UID for circleci user mismatch between containers and machines

[drags]

Hello,

I ran into an issue with the mismatch of the circleci user id inside of the cimg images (explicitly set to UID 3434) and the machine type executor VMs. The useradd command in the Dockerfile template is here. The PR that introduced this change is #38 based on the issue #35, however neither of those issues gives a reason for using 3434 for the cimg userid. I imagine this was to avoid some sort of collision issue; however on the flip side this introduces issues when mounting things from the machine into a docker container running off a cimg based image.

As an example use case: we're using the stackhawk orb to run a hawkscan-local job. This job runs inside of a machine executor and also accepts a list of steps executed inside of containers to allow for setting up a local scan target. I used the cimg/ruby docker image for running our local scan target for consistency, and ran into this issue when mounting the repo that I checked out using a checkout step.

It's simple enough to work around this by adding a chmod step to modify permissions on the mounted directory, but this feels a bit hacky, and prone to trip up other users.

Is it possible to sync the UIDs of the circleci user between machine executors and cimg images?

Thanks, Tim

[FelicianoTech]

I want to discuss this with the Fleets team and take into account the VM images all together for a change like this.

[FelicianoTech]

This change will land in edge once the October snapshot is created.

In order to make a change with less impact to our build system, the user and group ID of the circleci user will change for this image to match what we have in the Linux VM images.

The circleci user ID will be 1001. It's primary group will be circleci, which will have a group ID of 1002.

[jpeeler]

Should also modify documentation for local machine runner to ideally make created CircleCI user to match: https://circleci.com/docs/runner-installation-linux/