[derriz]

If you run in your container as a non-root user, it makes working with volumes a pain. Who knows what the container user UID will map to on the host and whether this host user, if any, will have permissions to access files in the volume.

Otherwise you can hard code a UID when creating the user in the Dockerfile but that means your containers aren't generally portable.

In the end, the path of least resistance is to run as root within the container and simply accept the security implications if using volumes.

[budhajeewa]

In the Dockerfile, get UID and GID as ARGs, and make sure those variables are available in your host environment. Then when creating the user in Dockerfile, use that UID and GID. Volumes will work like a charm.

That's what I am doing for local development setups with Docker.

See https://github.com/a2way-com/template-docker-laravel/blob/ma... and its README.

[hbogert]

That means your docker file is portable, but your images are not, which is what your parent is referring to. It's a friggin mess. It's still the same as when I started using docker.