… basically anything. Yes. You will always find yourself in problems where the best practice isn’t the best solution for.
In your described use case an option would be having the application inside the container running with 10000:10001 but writing the data into another directory that is configured to use 1000:1001 (or whatever the user is you want to access the data with from your host) and just mount the volume there. This takes a bit more configuration effort than just running the application with 1000:1001 … but still :)
The code runs when it’s an interactive shell with a PS1 prompt and just checks if any of the tracked files have changed or if there are commits that are not pushed. By configuration I ignore all untracked files. If something has changed or wasn’t pushed it always prints an annoying message.
Whenever I want to do something I use dotfiles … instead of git …, everything else works the same.
Yep! The names are basically just a convenient way for referencing a user or group ID.
Under normal circumstances you should let the system decide what IDs to use, but in the confined environment of a docker container you can do pretty much what you want.
If you really, really, really want to create a user and group just set the IDs manually:
I recently just cleanly got out of Facebook after a decade.
Deleted all my comments, all my media and all my posts, and left all groups and unfriended everyone, then changed my name and my URL and finally disabled/deleted my account.
It’s actually a suggested configuration / best practice to NOT have container user IDs matching the host user IDs.
Ditch the idea of root and user in a docker container. For your containerized application use 10000:10001. You’ll have only one application and one “user” in the container anyways when doing it right.
To be even more on the secure side use a different random user ID and group ID for every container.