npm - @getmonoceros/workbench - Versions diffs - 1.6.1 → 1.6.3 - Mend

@getmonoceros/workbench 1.6.1 → 1.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/bin.js CHANGED Viewed

@@ -797,13 +797,14 @@ function isValidHomeSubpath(p) {
   return p.length > 0 && !p.startsWith("/") && !p.includes("..") && HOME_SUBPATH_RE.test(p);
 }
 var HOME_SUBPATH_RE = /^[A-Za-z0-9._-]+(\/[A-Za-z0-9._-]+)*$/;
-function buildDevcontainerJson(opts) {
+function buildDevcontainerJson(opts, dockerMode = "rootful") {
   const resolvedFeatures = resolveFeatures(opts);
   const features = {};
   for (const f of resolvedFeatures) {
     features[f.devcontainerKey] = f.options;
   }
   const featuresField = Object.keys(features).length > 0 ? { features } : void 0;
+  const idmapSuffix = dockerMode === "rootless" ? ",idmap" : "";
   const homeMounts = [];
   for (const f of resolvedFeatures) {
     const allSubs = [
@@ -812,7 +813,7 @@ function buildDevcontainerJson(opts) {
     ];
     for (const sub of allSubs) {
       homeMounts.push(
-        `source=\${localWorkspaceFolder}/home/${sub},target=/home/node/${sub},type=bind`
+        `source=\${localWorkspaceFolder}/home/${sub},target=/home/node/${sub},type=bind${idmapSuffix}`
       );
     }
   }
@@ -831,10 +832,14 @@ function buildDevcontainerJson(opts) {
   }
   const mounts = [...homeMounts];
   const mountsField = mounts.length > 0 ? { mounts } : {};
+  const workspaceMountField = dockerMode === "rootless" ? {
+    workspaceMount: `source=\${localWorkspaceFolder},target=/workspaces/${opts.name},type=bind${idmapSuffix}`
+  } : {};
   return {
     name: opts.name,
     image: BASE_IMAGE,
     remoteUser: "node",
+    ...workspaceMountField,
     ...mountsField,
     runArgs: ["--cap-add=NET_ADMIN"],
     forwardPorts: [3e3, 4e3],
@@ -842,15 +847,25 @@ function buildDevcontainerJson(opts) {
     ...featuresField ?? {}
   };
 }
-function buildComposeYaml(opts) {
+function buildComposeYaml(opts, dockerMode = "rootful") {
   const lines = ["services:"];
+  const isRootless = dockerMode === "rootless";
   lines.push("  workspace:");
   lines.push(`    image: ${BASE_IMAGE}`);
   lines.push("    command: 'sleep infinity'");
   lines.push("    cap_add:");
   lines.push("      - NET_ADMIN");
   lines.push("    volumes:");
-  lines.push(`      - ..:/workspaces/${opts.name}:cached`);
+  if (isRootless) {
+    lines.push("      - type: bind");
+    lines.push("        source: ..");
+    lines.push(`        target: /workspaces/${opts.name}`);
+    lines.push("        bind:");
+    lines.push("          create_host_path: true");
+    lines.push("          idmap: true");
+  } else {
+    lines.push(`      - ..:/workspaces/${opts.name}:cached`);
+  }
   const resolvedFeatures = resolveFeatures(opts);
   for (const f of resolvedFeatures) {
     const allSubs = [
@@ -858,7 +873,16 @@ function buildComposeYaml(opts) {
       ...f.persistentHomeFiles.map((entry2) => entry2.path)
     ];
     for (const sub of allSubs) {
-      lines.push(`      - ../home/${sub}:/home/node/${sub}`);
+      if (isRootless) {
+        lines.push("      - type: bind");
+        lines.push(`        source: ../home/${sub}`);
+        lines.push(`        target: /home/node/${sub}`);
+        lines.push("        bind:");
+        lines.push("          create_host_path: true");
+        lines.push("          idmap: true");
+      } else {
+        lines.push(`      - ../home/${sub}:/home/node/${sub}`);
+      }
     }
   }
   for (const svcId of opts.services) {
@@ -990,7 +1014,8 @@ async function writePostCreateScript(devcontainerDir, opts) {
   await fs2.writeFile(dest, buildPostCreateScript(opts));
   await fs2.chmod(dest, 493);
 }
-async function writeScaffold(opts, targetDir) {
+async function writeScaffold(opts, targetDir, scaffoldOpts = {}) {
+  const dockerMode = scaffoldOpts.dockerMode ?? "rootful";
   const devcontainerDir = path2.join(targetDir, ".devcontainer");
   const monocerosDir = path2.join(targetDir, ".monoceros");
   const projectsDir = path2.join(targetDir, "projects");
@@ -1019,7 +1044,7 @@ async function writeScaffold(opts, targetDir) {
     path2.join(monocerosDir, ".gitignore"),
     "git-credentials*\ngitconfig\n"
   );
-  const devcontainerJson = buildDevcontainerJson(opts);
+  const devcontainerJson = buildDevcontainerJson(opts, dockerMode);
   await fs2.writeFile(
     path2.join(devcontainerDir, "devcontainer.json"),
     JSON.stringify(devcontainerJson, null, 2) + "\n"
@@ -1050,7 +1075,7 @@ async function writeScaffold(opts, targetDir) {
   await writePostCreateScript(devcontainerDir, opts);
   const composePath = path2.join(devcontainerDir, "compose.yaml");
   if (needsCompose(opts)) {
-    await fs2.writeFile(composePath, buildComposeYaml(opts));
+    await fs2.writeFile(composePath, buildComposeYaml(opts, dockerMode));
   } else if (existsSync2(composePath)) {
     await fs2.rm(composePath);
   }
@@ -2613,14 +2638,44 @@ function adviceForKind(kind) {
   }
 }
-// src/devcontainer/identity.ts
+// src/devcontainer/docker-mode.ts
 import { spawn as spawn5 } from "child_process";
+var realDockerInfo = () => {
+  return new Promise((resolve, reject) => {
+    const child = spawn5(
+      "docker",
+      ["info", "--format", "{{json .SecurityOptions}}"],
+      {
+        stdio: ["ignore", "pipe", "inherit"]
+      }
+    );
+    let stdout = "";
+    child.stdout.on("data", (chunk) => {
+      stdout += chunk.toString();
+    });
+    child.on("error", reject);
+    child.on("exit", (code) => resolve({ stdout, exitCode: code ?? 0 }));
+  });
+};
+async function detectDockerMode(options = {}) {
+  const spawnFn = options.spawn ?? realDockerInfo;
+  try {
+    const result = await spawnFn();
+    if (result.exitCode !== 0) return "rootful";
+    return /\brootless\b/i.test(result.stdout) ? "rootless" : "rootful";
+  } catch {
+    return "rootful";
+  }
+}
+// src/devcontainer/identity.ts
+import { spawn as spawn6 } from "child_process";
 import { promises as fs7 } from "fs";
 import path7 from "path";
 import { consola as consola9 } from "consola";
 var realGitConfigGet = (key) => {
   return new Promise((resolve, reject) => {
-    const child = spawn5("git", ["config", "--global", "--get", key], {
+    const child = spawn6("git", ["config", "--global", "--get", key], {
       stdio: ["ignore", "pipe", "inherit"]
     });
     let stdout = "";
@@ -2804,8 +2859,11 @@ ${sectionLine(label)}
     }
   }
   section("Scaffold");
+  const dockerMode = await detectDockerMode({
+    ...opts.dockerInfoSpawn ? { spawn: opts.dockerInfoSpawn } : {}
+  });
   await fs8.mkdir(targetDir, { recursive: true });
-  await writeScaffold(createOpts, targetDir);
+  await writeScaffold(createOpts, targetDir, { dockerMode });
   await writeStateFile(
     targetDir,
     buildStateFile({
@@ -2850,8 +2908,11 @@ async function assertSafeTargetDir(targetDir, expectedOrigin) {
     }
     return;
   }
+  if (entries.length === 1 && entries[0] === ".monoceros") {
+    return;
+  }
   throw new Error(
-    `Refusing to materialize into non-empty directory ${targetDir} (no Monoceros state.json found). Delete the directory before re-running.`
+    `Refusing to materialize into non-empty directory ${targetDir} (no Monoceros state.json found, and the directory has files we don't recognise). Delete the directory before re-running.`
   );
 }
 function warnOnDeprecatedFeatureRefs(containerFeatures, globalConfig, logger) {