uidOutput } = await cpExec('id -u'); + const { stdout: gidOutput } = await cpExec('id -g'); + const uid = uidOutput.trim(); + const gid = gidOutput.trim(); + /* For the docker run command, we are doing the following - Set the working directory for docker continer - volume mount the GITHUB_WORKSPACE env variable (path where users checkout code is present) to work directory of container - volume mount Azure config directory between host and container, - volume mount temp directory between host and container, inline script file is created in temp directory + - Set the user to match the host's UID and GID to ensure proper file ownership */ let args: string[] = ["run", "--workdir", `${process.env.GITHUB_WORKSPACE}`, + "--user", `${uid}:${gid}`, "-v", `${process.env.GITHUB_WORKSPACE}:${process.env.GITHUB_WORKSPACE}`, "-v", `${hostAzureConfigDir}:${containerAzureConfigDir}`, "-v", `${TEMP_DIRECTORY}:${TEMP_DIRECTORY}` @@ -160,3 +168,4 @@ const executeDockerCommand = async (args: string[], continueOnError: boolean = f core.warning(errorStream) } } +