From e02766826699af854df1508802431dacd5f711fc Mon Sep 17 00:00:00 2001
From: Kurt von Laven <kurt.von.laven@gmail.com>
Date: Thu, 20 Oct 2022 00:16:54 -0700
Subject: [PATCH] Run Docker container as current user (#1975)

Previously, mega-linter-runner ran the MegaLinter Docker image as root.
Users whose files became owned by root as a consequence of this
behavior will need to chown them to be owned by the appropriate user.
This change only affects POSIX platforms, because process.getuid and
process.getgid are only available there.
---
 CHANGELOG.md                     | 1 +
 mega-linter-runner/lib/runner.js | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 380a6b26a57..242272827ad 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-linter.yml file, or with `oxsecurity/megalinter:beta` docker image
 
+- Run Docker container as current user rather than root ([#1975](https://github.com/oxsecurity/megalinter/issues/1975))
 - Remove default npm-groovy-lint extra arguments ([#1872](https://github.com/oxsecurity/megalinter/issues/1872))
 
 - Linter versions upgrades
diff --git a/mega-linter-runner/lib/runner.js b/mega-linter-runner/lib/runner.js
index 3654bb56663..df866b391d7 100644
--- a/mega-linter-runner/lib/runner.js
+++ b/mega-linter-runner/lib/runner.js
@@ -4,6 +4,7 @@ const optionsDefinition = require("./options");
 const { spawnSync } = require("child_process");
 const c = require("chalk");
 const path = require("path");
+const { getgid, getuid } = require("process");
 const which = require("which");
 const fs = require("fs-extra");
 const { MegaLinterUpgrader } = require("./upgrade");
@@ -127,6 +128,9 @@ ERROR: Docker engine has not been found on your system.
     if (options["containerName"]) {
       commandArgs.push(...["--name", options["containerName"]]);
     }
+    if (getuid && getgid) {
+      commandArgs.push(...["--user", `${getuid()}:${getgid()}`]);
+    }
     commandArgs.push(...["-v", "/var/run/docker.sock:/var/run/docker.sock:rw"]);
     commandArgs.push(...["-v", `${lintPath}:/tmp/lint:rw`]);
     if (options.fix === true) {