Provide non-root docker build

[HendrikSchrieber]

What problem are you facing?

I am trying to run pre-commit hooks using the provided docker image by using a local-repository as described here: https://pre-commit.com/#docker_image.

I have set up my docker installation to run rootless because of security concerns: https://docs.docker.com/engine/security/rootless/. Therefore, when trying to run the tflint pre-commit hook, I face the following error:
Container must run as root. Use environment variable USERID to set user.

As far as I can see, it is not possible to set environment variables when running pre-commit hooks.

How could pre-commit-terraform help solve your problem?

I believe the problem can be solved by providing a docker image build with a non-root user (default usually is 1000:1000) set. This build can be tagged with a special tag like "v1.xx.x-nonroot" or "v1.xx.x-rootless" as used by other projects. Then it would not be necessary to pass environment variables. This solution might not work in all cases, e.g. if a user has a different user id. But as 1000 is the default user id in most systems, I think it should work for most users.

[yermulnik]

As far as I can see, it is not possible to set environment variables when running pre-commit hooks.

How do you run pre-commit-terraform Docker container?
You need to run it the way it is outlined at https://github.com/antonbabenko/pre-commit-terraform#docker-usage

[HendrikSchrieber]

I would like to use it in a pre-commit hook by providing a local repository and using the docker_image language type so I do not have to make sure to install tflint on every developer machine.

I do not quite understand why I should run the image via docker directly. How can this be automated with git hooks?

[yermulnik]

@HendrikSchrieber You'll then probably need to figure out the way for Docker container to read-write access files on host system w/o passing host's user UID/GID to it.

[MaxymVlasov]

Related to #418