From 4c4a7413a1a0c71ca0ceafc10919fdf61c8d5832 Mon Sep 17 00:00:00 2001
From: Anmol Sethi <hi@nhooyr.io>
Date: Tue, 25 Aug 2020 15:38:12 -0400
Subject: [PATCH 1/2] docker: Allow passing $DOCKER_USER to set the username in
 the container

Needs to be reflected in the documentation and the dockerhub description now.

Closes #881
---
 ci/release-image/Dockerfile    |  3 ++-
 ci/release-image/entrypoint.sh | 18 ++++++++++++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)
 create mode 100755 ci/release-image/entrypoint.sh

diff --git a/ci/release-image/Dockerfile b/ci/release-image/Dockerfile
index defc15c9..4dcd2bfb 100644
--- a/ci/release-image/Dockerfile
+++ b/ci/release-image/Dockerfile
@@ -35,9 +35,10 @@ RUN ARCH="$(dpkg --print-architecture)" && \
     printf "user: coder\ngroup: coder\n" > /etc/fixuid/config.yml
 
 COPY release-packages/code-server*.deb /tmp/
+COPY ci/release-image/entrypoint.sh /usr/bin/entrypoint.sh
 RUN dpkg -i /tmp/code-server*$(dpkg --print-architecture).deb && rm /tmp/code-server*.deb
 
 EXPOSE 8080
 USER coder
 WORKDIR /home/coder
-ENTRYPOINT ["dumb-init", "fixuid", "-q", "/usr/bin/code-server", "--bind-addr", "0.0.0.0:8080", "."]
+ENTRYPOINT ["/usr/bin/entrypoint.sh", "--bind-addr", "0.0.0.0:8080", "."]
diff --git a/ci/release-image/entrypoint.sh b/ci/release-image/entrypoint.sh
new file mode 100755
index 00000000..6e7525ce
--- /dev/null
+++ b/ci/release-image/entrypoint.sh
@@ -0,0 +1,18 @@
+#!/usr/bin/env sh
+set -eu
+
+if [ "${DOCKER_USER-}" ]; then
+  echo "$DOCKER_USER ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/nopasswd > /dev/null
+  sudo usermod --login "$DOCKER_USER" \
+    --move-home --home "/home/$DOCKER_USER" \
+    coder
+  sudo groupmod -n "$DOCKER_USER" coder
+
+  sudo sed -i "/coder/d" /etc/sudoers.d/nopasswd
+  sudo sed -i "s/coder/$DOCKER_USER/g" /etc/fixuid/config.yml
+  export HOME="/home/$DOCKER_USER"
+fi
+
+# This isn't set by default.
+export USER="$(whoami)"
+dumb-init fixuid -q /usr/bin/code-server "$@"

From 4b7c2ea3228f02eda59ccb6ead7b91fd567337f0 Mon Sep 17 00:00:00 2001
From: Anmol Sethi <hi@nhooyr.io>
Date: Wed, 26 Aug 2020 13:14:30 -0400
Subject: [PATCH 2/2] Use static version of node for all builds, not just
 darwin

This way, building a standalone release locally and putting it in the
release contianer for testing is less likely to break.
---
 ci/build/clean.sh            |  3 ++-
 ci/steps/release-packages.sh | 10 +++++-----
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/ci/build/clean.sh b/ci/build/clean.sh
index 87e573c0..0e0425a4 100755
--- a/ci/build/clean.sh
+++ b/ci/build/clean.sh
@@ -13,7 +13,8 @@ main() {
     release-gcp \
     release-images \
     dist \
-    .cache
+    .cache \
+    node-*
 
   pushd lib/vscode
   git clean -xffd
diff --git a/ci/steps/release-packages.sh b/ci/steps/release-packages.sh
index 95cfac65..cc6cd2a0 100755
--- a/ci/steps/release-packages.sh
+++ b/ci/steps/release-packages.sh
@@ -4,11 +4,11 @@ set -euo pipefail
 main() {
   cd "$(dirname "$0")/../.."
 
-  if [[ $OSTYPE == darwin* ]]; then
-    NODE_VERSION=v12.18.3
-    curl -L "https://nodejs.org/dist/$NODE_VERSION/node-$NODE_VERSION-darwin-x64.tar.gz" | tar -xz
-    PATH="$PWD/node-$NODE_VERSION-darwin-x64/bin:$PATH"
-  fi
+  NODE_VERSION=v12.18.3
+  NODE_OS="$(uname | tr '[:upper:]' '[:lower:]')"
+  NODE_ARCH="$(uname -m | sed 's/86_64/64/; s/aarch64/arm64/')"
+  curl -L "https://nodejs.org/dist/$NODE_VERSION/node-$NODE_VERSION-$NODE_OS-$NODE_ARCH.tar.gz" | tar -xz
+  PATH="$PWD/node-$NODE_VERSION-$NODE_OS-$NODE_ARCH/bin:$PATH"
 
   # https://github.com/actions/upload-artifact/issues/38
   tar -xzf release-npm-package/package.tar.gz