# HG changeset patch
# User Mads Kiilerich <madski@unity3d.com>
# Date 2014-05-30 12:14:33
# Node ID cf7b5c0117370a0e81d23bdb6935802940935f2a
# Parent  d2a00ced3cce2bb4c3736b6ca033b9c0367077f1

dockerrpm: run docker build process as the current user, not as root

Docker can be run by ordinary users if they are in the docker group. The build
process would however be run as a root user, only protected by the sandboxing.
That caused problems with the shared directory where rpmbuild would be picky
about building from sources owned by less privileged users and producing files
owned by root.

Instead, add a build user with the right uid/gid to the image and run the
docker process as that user.

diff --git a/contrib/dockerrpm b/contrib/dockerrpm
--- a/contrib/dockerrpm
+++ b/contrib/dockerrpm
@@ -24,6 +24,12 @@ DFILE="$ROOTDIR/contrib/docker/$PLATFORM
 
 CONTAINER="hg-dockerrpm-$PLATFORM"
 
-$DOCKER build --tag $CONTAINER - < $DFILE
-$DOCKER run --rm -v $ROOTDIR:/hg $CONTAINER bash -c \
+DBUILDUSER=build
+(
+cat $DFILE
+echo RUN groupadd $DBUILDUSER -g `id -g`
+echo RUN useradd $DBUILDUSER -u `id -u` -g $DBUILDUSER
+) | $DOCKER build --tag $CONTAINER -
+
+$DOCKER run -u $DBUILDUSER --rm -v $ROOTDIR:/hg $CONTAINER bash -c \
     "cp -a hg hg-build; cd hg-build; make clean local $PLATFORM; cp packages/$PLATFORM/* /hg/packages/$PLATFORM/"