Skip to content

Commit 4461009

Browse files
committed
add DevContainer setup with Dockerfile, devcontainer.json and CI workflow
1 parent 5d4815e commit 4461009

4 files changed

Lines changed: 330 additions & 5 deletions

File tree

.devcontainer/Dockerfile

Lines changed: 81 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,81 @@
1+
FROM ubuntu:22.04
2+
3+
ARG USERNAME=vscode
4+
ARG USER_UID=1000
5+
ARG USER_GID=1000
6+
7+
ENV DEBIAN_FRONTEND=noninteractive
8+
9+
# --------------------------------------------------------------------
10+
# System packages as root + AimDB protocol dependencies
11+
# --------------------------------------------------------------------
12+
RUN apt-get update && apt-get install -y \
13+
bash-completion \
14+
build-essential \
15+
curl \
16+
git \
17+
gnupg2 \
18+
libssl-dev \
19+
pkg-config \
20+
ca-certificates \
21+
sudo \
22+
openssl \
23+
libudev-dev llvm libclang-dev \
24+
protobuf-compiler libssl-dev \
25+
cmake ninja-build gcc-arm-none-eabi gdb-multiarch \
26+
# AimDB protocol bridge dependencies
27+
mosquitto-clients \
28+
# Performance profiling tools
29+
valgrind \
30+
perf-tools-unstable \
31+
# Additional dependencies for probe-rs
32+
libusb-1.0-0-dev \
33+
libudev-dev \
34+
&& rm -rf /var/lib/apt/lists/*
35+
36+
# --------------------------------------------------------------------
37+
# Create non-root user (with sudo) as root
38+
# --------------------------------------------------------------------
39+
RUN groupadd --gid $USER_GID $USERNAME \
40+
&& useradd --uid $USER_UID --gid $USER_GID -m $USERNAME \
41+
&& echo "$USERNAME ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
42+
43+
# --------------------------------------------------------------------
44+
# Switch default shell to bash (requires root)
45+
# --------------------------------------------------------------------
46+
RUN rm /bin/sh && ln -s /bin/bash /bin/sh
47+
48+
# --------------------------------------------------------------------
49+
# Switch to non-root user + set home working dir
50+
# --------------------------------------------------------------------
51+
USER $USERNAME
52+
WORKDIR /home/$USERNAME
53+
54+
# --------------------------------------------------------------------
55+
# Install Rust + AimDB-specific targets and tools
56+
# --------------------------------------------------------------------
57+
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
58+
ENV PATH="/home/$USERNAME/.cargo/bin:${PATH}"
59+
60+
# Add embedded targets for AimDB MCU support
61+
RUN rustup target add thumbv7em-none-eabihf \
62+
&& rustup target add thumbv6m-none-eabi \
63+
&& rustup target add thumbv7m-none-eabi
64+
65+
# Install core AimDB development tools
66+
RUN cargo install cargo-audit cargo-watch cargo-expand
67+
68+
# Install probe-rs with proper error handling
69+
RUN cargo install probe-rs --features cli || \
70+
(echo "Warning: probe-rs installation failed. Install manually if needed for embedded debugging." && \
71+
echo "Run: cargo install probe-rs --features cli")
72+
73+
# --------------------------------------------------------------------
74+
# Use Bash for subsequent RUN instructions (important for nvm)
75+
# --------------------------------------------------------------------
76+
SHELL ["/bin/bash", "-c"]
77+
78+
# --------------------------------------------------------------------
79+
# Final working directory
80+
# --------------------------------------------------------------------
81+
WORKDIR /aimdb

.devcontainer/devcontainer.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"name": "Rust Dev-Container",
3+
"build": {
4+
"context": "..",
5+
"dockerfile": "Dockerfile",
6+
"args": {
7+
"USERNAME": "vscode",
8+
"USER_UID": "1000",
9+
"USER_GID": "1000"
10+
}
11+
},
12+
"workspaceFolder": "/aimdb",
13+
"runArgs": [
14+
"--privileged",
15+
"--network=host",
16+
"-v",
17+
"/dev/bus/usb:/dev/bus/usb"
18+
],
19+
"remoteUser": "vscode",
20+
"mounts": [
21+
"type=bind,source=${localWorkspaceFolder},target=/aim-dev,consistency=cached"
22+
],
23+
"customizations": {
24+
"vscode": {
25+
"extensions": [
26+
"rust-lang.rust-analyzer",
27+
"vadimcn.vscode-lldb",
28+
"tamasfe.even-better-toml",
29+
"serayuzgur.crates",
30+
"ms-vscode.hexdump",
31+
"ms-vscode.vscode-embedded-tools"
32+
],
33+
"settings": {
34+
"terminal.integrated.shell.linux": "/bin/bash",
35+
"rust-analyzer.cargo.features": "all",
36+
"rust-analyzer.check.command": "clippy",
37+
"rust-analyzer.check.extraArgs": [
38+
"--all-targets",
39+
"--all-features"
40+
],
41+
"rust-analyzer.cargo.buildScripts.enable": true,
42+
"rust-analyzer.procMacro.enable": true,
43+
"files.watcherExclude": {
44+
"**/target/**": true
45+
}
46+
}
47+
}
48+
},
49+
"containerEnv": {
50+
"SHELL": "/bin/bash"
51+
}
52+
}

.github/workflows/devcontainer.yml

Lines changed: 184 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,184 @@
1+
name: DevContainer CI
2+
3+
on:
4+
push:
5+
branches: [ main, develop ]
6+
paths:
7+
- '.devcontainer/**'
8+
- '.github/workflows/devcontainer.yml'
9+
pull_request:
10+
branches: [ main ]
11+
paths:
12+
- '.devcontainer/**'
13+
- '.github/workflows/devcontainer.yml'
14+
schedule:
15+
# Test weekly to catch upstream image changes
16+
- cron: '0 6 * * 1' # Every Monday at 6 AM UTC
17+
workflow_dispatch:
18+
19+
env:
20+
REGISTRY: ghcr.io
21+
IMAGE_NAME: aimdb-dev/devcontainer
22+
23+
jobs:
24+
build-devcontainer:
25+
runs-on: ubuntu-latest
26+
permissions:
27+
contents: read
28+
packages: write
29+
30+
steps:
31+
- name: Checkout repository
32+
uses: actions/checkout@v4
33+
34+
- name: Set up Docker Buildx
35+
uses: docker/setup-buildx-action@v3
36+
37+
- name: Log in to Container Registry
38+
if: github.event_name != 'pull_request'
39+
uses: docker/login-action@v3
40+
with:
41+
registry: ${{ env.REGISTRY }}
42+
username: ${{ github.actor }}
43+
password: ${{ secrets.GITHUB_TOKEN }}
44+
45+
- name: Extract metadata
46+
id: meta
47+
uses: docker/metadata-action@v5
48+
with:
49+
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
50+
tags: |
51+
type=ref,event=branch
52+
type=ref,event=pr
53+
type=sha,prefix=sha-
54+
type=raw,value=latest,enable={{is_default_branch}}
55+
56+
- name: Build devcontainer image
57+
uses: docker/build-push-action@v5
58+
with:
59+
context: .devcontainer
60+
file: .devcontainer/Dockerfile
61+
platforms: linux/amd64
62+
push: ${{ github.event_name != 'pull_request' }}
63+
tags: ${{ steps.meta.outputs.tags }}
64+
labels: ${{ steps.meta.outputs.labels }}
65+
cache-from: type=gha
66+
cache-to: type=gha,mode=max
67+
build-args: |
68+
USERNAME=vscode
69+
USER_UID=1000
70+
USER_GID=1000
71+
72+
test-devcontainer:
73+
runs-on: ubuntu-latest
74+
needs: build-devcontainer
75+
if: github.event_name == 'pull_request' || github.event_name == 'push'
76+
77+
steps:
78+
- name: Checkout repository
79+
uses: actions/checkout@v4
80+
81+
- name: Set up Docker Buildx
82+
uses: docker/setup-buildx-action@v3
83+
84+
- name: Build test image
85+
uses: docker/build-push-action@v5
86+
with:
87+
context: .devcontainer
88+
file: .devcontainer/Dockerfile
89+
load: true
90+
tags: aimdb-devcontainer:test
91+
cache-from: type=gha
92+
build-args: |
93+
USERNAME=vscode
94+
USER_UID=1000
95+
USER_GID=1000
96+
97+
- name: Test Rust installation
98+
run: |
99+
docker run --rm aimdb-devcontainer:test bash -c "
100+
rustc --version &&
101+
cargo --version &&
102+
rustup --version
103+
"
104+
105+
- name: Test embedded targets
106+
run: |
107+
docker run --rm aimdb-devcontainer:test bash -c "
108+
rustup target list --installed | grep -E 'thumbv(6m|7[em])-none-eab[hi]'
109+
"
110+
111+
- name: Test development tools
112+
run: |
113+
docker run --rm aimdb-devcontainer:test bash -c "
114+
cargo audit --version &&
115+
cargo watch --version &&
116+
cargo expand --version &&
117+
(probe-rs --version || echo 'probe-rs not installed - this is OK')
118+
"
119+
120+
- name: Test system dependencies
121+
run: |
122+
docker run --rm aimdb-devcontainer:test bash -c "
123+
gcc --version &&
124+
arm-none-eabi-gcc --version &&
125+
protoc --version &&
126+
pkg-config --version
127+
"
128+
129+
- name: Test user permissions
130+
run: |
131+
docker run --rm aimdb-devcontainer:test bash -c "
132+
whoami &&
133+
id &&
134+
sudo echo 'sudo works' &&
135+
touch /tmp/test-file &&
136+
ls -la /tmp/test-file
137+
"
138+
139+
- name: Test AimDB workspace setup
140+
run: |
141+
docker run --rm -v ${{ github.workspace }}:/aimdb aimdb-devcontainer:test bash -c "
142+
cd /aimdb &&
143+
ls -la &&
144+
# Test if we can run basic cargo commands (if Cargo.toml exists)
145+
if [ -f Cargo.toml ]; then
146+
cargo check --version || echo 'No Cargo.toml found, skipping cargo check'
147+
else
148+
echo 'No Cargo.toml found yet - this is expected for early development'
149+
fi
150+
"
151+
152+
security-scan:
153+
runs-on: ubuntu-latest
154+
needs: build-devcontainer
155+
if: github.event_name != 'pull_request'
156+
157+
steps:
158+
- name: Checkout repository
159+
uses: actions/checkout@v4
160+
161+
- name: Set up Docker Buildx
162+
uses: docker/setup-buildx-action@v3
163+
164+
- name: Build image for scanning
165+
uses: docker/build-push-action@v5
166+
with:
167+
context: .devcontainer
168+
file: .devcontainer/Dockerfile
169+
load: true
170+
tags: aimdb-devcontainer:scan
171+
cache-from: type=gha
172+
173+
- name: Run Trivy vulnerability scanner
174+
uses: aquasecurity/trivy-action@master
175+
with:
176+
image-ref: aimdb-devcontainer:scan
177+
format: 'sarif'
178+
output: 'trivy-results.sarif'
179+
180+
- name: Upload Trivy scan results to GitHub Security tab
181+
uses: github/codeql-action/upload-sarif@v3
182+
if: always()
183+
with:
184+
sarif_file: 'trivy-results.sarif'

README.md

Lines changed: 13 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -41,22 +41,30 @@ AimDB collapses these layers into **one lightweight engine**:
4141
---
4242

4343
## 🏃 Quick Start
44-
Clone, build and run your first live stream in **≤15 minutes**:
44+
Get up and running in **≤15 minutes** with our pre-configured development environment:
4545

4646
```bash
4747
# 1. Clone the repo
48-
git clone https://github.com/your-org/aimdb.git
48+
git clone https://github.com/aimdb-dev/aimdb.git
4949
cd aimdb
5050

51-
# 2. Build (requires Rust 1.80+ and cargo)
52-
cargo build --release
51+
# 2. Open in VS Code with Dev Containers extension
52+
code .
53+
# Then: Ctrl/Cmd+Shift+P → "Dev Containers: Reopen in Container"
5354

54-
# 3. Run a demo stream (simulated edge node)
55+
# 3. Inside the container, everything is ready:
56+
cargo build --release
5557
cargo run --example quickstart
5658
```
5759

60+
**✅ Zero Setup**: Rust, embedded targets and development tools pre-installed
61+
**✅ Cross-Platform**: Works on macOS, Linux, Windows (with Docker Desktop) or WSL
62+
**✅ VS Code Ready**: Optimized extensions and settings included
63+
5864
You should see events syncing between simulated devices and a local edge gateway!
5965

66+
> **💡 Tip**: The devcontainer includes all embedded targets and tools like `cargo-audit`, `cargo-watch` and debugging support for MCU development.
67+
6068
---
6169

6270
## 🤝 Contributing

0 commit comments

Comments
 (0)