From e65ec526a9dd79b13d3b902b92991525064bfd79 Mon Sep 17 00:00:00 2001
From: Kenneth Bingham <kenneth.bingham@netfoundry.io>
Date: Mon, 18 Sep 2023 15:36:10 -0400
Subject: [PATCH] thinly wrap exec args as EUID to provide a writable
 GIT_CONFIG_GLOBAL

---
 docker-image/Dockerfile    | 22 +++++-----------------
 docker-image/entrypoint.sh | 14 ++++++++++++++
 2 files changed, 19 insertions(+), 17 deletions(-)
 create mode 100755 docker-image/entrypoint.sh

diff --git a/docker-image/Dockerfile b/docker-image/Dockerfile
index cf47709..0856d7d 100644
--- a/docker-image/Dockerfile
+++ b/docker-image/Dockerfile
@@ -105,30 +105,18 @@ ENV VCPKG_ROOT=/usr/local/vcpkg
 # this must be set on arm. see https://learn.microsoft.com/en-us/vcpkg/users/config-environment#vcpkg_force_system_binaries
 ENV VCPKG_FORCE_SYSTEM_BINARIES=yes
 
-# VCPKG_ROOT is set to filemode 0777 to allow the developer's UID to write the
-# lockfile at build time
+# VCPKG_ROOT is set to filemode 0777 to allow the developer's UID to write the lockfile at build time; and git writes
+# global config settings as root in GIT_CONFIG_GLOBAL
 RUN cd /usr/local \
     && git config --global advice.detachedHead false \
     && git clone --branch 2023.06.20 https://github.com/microsoft/vcpkg \
     && ./vcpkg/bootstrap-vcpkg.sh -disableMetrics \
     && chmod -R ugo+rwX /usr/local/vcpkg
 
-# RUN cd /usr/local/src \
-#     && wget -q https://github.com/gcc-mirror/gcc/archive/refs/tags/releases/gcc-13.2.0.tar.gz \
-#     && tar -xzf gcc-13.2.0.tar.gz
-# build gcc
-# RUN cd /usr/local/src \
-#     && cd ./gcc-releases-gcc-13.2.0 \
-#     && ./contrib/download_prerequisites \
-#     && mkdir /usr/local/src/gcc-build && cd /usr/local/src/gcc-build \
-#     && /usr/local/gcc-releases-gcc-13.2.0/configure \
-#         --enable-languages=c,c++ \
-#     && make -j$(nproc) \
-#     && make install \
-#     && cd /usr/local \
-#     && rm -rf ./gcc-releases-gcc-13.2.0/ ./gcc-13.2.0.tar.gz
-
 # this is set to document the expectation of a predictable workdir in build
 # scripts used by CI and developers building locally, but GitHub Actions will
 # always override with WORKDIR=/github/workspace when running the job container
 WORKDIR /github/workspace
+
+COPY ./entrypoint.sh /entrypoint.sh
+ENTRYPOINT [ "/entrypoint.sh" ]
diff --git a/docker-image/entrypoint.sh b/docker-image/entrypoint.sh
new file mode 100755
index 0000000..53d4202
--- /dev/null
+++ b/docker-image/entrypoint.sh
@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+# duplicate the global gitconfig to a writable location if not root
+if (( UID ));then
+    USER_WRITABLE="${GIT_CONFIG_GLOBAL}-uid-$UID"
+    cp "$GIT_CONFIG_GLOBAL" "$USER_WRITABLE"
+    GIT_CONFIG_GLOBAL="$USER_WRITABLE"
+fi
+
+exec "$@"