release-image: Remap UID within the image before handling $DOCKER_USER (#2223)

If do not update the UID within the passwd database to match whatever
uid the container is being ran as, then sudo will not work when renaming
the user to match $DOCKER_USER as it will complain about the current
user being non-existent.

Author: nhooyr

ci/release-image/entrypoint.sh

@@ -1,7 +1,11 @@
 #!/bin/sh
 set -eu
 
-if [ "${DOCKER_USER-}" ] && [ "$DOCKER_USER" != "$USER" ]; then
+# We do this first to ensure sudo works below when renaming the user.
+# Otherwise the current container UID may not exist in the passwd database.
+eval "$(fixuid -q)"
+
+if [ "${DOCKER_USER-}" ]; then
   echo "$DOCKER_USER ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/nopasswd > /dev/null
   # Unfortunately we cannot change $HOME as we cannot move any bind mounts
   # nor can we bind mount $HOME into a new home as that requires a privileged container.
@@ -11,7 +15,6 @@ if [ "${DOCKER_USER-}" ] && [ "$DOCKER_USER" != "$USER" ]; then
   USER="$DOCKER_USER"
 
   sudo sed -i "/coder/d" /etc/sudoers.d/nopasswd
-  sudo sed -i "s/coder/$DOCKER_USER/g" /etc/fixuid/config.yml
 fi
 
-dumb-init fixuid -q /usr/bin/code-server "$@"
+dumb-init /usr/bin/code-server "$@"