chore: update dev dockerfile to have a user with the host uid and gid

closes #1149

Makefile

@@ -23,8 +23,8 @@ setup_env:
 			poetry run python -m pip install --force-reinstall numpy==1.21.4;	\
 		fi;																		\
 	fi
-	# we need to pin a specific version of numpy to avoid having license conflicts
-	# see https://github.com/zama-ai/concretefhe-internal/runs/4455022611?check_suite_focus=true for details
+	@# we need to pin a specific version of numpy to avoid having license conflicts
+	@# see https://github.com/zama-ai/concretefhe-internal/runs/4455022611?check_suite_focus=true for details
 
 .PHONY: sync_env # Synchronise the environment
 sync_env:
@@ -147,11 +147,13 @@ mypy_ci:
 
 .PHONY: docker_build # Build dev docker
 docker_build:
-	docker build --pull -t $(DEV_DOCKER_IMG) -f $(DEV_DOCKERFILE) .
+	docker build --build-arg BUILD_UID=$$(id -u) --build-arg BUILD_GID=$$(id -g) --pull \
+	-t $(DEV_DOCKER_IMG) -f $(DEV_DOCKERFILE) .
 
 .PHONY: docker_rebuild # Rebuild docker
-docker_rebuild:
-	docker build --pull --no-cache -t $(DEV_DOCKER_IMG) -f $(DEV_DOCKERFILE) .
+docker_rebuild: docker_clean_volumes
+	docker build --build-arg BUILD_UID=$$(id -u) --build-arg BUILD_GID=$$(id -g) --pull \
+	--no-cache -t $(DEV_DOCKER_IMG) -f $(DEV_DOCKERFILE) .
 
 .PHONY: docker_start # Launch docker
 docker_start:
@@ -160,8 +162,8 @@ docker_start:
 	-p 8888:8888 \
 	--env DISPLAY=host.docker.internal:0 \
 	--volume /"$$(pwd)":/src \
-	--volume $(DEV_CONTAINER_VENV_VOLUME):/root/dev_venv \
-	--volume $(DEV_CONTAINER_CACHE_VOLUME):/root/.cache \
+	--volume $(DEV_CONTAINER_VENV_VOLUME):/home/dev_user/dev_venv \
+	--volume $(DEV_CONTAINER_CACHE_VOLUME):/home/dev_user/.cache \
 	$(DEV_DOCKER_IMG)
 
 .PHONY: docker_build_and_start # Docker build and start

docker/Dockerfile.concretefhe-dev

@@ -1,15 +1,43 @@
 FROM ghcr.io/zama-ai/concretefhe-env
 
-ENV SRC_DIR_NAME=src
+ENV SRC_DIR=/src
 
-RUN echo "source /root/dev_venv/bin/activate" >> /root/.bashrc && \
-    echo "if [[ \"\$?\" != \"0\" ]]; then" >> /root/.bashrc && \
-    echo "    python3 -m venv /root/dev_venv" >> /root/.bashrc && \
-    echo "    source /root/dev_venv/bin/activate" >> /root/.bashrc && \
-    echo "    cd /${SRC_DIR_NAME}/ && make setup_env" >> /root/.bashrc && \
-    echo "fi" >> /root/.bashrc && \
-    echo "export MPLBACKEND=TkAgg" >> /root/.bashrc
+# Default to Ubuntu default uid for first user
+ARG BUILD_GID=1000
+ARG BUILD_UID=1000
 
-WORKDIR /${SRC_DIR_NAME}
+# Get sudo for our future user
+RUN apt-get update && \
+    apt-get install --no-install-recommends -y sudo && \
+    rm -rf /var/lib/apt/lists/*
+
+# From https://dev.to/emmanuelnk/using-sudo-without-password-prompt-as-non-root-docker-user-52bg
+# Create dev_user and add it to relevant groups
+# Create /src and make the dev user own it
+# Ensure sudo group users are not asked for a password when using
+# sudo command by ammending sudoers file
+RUN groupadd -g "${BUILD_GID}" dev_user && \
+    adduser --disabled-password \
+    --uid "${BUILD_UID}" --gid "${BUILD_GID}" --shell /bin/bash --gecos "" dev_user && \
+    usermod -aG sudo dev_user && \
+    mkdir -p "${SRC_DIR}" && \
+    chown dev_user "${SRC_DIR}" && \
+    echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
+
+# Now switch to the newly created user
+USER dev_user
+
+RUN echo "source ~/dev_venv/bin/activate" >> ~/.bashrc && \
+    echo "if [[ \"\$?\" != \"0\" ]]; then" >> ~/.bashrc && \
+    echo "    python3 -m venv ~/dev_venv" >> ~/.bashrc && \
+    echo "    source ~/dev_venv/bin/activate" >> ~/.bashrc && \
+    echo "    cd ${SRC_DIR}/ && make setup_env" >> ~/.bashrc && \
+    echo "fi" >> ~/.bashrc && \
+    echo "export MPLBACKEND=TkAgg" >> ~/.bashrc && \
+    touch ~/.sudo_as_admin_successful && \
+    mkdir -p ~/dev_venv && \
+    mkdir -p ~/.cache
+
+WORKDIR ${SRC_DIR}
 
 CMD ["/bin/bash"]