diff --git a/script-library/README.md b/script-library/README.md
index 5700356c83..20d771452d 100644
--- a/script-library/README.md
+++ b/script-library/README.md
@@ -16,10 +16,10 @@ Some scripts have special installation instructions (like `desktop-lite-debian.s
|----------|--------|------------|
| [AWS CLI Install Script](docs/awscli.md) | `awscli-debian.sh` | VS Code and GitHub Codespaces teams |
| [Azure CLI Install Script](docs/azcli.md) | `azcli-debian.sh` | VS Code and GitHub Codespaces teams |
-| [Common Script](docs/common.md) | `common-debian.sh`
`common-alpine.sh`
`common-redhat.sh` (Community) | VS Code and GitHub Codespaces teams |
+| [Common Script](docs/common.md) | `common-debian.sh`
`common-alpine.sh`
`common-redhat.sh` (Community)
`common-gentoo.sh` (Community) | VS Code and GitHub Codespaces teams |
| [Desktop (Lightweight) Install Script](docs/desktop-lite.md) | `desktop-lite-debian.sh` | VS Code and GitHub Codespaces teams|
| [Docker-in-Docker Install Script](docs/docker-in-docker.md) | `docker-in-docker-debian.sh` | VS Code and GitHub Codespaces teams |
-| [Docker-from-Docker Install Script](docs/docker.md) | `docker-debian.sh`
`docker-redhat.sh` (Community) | VS Code and GitHub Codespaces teams, [@smankoo](https://github.com/smankoo) (`docker-redhat.sh`) |
+| [Docker-from-Docker Install Script](docs/docker.md) | `docker-debian.sh`
`docker-redhat.sh` (Community)
`docker-gentoo.sh` (Community) | VS Code and GitHub Codespaces teams, [@smankoo](https://github.com/smankoo) (`docker-redhat.sh`) |
| [Dotnet Install Script](docs/dotnet.md) | `dotnet-debian.sh` | VS Code and GitHub Codespaces teams |
| [fish Install Script](docs/fish.md) | `fish-debian.sh` (Community) | [@andreiborisov](https://github.com/andreiborisov) |
| [Git Build/Install from Source Script](docs/git-from-src.md) | `git-from-src-debian.sh` | VS Code and GitHub Codespaces teams|
@@ -79,6 +79,14 @@ RUN bash /tmp/library-scripts/common-redhat.sh \
&& yum clean all && rm -rf /tmp/library-scripts
```
+**Gentoo**
+
+```Dockerfile
+COPY library-scripts/*.sh /tmp/library-scripts/
+RUN ash /tmp/library-scripts/common-gentoo.sh \
+ && rm -rf /tmp/library-scripts
+```
+
Note that the CI process for this repository will automatically keep scripts in the `.devcontainers/library-scripts` folder up to date for each definition in the `containers` folder.
### Downloading the script with curl / wget instead
diff --git a/script-library/common-gentoo.sh b/script-library/common-gentoo.sh
new file mode 100644
index 0000000000..31b2f42fd9
--- /dev/null
+++ b/script-library/common-gentoo.sh
@@ -0,0 +1,419 @@
+#!/usr/bin/env bash
+#-------------------------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
+#-------------------------------------------------------------------------------------------------------------
+#
+# Docs: https://github.com/microsoft/vscode-dev-containers/blob/main/script-library/docs/common.md
+# Maintainer: The VS Code and Codespaces Teams
+#
+# Syntax: ./common-gentoo.sh [install zsh flag] [username] [user UID] [user GID] [upgrade packages flag] [install Oh My Zsh! flag]
+
+set -e
+
+INSTALL_ZSH=${1:-"true"}
+USERNAME=${2:-"automatic"}
+USER_UID=${3:-"automatic"}
+USER_GID=${4:-"automatic"}
+UPGRADE_PACKAGES=${5:-"true"}
+INSTALL_OH_MYS=${6:-"true"}
+ADD_NON_FREE_PACKAGES=${7:-"false"}
+SCRIPT_DIR="$(cd $(dirname "${BASH_SOURCE[0]}") && pwd)"
+MARKER_FILE="/usr/local/etc/vscode-dev-containers/common"
+
+if [ "$(id -u)" -ne 0 ]; then
+ echo -e 'Script must be run as root. Use sudo, su, or add "USER root" to your Dockerfile before running this script.'
+ exit 1
+fi
+
+# Ensure that login shells get the correct path if the user updated the PATH using ENV.
+rm -f /etc/profile.d/00-restore-env.sh
+echo "export PATH=${PATH//$(sh -lc 'echo $PATH')/\$PATH}" > /etc/profile.d/00-restore-env.sh
+chmod +x /etc/profile.d/00-restore-env.sh
+
+# If in automatic mode, determine if a user already exists, if not use vscode
+if [ "${USERNAME}" = "auto" ] || [ "${USERNAME}" = "automatic" ]; then
+ USERNAME=""
+ POSSIBLE_USERS=("vscode" "node" "codespace" "$(awk -v val=1000 -F ":" '$3==val{print $1}' /etc/passwd)")
+ for CURRENT_USER in ${POSSIBLE_USERS[@]}; do
+ if id -u ${CURRENT_USER} > /dev/null 2>&1; then
+ USERNAME=${CURRENT_USER}
+ break
+ fi
+ done
+ if [ "${USERNAME}" = "" ]; then
+ USERNAME=vscode
+ fi
+elif [ "${USERNAME}" = "none" ]; then
+ USERNAME=root
+ USER_UID=0
+ USER_GID=0
+fi
+
+# Load markers to see which steps have already run
+if [ -f "${MARKER_FILE}" ]; then
+ echo "Marker file found:"
+ cat "${MARKER_FILE}"
+ source "${MARKER_FILE}"
+fi
+
+# Run install apt-utils to avoid debconf warning then verify presence of other common developer tools and dependencies
+if [ "${PACKAGES_ALREADY_INSTALLED}" != "true" ]; then
+
+ # Need for repo_path on develop environment.
+ gentoo_repo_path=$(portageq get_repo_path / gentoo)
+ if [ ! -d $gentoo_repo_path ] ; then
+ mkdir $gentoo_repo_path
+ fi
+
+ echo '# [Unable to unshare: EPERM](https://github.com/gentoo/gentoo-docker-images/issues/81)' >> /etc/portage/make.conf
+ echo 'FEATURES="$FEATURES -ipc-sandbox -network-sandbox -pid-sandbox"' >> /etc/portage/make.conf
+
+ emerge-webrsync
+ # libstdc++ is testing package,
+ echo sys-libs/libstdc++-v3 >> /etc/portage/package.accept_keywords/libsdtc
+ package_list="\
+ net-misc/openssh \
+ app-crypt/gnupg \
+ sys-apps/iproute2 \
+ sys-process/procps \
+ sys-process/lsof \
+ sys-process/htop \
+ sys-apps/net-tools \
+ sys-process/psmisc \
+ net-misc/curl \
+ net-misc/wget \
+ net-misc/rsync \
+ app-misc/ca-certificates \
+ app-arch/unzip \
+ app-arch/zip \
+ app-editors/nano \
+ app-editors/vim \
+ sys-apps/less \
+ app-misc/jq \
+ sys-apps/lsb-release \
+ dev-util/dialog \
+ sys-libs/glibc \
+ app-crypt/mit-krb5 \
+ dev-libs/icu \
+ dev-util/lttng-ust \
+ sys-libs/libstdc++-v3 \
+ sys-libs/zlib \
+ app-admin/sudo \
+ sys-fs/ncdu \
+ sys-apps/man-db \
+ dev-util/strace \
+ sys-apps/man-pages \
+ sys-apps/init-system-helpers
+ "
+
+ # Install libssl1.1 if available
+ if qlist -IRv dev-libs/openssl-1.1.10 >/dev/null 2>&1; then
+ echo "~dev-libs/openssl-1.1.10::gentoo" >> /etc/portage/package.mask/openssl
+ package_list="${package_list} dev-libs/openssl"
+ fi
+
+ echo "Packages to verify are installed: ${package_list}"
+ emerge ${package_list}
+
+ # Install git if not already installed (may be more recent than distro version)
+ if ! type git > /dev/null 2>&1; then
+ emerge dev-vcs/git
+ fi
+
+ PACKAGES_ALREADY_INSTALLED="true"
+fi
+
+# Get to latest versions of all packages
+if [ "${UPGRADE_PACKAGES}" = "true" ]; then
+ emerge -uD @world
+ emerge --depclean
+fi
+
+# Ensure at least the en_US.UTF-8 UTF-8 locale is available.
+# Common need for both applications and things like the agnoster ZSH theme.
+if [ "${LOCALE_ALREADY_SET}" != "true" ] && ! grep -o -E '^\s*en_US.UTF-8\s+UTF-8' /etc/locale.gen > /dev/null; then
+ echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
+ locale-gen
+ LOCALE_ALREADY_SET="true"
+fi
+
+# Create or update a non-root user to match UID/GID.
+group_name="${USERNAME}"
+if id -u ${USERNAME} > /dev/null 2>&1; then
+ # User exists, update if needed
+ if [ "${USER_GID}" != "automatic" ] && [ "$USER_GID" != "$(id -g $USERNAME)" ]; then
+ group_name="$(id -gn $USERNAME)"
+ groupmod --gid $USER_GID ${group_name}
+ usermod --gid $USER_GID $USERNAME
+ fi
+ if [ "${USER_UID}" != "automatic" ] && [ "$USER_UID" != "$(id -u $USERNAME)" ]; then
+ usermod --uid $USER_UID $USERNAME
+ fi
+else
+ # Create user
+ if [ "${USER_GID}" = "automatic" ]; then
+ groupadd $USERNAME
+ else
+ groupadd --gid $USER_GID $USERNAME
+ fi
+
+ # Sometimes, Gentoo does not have MAIDIR( default value /var/spool/mail) directory.
+ mail_dir=$(grep -E "^MAIL_DIR" /etc/login.defs | rev | cut -f 1 | rev)
+ if [ ! -d $mail_dir ] ; then
+ mkdir $mail_dir
+ fi
+
+ # Gentoo default, mail group does not exists.
+ if ! getent group mail > /dev/null; then
+ groupadd mail
+ fi
+
+ if [ "${USER_UID}" = "automatic" ]; then
+ useradd -s /bin/bash --gid $USERNAME -m $USERNAME
+ else
+ useradd -s /bin/bash --uid $USER_UID --gid $USERNAME -m $USERNAME
+ fi
+fi
+
+# Add add sudo support for non-root user
+if [ "${USERNAME}" != "root" ] && [ "${EXISTING_NON_ROOT_USER}" != "${USERNAME}" ]; then
+ echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME
+ chmod 0440 /etc/sudoers.d/$USERNAME
+ EXISTING_NON_ROOT_USER="${USERNAME}"
+fi
+
+# ** Shell customization section **
+if [ "${USERNAME}" = "root" ]; then
+ user_rc_path="/root"
+else
+ user_rc_path="/home/${USERNAME}"
+fi
+
+# Restore user .bashrc defaults from skeleton file if it doesn't exist or is empty
+if [ ! -f "${user_rc_path}/.bashrc" ] || [ ! -s "${user_rc_path}/.bashrc" ] ; then
+ cp /etc/skel/.bashrc "${user_rc_path}/.bashrc"
+fi
+
+# .bashrc/.zshrc snippet
+rc_snippet="$(cat << 'EOF'
+
+if [ -z "${USER}" ]; then export USER=$(whoami); fi
+if [[ "${PATH}" != *"$HOME/.local/bin"* ]]; then export PATH="${PATH}:$HOME/.local/bin"; fi
+
+# Display optional first run image specific notice if configured and terminal is interactive
+if [ -t 1 ] && [[ "${TERM_PROGRAM}" = "vscode" || "${TERM_PROGRAM}" = "codespaces" ]] && [ ! -f "$HOME/.config/vscode-dev-containers/first-run-notice-already-displayed" ]; then
+ if [ -f "/usr/local/etc/vscode-dev-containers/first-run-notice.txt" ]; then
+ cat "/usr/local/etc/vscode-dev-containers/first-run-notice.txt"
+ elif [ -f "/workspaces/.codespaces/shared/first-run-notice.txt" ]; then
+ cat "/workspaces/.codespaces/shared/first-run-notice.txt"
+ fi
+ mkdir -p "$HOME/.config/vscode-dev-containers"
+ # Mark first run notice as displayed after 10s to avoid problems with fast terminal refreshes hiding it
+ ((sleep 10s; touch "$HOME/.config/vscode-dev-containers/first-run-notice-already-displayed") &)
+fi
+
+# Set the default git editor if not already set
+if [ -z "$(git config --get core.editor)" ] && [ -z "${GIT_EDITOR}" ]; then
+ if [ "${TERM_PROGRAM}" = "vscode" ]; then
+ if [[ -n $(command -v code-insiders) && -z $(command -v code) ]]; then
+ export GIT_EDITOR="code-insiders --wait"
+ else
+ export GIT_EDITOR="code --wait"
+ fi
+ fi
+fi
+
+EOF
+)"
+
+# code shim, it fallbacks to code-insiders if code is not available
+cat << 'EOF' > /usr/local/bin/code
+#!/bin/sh
+
+get_in_path_except_current() {
+ which -a "$1" | grep -A1 "$0" | grep -v "$0"
+}
+
+code="$(get_in_path_except_current code)"
+
+if [ -n "$code" ]; then
+ exec "$code" "$@"
+elif [ "$(command -v code-insiders)" ]; then
+ exec code-insiders "$@"
+else
+ echo "code or code-insiders is not installed" >&2
+ exit 127
+fi
+EOF
+chmod +x /usr/local/bin/code
+
+# systemctl shim - tells people to use 'service' if systemd is not running
+cat << 'EOF' > /usr/local/bin/systemctl
+#!/bin/sh
+set -e
+if [ -d "/run/systemd/system" ]; then
+ exec /bin/systemctl/systemctl "$@"
+else
+ echo '\n"systemd" is not running in this container due to its overhead.\nUse the "service" command to start services instead. e.g.: \n\nservice --status-all'
+fi
+EOF
+chmod +x /usr/local/bin/systemctl
+
+# Codespaces bash and OMZ themes - partly inspired by https://github.com/ohmyzsh/ohmyzsh/blob/master/themes/robbyrussell.zsh-theme
+codespaces_bash="$(cat \
+<<'EOF'
+
+# Codespaces bash prompt theme
+__bash_prompt() {
+ local userpart='`export XIT=$? \
+ && [ ! -z "${GITHUB_USER}" ] && echo -n "\[\033[0;32m\]@${GITHUB_USER} " || echo -n "\[\033[0;32m\]\u " \
+ && [ "$XIT" -ne "0" ] && echo -n "\[\033[1;31m\]➜" || echo -n "\[\033[0m\]➜"`'
+ local gitbranch='`\
+ if [ "$(git config --get codespaces-theme.hide-status 2>/dev/null)" != 1 ]; then \
+ export BRANCH=$(git symbolic-ref --short HEAD 2>/dev/null || git rev-parse --short HEAD 2>/dev/null); \
+ if [ "${BRANCH}" != "" ]; then \
+ echo -n "\[\033[0;36m\](\[\033[1;31m\]${BRANCH}" \
+ && if git ls-files --error-unmatch -m --directory --no-empty-directory -o --exclude-standard ":/*" > /dev/null 2>&1; then \
+ echo -n " \[\033[1;33m\]✗"; \
+ fi \
+ && echo -n "\[\033[0;36m\]) "; \
+ fi; \
+ fi`'
+ local lightblue='\[\033[1;34m\]'
+ local removecolor='\[\033[0m\]'
+ PS1="${userpart} ${lightblue}\w ${gitbranch}${removecolor}\$ "
+ unset -f __bash_prompt
+}
+__bash_prompt
+
+EOF
+)"
+
+codespaces_zsh="$(cat \
+<<'EOF'
+# Codespaces zsh prompt theme
+__zsh_prompt() {
+ local prompt_username
+ if [ ! -z "${GITHUB_USER}" ]; then
+ prompt_username="@${GITHUB_USER}"
+ else
+ prompt_username="%n"
+ fi
+ PROMPT="%{$fg[green]%}${prompt_username} %(?:%{$reset_color%}➜ :%{$fg_bold[red]%}➜ )" # User/exit code arrow
+ PROMPT+='%{$fg_bold[blue]%}%(5~|%-1~/…/%3~|%4~)%{$reset_color%} ' # cwd
+ PROMPT+='$([ "$(git config --get codespaces-theme.hide-status 2>/dev/null)" != 1 ] && git_prompt_info)' # Git status
+ PROMPT+='%{$fg[white]%}$ %{$reset_color%}'
+ unset -f __zsh_prompt
+}
+ZSH_THEME_GIT_PROMPT_PREFIX="%{$fg_bold[cyan]%}(%{$fg_bold[red]%}"
+ZSH_THEME_GIT_PROMPT_SUFFIX="%{$reset_color%} "
+ZSH_THEME_GIT_PROMPT_DIRTY=" %{$fg_bold[yellow]%}✗%{$fg_bold[cyan]%})"
+ZSH_THEME_GIT_PROMPT_CLEAN="%{$fg_bold[cyan]%})"
+__zsh_prompt
+
+EOF
+)"
+
+# Add RC snippet and custom bash prompt
+if [ "${RC_SNIPPET_ALREADY_ADDED}" != "true" ]; then
+ echo "${rc_snippet}" >> /etc/bash.bashrc
+ echo "${codespaces_bash}" >> "${user_rc_path}/.bashrc"
+ echo 'export PROMPT_DIRTRIM=4' >> "${user_rc_path}/.bashrc"
+ if [ "${USERNAME}" != "root" ]; then
+ echo "${codespaces_bash}" >> "/root/.bashrc"
+ echo 'export PROMPT_DIRTRIM=4' >> "/root/.bashrc"
+ fi
+ chown ${USERNAME}:${group_name} "${user_rc_path}/.bashrc"
+ RC_SNIPPET_ALREADY_ADDED="true"
+fi
+
+# Optionally install and configure zsh and Oh My Zsh!
+if [ "${INSTALL_ZSH}" = "true" ]; then
+ if ! type zsh > /dev/null 2>&1; then
+ emerge app-shells/zsh
+ fi
+ if [ "${ZSH_ALREADY_INSTALLED}" != "true" ]; then
+ echo "${rc_snippet}" >> /etc/zsh/zshrc
+ ZSH_ALREADY_INSTALLED="true"
+ fi
+
+ # Adapted, simplified inline Oh My Zsh! install steps that adds, defaults to a codespaces theme.
+ # See https://github.com/ohmyzsh/ohmyzsh/blob/master/tools/install.sh for official script.
+ oh_my_install_dir="${user_rc_path}/.oh-my-zsh"
+ if [ ! -d "${oh_my_install_dir}" ] && [ "${INSTALL_OH_MYS}" = "true" ]; then
+ template_path="${oh_my_install_dir}/templates/zshrc.zsh-template"
+ user_rc_file="${user_rc_path}/.zshrc"
+ umask g-w,o-w
+ mkdir -p ${oh_my_install_dir}
+ git clone --depth=1 \
+ -c core.eol=lf \
+ -c core.autocrlf=false \
+ -c fsck.zeroPaddedFilemode=ignore \
+ -c fetch.fsck.zeroPaddedFilemode=ignore \
+ -c receive.fsck.zeroPaddedFilemode=ignore \
+ "https://github.com/ohmyzsh/ohmyzsh" "${oh_my_install_dir}" 2>&1
+ echo -e "$(cat "${template_path}")\nDISABLE_AUTO_UPDATE=true\nDISABLE_UPDATE_PROMPT=true" > ${user_rc_file}
+ sed -i -e 's/ZSH_THEME=.*/ZSH_THEME="codespaces"/g' ${user_rc_file}
+
+ mkdir -p ${oh_my_install_dir}/custom/themes
+ echo "${codespaces_zsh}" > "${oh_my_install_dir}/custom/themes/codespaces.zsh-theme"
+ # Shrink git while still enabling updates
+ cd "${oh_my_install_dir}"
+ git repack -a -d -f --depth=1 --window=1
+ # Copy to non-root user if one is specified
+ if [ "${USERNAME}" != "root" ]; then
+ cp -rf "${user_rc_file}" "${oh_my_install_dir}" /root
+ chown -R ${USERNAME}:${group_name} "${user_rc_path}"
+ fi
+ fi
+fi
+
+# Persist image metadata info, script if meta.env found in same directory
+meta_info_script="$(cat << 'EOF'
+#!/bin/sh
+. /usr/local/etc/vscode-dev-containers/meta.env
+
+# Minimal output
+if [ "$1" = "version" ] || [ "$1" = "image-version" ]; then
+ echo "${VERSION}"
+ exit 0
+elif [ "$1" = "release" ]; then
+ echo "${GIT_REPOSITORY_RELEASE}"
+ exit 0
+elif [ "$1" = "content" ] || [ "$1" = "content-url" ] || [ "$1" = "contents" ] || [ "$1" = "contents-url" ]; then
+ echo "${CONTENTS_URL}"
+ exit 0
+fi
+
+#Full output
+echo
+echo "Development container image information"
+echo
+if [ ! -z "${VERSION}" ]; then echo "- Image version: ${VERSION}"; fi
+if [ ! -z "${DEFINITION_ID}" ]; then echo "- Definition ID: ${DEFINITION_ID}"; fi
+if [ ! -z "${VARIANT}" ]; then echo "- Variant: ${VARIANT}"; fi
+if [ ! -z "${GIT_REPOSITORY}" ]; then echo "- Source code repository: ${GIT_REPOSITORY}"; fi
+if [ ! -z "${GIT_REPOSITORY_RELEASE}" ]; then echo "- Source code release/branch: ${GIT_REPOSITORY_RELEASE}"; fi
+if [ ! -z "${BUILD_TIMESTAMP}" ]; then echo "- Timestamp: ${BUILD_TIMESTAMP}"; fi
+if [ ! -z "${CONTENTS_URL}" ]; then echo && echo "More info: ${CONTENTS_URL}"; fi
+echo
+EOF
+)"
+if [ -f "${SCRIPT_DIR}/meta.env" ]; then
+ mkdir -p /usr/local/etc/vscode-dev-containers/
+ cp -f "${SCRIPT_DIR}/meta.env" /usr/local/etc/vscode-dev-containers/meta.env
+ echo "${meta_info_script}" > /usr/local/bin/devcontainer-info
+ chmod +x /usr/local/bin/devcontainer-info
+fi
+
+# Write marker file
+mkdir -p "$(dirname "${MARKER_FILE}")"
+echo -e "\
+ PACKAGES_ALREADY_INSTALLED=${PACKAGES_ALREADY_INSTALLED}\n\
+ LOCALE_ALREADY_SET=${LOCALE_ALREADY_SET}\n\
+ EXISTING_NON_ROOT_USER=${EXISTING_NON_ROOT_USER}\n\
+ RC_SNIPPET_ALREADY_ADDED=${RC_SNIPPET_ALREADY_ADDED}\n\
+ ZSH_ALREADY_INSTALLED=${ZSH_ALREADY_INSTALLED}" > "${MARKER_FILE}"
+
+echo "Done!"
diff --git a/script-library/docker-gentoo.sh b/script-library/docker-gentoo.sh
new file mode 100755
index 0000000000..fc411d1498
--- /dev/null
+++ b/script-library/docker-gentoo.sh
@@ -0,0 +1,190 @@
+#!/usr/bin/env bash
+#-------------------------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
+#-------------------------------------------------------------------------------------------------------------
+#
+# Docs: https://github.com/microsoft/vscode-dev-containers/blob/main/script-library/docs/docker.md
+# Maintainer: The VS Code and Codespaces Teams
+#
+# Syntax: ./docker-gentoo.sh [enable non-root docker socket access flag] [source socket] [target socket] [non-root user] [use moby] [CLI version] [Major version for docker-compose]
+
+ENABLE_NONROOT_DOCKER=${1:-"true"}
+SOURCE_SOCKET=${2:-"/var/run/docker-host.sock"}
+TARGET_SOCKET=${3:-"/var/run/docker.sock"}
+USERNAME=${4:-"automatic"}
+
+set -e
+
+if [ "$(id -u)" -ne 0 ]; then
+ echo -e 'Script must be run as root. Use sudo, su, or add "USER root" to your Dockerfile before running this script.'
+ exit 1
+fi
+
+# Determine the appropriate non-root user
+if [ "${USERNAME}" = "auto" ] || [ "${USERNAME}" = "automatic" ]; then
+ USERNAME=""
+ POSSIBLE_USERS=("vscode" "node" "codespace" "$(awk -v val=1000 -F ":" '$3==val{print $1}' /etc/passwd)")
+ for CURRENT_USER in ${POSSIBLE_USERS[@]}; do
+ if id -u ${CURRENT_USER} > /dev/null 2>&1; then
+ USERNAME=${CURRENT_USER}
+ break
+ fi
+ done
+ if [ "${USERNAME}" = "" ]; then
+ USERNAME=root
+ fi
+elif [ "${USERNAME}" = "none" ] || ! id -u ${USERNAME} > /dev/null 2>&1; then
+ USERNAME=root
+fi
+
+# Figure out correct version of a three part version number is not passed
+find_version_from_git_tags() {
+ local variable_name=$1
+ local requested_version=${!variable_name}
+ if [ "${requested_version}" = "none" ]; then return; fi
+ local repository=$2
+ local prefix=${3:-"tags/v"}
+ local separator=${4:-"."}
+ local last_part_optional=${5:-"false"}
+ if [ "$(echo "${requested_version}" | grep -o "." | wc -l)" != "2" ]; then
+ local escaped_separator=${separator//./\\.}
+ local last_part
+ if [ "${last_part_optional}" = "true" ]; then
+ last_part="(${escaped_separator}[0-9]+)?"
+ else
+ last_part="${escaped_separator}[0-9]+"
+ fi
+ local regex="${prefix}\\K[0-9]+${escaped_separator}[0-9]+${last_part}$"
+ local version_list="$(git ls-remote --tags ${repository} | grep -oP "${regex}" | tr -d ' ' | tr "${separator}" "." | sort -rV)"
+ if [ "${requested_version}" = "latest" ] || [ "${requested_version}" = "current" ] || [ "${requested_version}" = "lts" ]; then
+ declare -g ${variable_name}="$(echo "${version_list}" | head -n 1)"
+ else
+ set +e
+ declare -g ${variable_name}="$(echo "${version_list}" | grep -E -m 1 "^${requested_version//./\\.}([\\.\\s]|$)")"
+ set -e
+ fi
+ fi
+ if [ -z "${!variable_name}" ] || ! echo "${version_list}" | grep "^${!variable_name//./\\.}$" > /dev/null 2>&1; then
+ echo -e "Invalid ${variable_name} value: ${requested_version}\nValid values:\n${version_list}" >&2
+ exit 1
+ fi
+ echo "${variable_name}=${!variable_name}"
+}
+
+# Source /etc/os-release to get OS info
+. /etc/os-release
+
+# Refresh portage lists
+emerge-webrsync
+
+# Install Docker if not already installed
+if type docker > /dev/null 2>&1; then
+ echo "Docker CLI already installed."
+else
+ emerge app-containers/docker-cli
+fi
+
+# Install Docker Compose if not already installed.
+if type docker-compose > /dev/null 2>&1; then
+ echo "Docker Compose already installed."
+else
+ compose_v1_version="1"
+ echo "Gentoo docker-compose stable branch only version ${compose_v1_version}"
+ echo "(*) Installing docker-compose ${compose_v1_version}..."
+ emerge app-containers/docker-compose
+fi
+
+# If init file already exists, exit
+if [ -f "/usr/local/share/docker-init.sh" ]; then
+ exit 0
+fi
+echo "docker-init doesnt exist, adding..."
+
+# By default, make the source and target sockets the same
+if [ "${SOURCE_SOCKET}" != "${TARGET_SOCKET}" ]; then
+ touch "${SOURCE_SOCKET}"
+ ln -s "${SOURCE_SOCKET}" "${TARGET_SOCKET}"
+fi
+
+# Add a stub if not adding non-root user access, user is root
+if [ "${ENABLE_NONROOT_DOCKER}" = "false" ] || [ "${USERNAME}" = "root" ]; then
+ echo -e '#!/usr/bin/env bash\nexec "$@"' > /usr/local/share/docker-init.sh
+ chmod +x /usr/local/share/docker-init.sh
+ exit 0
+fi
+
+# Setup a docker group in the event the docker socket's group is not root
+if ! grep -qE '^docker:' /etc/group; then
+ groupadd --system docker
+fi
+usermod -aG docker "${USERNAME}"
+DOCKER_GID="$(grep -oP '^docker:x:\K[^:]+' /etc/group)"
+
+# If enabling non-root access and specified user is found, setup socat and add script
+chown -h "${USERNAME}":root "${TARGET_SOCKET}"
+if ! dpkg -s socat > /dev/null 2>&1; then
+ emerge net-misc/socat
+fi
+tee /usr/local/share/docker-init.sh > /dev/null \
+<< EOF
+#!/usr/bin/env bash
+#-------------------------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
+#-------------------------------------------------------------------------------------------------------------
+
+set -e
+
+SOCAT_PATH_BASE=/tmp/vscr-docker-from-docker
+SOCAT_LOG=\${SOCAT_PATH_BASE}.log
+SOCAT_PID=\${SOCAT_PATH_BASE}.pid
+
+# Wrapper function to only use sudo if not already root
+sudoIf()
+{
+ if [ "\$(id -u)" -ne 0 ]; then
+ sudo "\$@"
+ else
+ "\$@"
+ fi
+}
+
+# Log messages
+log()
+{
+ echo -e "[\$(date)] \$@" | sudoIf tee -a \${SOCAT_LOG} > /dev/null
+}
+
+echo -e "\n** \$(date) **" | sudoIf tee -a \${SOCAT_LOG} > /dev/null
+log "Ensuring ${USERNAME} has access to ${SOURCE_SOCKET} via ${TARGET_SOCKET}"
+
+# If enabled, try to update the docker group with the right GID. If the group is root,
+# fall back on using socat to forward the docker socket to another unix socket so
+# that we can set permissions on it without affecting the host.
+if [ "${ENABLE_NONROOT_DOCKER}" = "true" ] && [ "${SOURCE_SOCKET}" != "${TARGET_SOCKET}" ] && [ "${USERNAME}" != "root" ] && [ "${USERNAME}" != "0" ]; then
+ SOCKET_GID=\$(stat -c '%g' ${SOURCE_SOCKET})
+ if [ "\${SOCKET_GID}" != "0" ] && [ "\${SOCKET_GID}" != "${DOCKER_GID}" ] && ! grep -E ".+:x:\${SOCKET_GID}" /etc/group; then
+ sudoIf groupmod --gid "\${SOCKET_GID}" docker
+ else
+ # Enable proxy if not already running
+ if [ ! -f "\${SOCAT_PID}" ] || ! ps -p \$(cat \${SOCAT_PID}) > /dev/null; then
+ log "Enabling socket proxy."
+ log "Proxying ${SOURCE_SOCKET} to ${TARGET_SOCKET} for vscode"
+ sudoIf rm -rf ${TARGET_SOCKET}
+ (sudoIf socat UNIX-LISTEN:${TARGET_SOCKET},fork,mode=660,user=${USERNAME} UNIX-CONNECT:${SOURCE_SOCKET} 2>&1 | sudoIf tee -a \${SOCAT_LOG} > /dev/null & echo "\$!" | sudoIf tee \${SOCAT_PID} > /dev/null)
+ else
+ log "Socket proxy already running."
+ fi
+ fi
+ log "Success"
+fi
+
+# Execute whatever commands were passed in (if any). This allows us
+# to set this script to ENTRYPOINT while still executing the default CMD.
+set +e
+exec "\$@"
+EOF
+chmod +x /usr/local/share/docker-init.sh
+chown ${USERNAME}:root /usr/local/share/docker-init.sh
+echo "Done!"
diff --git a/script-library/test/regression/gentoo/.devcontainer.json b/script-library/test/regression/gentoo/.devcontainer.json
new file mode 100644
index 0000000000..d0e63d5ea1
--- /dev/null
+++ b/script-library/test/regression/gentoo/.devcontainer.json
@@ -0,0 +1,23 @@
+{
+ "name": "Script Tester - Gentoo-Stage3",
+ "build": {
+ "dockerfile": "../Dockerfile",
+ "context": "../../../",
+ "args": {
+ "IMAGE_TO_TEST": "gentoo/stage3",
+ "DISTRO": "gentoo",
+ "USERNAME": "vscode"
+ }
+ },
+ "remoteUser": "vscode",
+ "workspaceMount": "source=${localWorkspaceFolder}/../../..,target=/workspace,type=bind",
+ "workspaceFolder": "/workspace",
+ "mounts": [ "source=/var/run/docker.sock,target=/var/run/docker-host.sock,type=bind" ],
+ "runArgs": ["--init", "--security-opt", "seccomp=unconfined"],
+ "overrideCommand": false,
+
+
+ "extensions": [
+ "ms-azuretools.vscode-docker"
+ ]
+}
diff --git a/script-library/test/regression/run-scripts.sh b/script-library/test/regression/run-scripts.sh
index 79ac06dec0..63e8376cb9 100755
--- a/script-library/test/regression/run-scripts.sh
+++ b/script-library/test/regression/run-scripts.sh
@@ -80,6 +80,13 @@ cat << EOF
EOF
+# Sometimes, gentoo does not havs /usr/local/share directory.
+if [ "${DISTRO}" = "gentoo" ]; then
+ if [ ! -d /usr/local/share ]; then
+ mkdir /usr/local/share
+ fi
+fi
+
# Add stub entrypoint scripts in the event RUN_ONE is set and not all of these would be executed
tee /usr/local/share/docker-init.sh /usr/local/share/ssh-init.sh > /usr/local/share/desktop-init.sh << 'EOF'
#!/bin/bash
diff --git a/script-library/test/regression/test.sh b/script-library/test/regression/test.sh
index 8a28b143f2..6d729b831d 100755
--- a/script-library/test/regression/test.sh
+++ b/script-library/test/regression/test.sh
@@ -30,6 +30,16 @@ else
dockerfile_path="test/regression/Dockerfile"
fi
+# gentoo log size is huge. require set custom log size.
+if [[ "${IMAGE_TO_TEST}" = *"gentoo"* ]]; then
+ # Ensure 1Gib log size
+ log_max_size=$(((2**10)**3))
+
+ # create builder instance for setting log size
+ builder_instance=$(docker buildx create --driver-opt env.BUILDKIT_STEP_LOG_MAX_SIZE=${log_max_size} --driver-opt env.BUILDKIT_STEP_LOG_MAX_SPEED=10000000)
+ OTHER_ARGS="${OTHER_ARGS} --builder ${builder_instance}"
+fi
+
BUILDX_COMMAND="docker buildx build \
${OTHER_ARGS} \
--progress=plain \