feat: add automated dev container image building #65
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Used parallel subagent swarm to systematically fix shellcheck warnings: Agent 1 - setup-dev-env.sh (3 issues): - Fixed useless echo, variable quoting, logical operator precedence Agent 2 - run-clang-tidy.sh (5 issues): - Fixed CDPATH assignment, removed local keywords, added quotes - Updated to source mg.sh instead of shlib.sh Agent 3 - run-gitleaks.sh (6 issues): - Fixed CDPATH assignment, removed local keywords - Separated declare/assign, updated to source mg.sh Agent 4 - run-quick-tests.sh (4 issues): - Removed local keywords, added proper quoting - Separated declare/assign for POSIX compliance Agent 5 - profile.sh (30+ complex bash-isms): - Converted arrays to space-separated strings - Replaced [[ ]] with [ ], echo -e with printf - Fixed arithmetic loops, OSTYPE/BASH_SOURCE usage - Removed pipefail, local keywords, brace expansion Agent 6 - security-audit.sh (22+ complex bash-isms): - Converted arrays to space-separated strings - Replaced [[ ]] with [ ], echo -e with printf - Removed pipefail, local keywords, BASH_SOURCE usage Result: All 19 shell scripts now pass shellcheck with zero warnings Fully POSIX sh compliant - no bash-isms remain anywhere 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Fix run-clang-tidy.sh to show actual error details instead of hiding them - Remove /dev/null redirect that was swallowing all actionable error messages - Add automatic compilation database generation when missing - Use mg_ color functions for consistent output formatting - Fix include paths: mg/ → metagraph/ in test and tool files Before: "❌ Issues found in: file.c" (useless) After: Shows actual clang-tidy warnings with line numbers and fix suggestions 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Add Dockerfile.dev with pre-installed development tools - Add GitHub Action for automated image building and publishing - Configure multi-platform builds (AMD64/ARM64) with caching - Auto-update devcontainer.json with new image digests - Remove postCreateCommand for faster container startup 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Add prepare-release.sh with strict fail-fast validation - Add cut-release.sh for CI/CD tag creation - Fix version consistency check for static version.h - Implement comprehensive quality checks: - Release branch validation - Clean worktree requirements - Version consistency checks - Performance regression testing (±5% tolerance) - Full quality matrix (build, test, lint, security) - No auto-fixes - validation only approach - Machine-specific performance baselines 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Add comprehensive CI workflow with quality matrix - Multi-platform builds (Ubuntu, macOS) - Full sanitizer suite (ASan, UBSan, TSan, MSan) - Code coverage reporting - Security audit integration - Add automated release workflow - Triggered by merges from release branches - Deterministic artifact builds - SBOM generation (SPDX and CycloneDX) - Cosign signing with OIDC - Container image publishing - Add nightly fuzzing workflow - Automated corpus management - Crash detection and reporting - Coverage analysis - Add CODEOWNERS for automated PR reviews - Add setup-build-env composite action 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Add Dockerfile.buildenv with pinned dependencies - Ubuntu 22.04 base with SHA256 digest - LLVM 18 toolchain with exact versions - All build tools pinned for reproducibility - Non-root builder user - Deterministic build flags - Add Dockerfile.runtime for release containers - Minimal runtime dependencies - Multi-stage build from buildenv - Health checks and metadata labels 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Create comprehensive RELEASE.md with full workflow - Detailed step-by-step release process - Version management guidelines - Performance baseline handling - Troubleshooting and exit codes - Security requirements - Update CONTRIBUTING.md with release section - Update pre-push hook to auto-run prepare-release.sh on release branches 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Remove version.h.in template and CMake configure_file - Switch to static version.h managed by release scripts - Update CMakeLists.txt to remove version generation - Prevents git showing dirty state on every build 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Add minimal CI guard scripts for branch/version/commit validation
- guard-branch.sh: Enforces branch naming and target rules
- guard-version.sh: Prevents version downgrades
- lint-commits.sh: Validates conventional commits
- Add pr-guard.yml workflow to enforce rules on PRs
- Update README with:
- DevContainer quick start instructions
- Development workflow and branch strategy
- Fix incorrect GitHub URLs in badges
These scripts enforce:
- feat/* branches must target release/* and use feat/{issue}-{slug} format
- Only release/* and fix/* can target main
- Version consistency across branches
- Conventional commit messages
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
IWYU on macOS suggests internal implementation headers like <_stdio.h> instead of standard headers like <stdio.h>. This needs proper mapping files to work correctly on macOS. Temporarily disable IWYU on macOS until proper configuration is added. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Add C23 thread-local error context management (error.c) - Replace manual version.h with CMake-generated template system - Add EmbedBuildInfo.cmake for reproducible builds with Git metadata - Modernize CMakeLists.txt with proper version extraction and guards - Update src/CMakeLists.txt with modern CMake patterns and packaging - Add metagraphConfig.cmake.in for proper find_package support - Fix metagraph_result_is_success to use explicit success checks - Remove tinycthread dependency in favor of C23 _Thread_local - Add proper error message truncation with ellipsis handling - Implement table-driven error string lookup for code size optimization - Add portable attribute detection for printf-style format checking - Support both dev and reproducible builds with proper fallbacks This establishes a production-ready foundation for MetaGraph's error handling and build system that supports deterministic builds, proper CMake packaging, and modern C23 features. 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
Replace obsolete mg_placeholder references with the modern alias target. This fixes the build after removing the placeholder library. 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
- Remove build-asan/compile_commands.json from git tracking - Add compile_commands.json to .gitignore to prevent future tracking - This file is generated by CMake and contains machine-specific paths 🤖 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Benefits
Test Plan
Technical Details
The GitHub Action:
ghcr.io/hyperdag/core/devcontainer:latest🤖 Generated with Claude Code