Currently I have something like the following in a script:

DOCKER_GROUP_ID=$(cut -d: -f3 < <(getent group docker))
...
docker run --group-add ${DOCKER_GROUP_ID} ...

Problem is when I run this script, I get messages like the following in the resultant container all the time:

groups: cannot find name for group ID 999

Solution:

Based on the answer from @TarunLalwani I have the following in my script:

DOCKER_GROUP_ID=$(cut -d: -f3 < <(getent group docker))
CMD="docker run -d \                                                                                                                                                                                                                                                                                                                                                         
                --group-add ${DOCKER_GROUP_ID} \                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
                ${IDEA_IMAGE}"

echo $CMD
CONTAINER=$($CMD)

# Post-configuration                                                                                                                                                                                                                                                                                                                                                         
docker exec --user=root -it $CONTAINER groupadd -g $DOCKER_GROUP_ID docker                                                                                                                                                                                                                                                                                                   

docker attach $CONTAINER

That is expected behavior because the group id is only inserted inside the container and not its name. So you can run the id command see that the group names are not passed only the group id

The only way around would be to run the command groupadd -g 999 docker. This will add it to the group file also. But you have to execute it and docker won't do it for you

This is expected, users and groups are stored in certain files under file system. For users its /etc/passwd and for groups its /etc/group.

If you go inside the container, you won't find an entry in /etc/group for a group with id 999, and thus the id command can't find the name either.

Note however that this should not cause problems, since names are mostly for display purposes. The container user already belongs to a group with id 999 and it thus has the permissions that such a group has, regardless if the group has a display name.