Refactor Docker setup and enhance agent documentation #3

	# Builds and publishes the Agentainer devcontainer image for GitHub Codespaces.
	# Requires repo secrets:
	# - GHCR_PAT (PAT with packages:write, read + repo scope)
	# OR use GITHUB_TOKEN with proper permissions in the same org.
	#
	# Output image:
	# ghcr.io/<owner>/<repo>/agentainer:latest
	# ghcr.io/<owner>/<repo>/agentainer:<sha>

	name: Build Agentainer Codespaces Image

	on:
	push:
	branches: ["main"]
	workflow_dispatch: {}

	permissions:
	contents: read
	packages: write

	concurrency:
	group: agentainer-image-${{ github.ref }}
	cancel-in-progress: true

	jobs:
	build-and-push:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Log in to GHCR
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GHCR_PAT \|\| github.token }}

	- name: Compute image name
	id: meta
	run: \|
	set -euo pipefail
	OWNER="$(echo '${{ github.repository_owner }}' \| tr '[:upper:]' '[:lower:]')"
	REPO="$(echo '${{ github.event.repository.name }}' \| tr '[:upper:]' '[:lower:]')"
	echo "image=ghcr.io/${OWNER}/${REPO}/agentainer" >> "$GITHUB_OUTPUT"

	- name: Build and push (multi-arch)
	uses: docker/build-push-action@v6
	with:
	context: .
	file: ./Dockerfile
	push: true
	platforms: linux/amd64,linux/arm64
	tags: \|
	${{ steps.meta.outputs.image }}:latest
	${{ steps.meta.outputs.image }}:${{ github.sha }}
	cache-from: type=gha
	cache-to: type=gha,mode=max

Provide feedback