Search code examples
visual-studio-codevscode-remote

VS Code Remote Development: Container postCreateCommand doesn't run

I'm trying to configure SSH authentication for a remote development workspace, as detailed in the documentation:

{
  "dockerfile": "Dockerfile",
  "runArgs": [
    // ...
    "-v",
    "${env:HOME}${env:USERPROFILE}/.ssh:/root/.ssh-localhost:ro"
  ],
  "postCreateCommand": "echo \"copying ssh keys...\" && mkdir -p ~/.ssh && cp -r ~/.ssh-localhost/* ~/.ssh && chmod 700 ~/.ssh && chmod 600 ~/.ssh/*",
  extensions: [
    // ...
  ]
}

Note that I've added an echo statement at the beginning of that line, just to make sure I'd know if it runs. Other than that, it's identical to the documentation.

However, it seems that the postCreateCommand is never run. If I look at the Dev Containers terminal output I see neither the expected docker exec command nor the copying ssh keys... output from my echo statement, and ls -a /rootfrom inside the container shows the .ssh-localhost folder, but not .ssh.

I see no error messages in the logs either. I've tried triggering "Remote Development: Rebuild Container" as well as deleting both container and image before reloading the window, but get the same result anyway.

What configuration am I missing here?

Solution

  • It's been a while, so I can't be 100% sure this is what was my issue, but at the same time I was working on getting this configuration up and running, I also tried to optimize start time by mounting a named volume at ~/.vscode-server.

    This turned out to be a "bad" idea for this specific use case, since whether the postCreateCommand should run or not is determined by the existence of a marker file present inside that directory (and a level or two down the file tree). Thus, when I re-built the container and restarted the VS Code window, the volume was re-mounted to the new container and the marker file was already present, so the command was not run.

    A better solution to this problem, I have found, is to add the following to your Dockerfile instead of having a postCreateCommand:

    RUN echo "\n\nif [ -d ~/.bashrc.d ]; then\n  for rc in ~/.bashrc.d/*rc; do\n    . \$rc\n  done\nfi\n" >> $HOME/.bashrc

    where $HOME is either /root or /home/$USER depending on whether you're running the container as root or not.

    This, then, lets you volume-mount a directory to the ~/.bashrc.d location, and each file matching *rc in that directory will be run as part of the profile script. The SSH setup script above can be put in an sshrc file there, instead, surrounded by if [[ -d ~/.ssh ]] to avoid running it every time.