From 02cae2e61ea61a8b6f840a18ef7bacbbfcd0a8d8 Mon Sep 17 00:00:00 2001 From: jdiamond Date: Thu, 25 Jul 2024 04:47:44 +0000 Subject: [PATCH 1/3] Add example runArgs to devcountainer to access serial port. --- .devcontainer/devcontainer.json | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index f77dc4de4a..b367752d91 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -12,6 +12,13 @@ } }, + // To give the container access to a device serial port, you can uncomment one of the following lines. + // You can explicitly forward the port. The docker user needs to be able to access this port, and this will only work + // if the device is plugged in from the start without reconnecting. + // "runArgs": ["--device=/dev/ttyACM0", "--group-add", "dialout"], + // Alternatively, you can give more comprehensive access to the host system. + // "runArgs": ["--privileged", "-v", "/dev/bus/usb:/dev/bus/usb", "--group-add", "dialout"], + // Set *default* container specific settings.json values on container create. "settings": { "terminal.integrated.shell.linux": "/bin/bash", From 10fdf464102fe1d415040e3604150de9af91da1e Mon Sep 17 00:00:00 2001 From: jdiamond Date: Mon, 29 Jul 2024 17:34:10 +0000 Subject: [PATCH 2/3] Clarify security implicatations. --- .devcontainer/devcontainer.json | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index b367752d91..305236c910 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -13,10 +13,16 @@ }, // To give the container access to a device serial port, you can uncomment one of the following lines. - // You can explicitly forward the port. The docker user needs to be able to access this port, and this will only work - // if the device is plugged in from the start without reconnecting. + // + // You can explicitly just forward the port you want to connect to. Replace `/dev/ttyACM0` with the serial port for + // your device. This will only work if the device is plugged in from the start without reconnecting. Adding the + // `dialout` group is needed if read/write permisions for the port are limitted to the dialout user. // "runArgs": ["--device=/dev/ttyACM0", "--group-add", "dialout"], - // Alternatively, you can give more comprehensive access to the host system. + // + // Alternatively, you can give more comprehensive access to the host system. This will expose all the host devices to + // the container. Adding the `dialout` group is needed if read/write permisions for the port are limitted to the + // dialout user. This could allow the container to modify unrelated serial devices, which would be a similar level of + // risk to running the build directly on the host. // "runArgs": ["--privileged", "-v", "/dev/bus/usb:/dev/bus/usb", "--group-add", "dialout"], // Set *default* container specific settings.json values on container create. From 050f7ebddfae349339f27c475d5e44458bb9da82 Mon Sep 17 00:00:00 2001 From: jdiamond Date: Mon, 29 Jul 2024 18:00:46 +0000 Subject: [PATCH 3/3] Add note for Windows. --- .devcontainer/devcontainer.json | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 305236c910..2a8e4712d0 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -13,6 +13,8 @@ }, // To give the container access to a device serial port, you can uncomment one of the following lines. + // Note: If running on Windows, you will have to do some additional steps: + // https://stackoverflow.com/questions/68527888/how-can-i-use-a-usb-com-port-inside-of-a-vscode-development-container // // You can explicitly just forward the port you want to connect to. Replace `/dev/ttyACM0` with the serial port for // your device. This will only work if the device is plugged in from the start without reconnecting. Adding the