Use Docker images locally and in CI

[EngHabu]

Signed-off-by: Haytham Abuelfutuh [email protected]

Tracking issue

Why are the changes needed?

What changes were proposed in this pull request?

How was this patch tested?

Labels

Please add one or more of the following labels to categorize your PR:

• added: For new features.
• changed: For changes in existing functionality.
• deprecated: For soon-to-be-removed features.
• removed: For features being removed.
• fixed: For any bug fixed.
• security: In case of vulnerabilities

This is important to improve the readability of release notes.

Setup process

Screenshots

Check all the applicable boxes

• I updated the documentation accordingly.
• All new and existing tests passed.
• All commits are signed-off.

Related PRs

Docs link

[flyte-bot]

Bito Automatic Review Skipped - Branch Excluded

Bito didn't auto-review because the source or target branch is excluded from automatic reviews.
No action is needed if you didn't intend for the agent to review it. Otherwise, to manually trigger a review, type /review in a comment and save.
You can change the branch exclusion settings here, or contact your Bito workspace admin at [email protected].

[github-actions]

🐳 Docker CI Image Built

The CI Docker image has been built and pushed for this PR!

Image: ghcr.io/flyteorg/flyte/ci:pr-6671

This image will be automatically used by CI workflows in this PR.

To test locally:

docker pull ghcr.io/flyteorg/flyte/ci:pr-6671
docker run --rm -it -v $(pwd):/workspace -w /workspace ghcr.io/flyteorg/flyte/ci:pr-6671 bash

[bito-code-review]

Bito Automatic Review Skipped - Branch Excluded

Bito didn't auto-review because the source or target branch is excluded from automatic reviews.
No action is needed if you didn't intend for the agent to review it. Otherwise, to manually trigger a review, type /review in a comment and save.
You can change the branch exclusion settings here, or contact your Bito workspace admin at [email protected].

[bito-code-review]

Bito Automatic Review Skipped - Branch Excluded

Bito didn't auto-review because the source or target branch is excluded from automatic reviews.
No action is needed if you didn't intend for the agent to review it. Otherwise, to manually trigger a review, type /review in a comment and save.
You can change the branch exclusion settings here, or contact your Bito workspace admin at [email protected].

[bito-code-review]

Bito Automatic Review Skipped - Branch Excluded

Bito didn't auto-review because the source or target branch is excluded from automatic reviews.
No action is needed if you didn't intend for the agent to review it. Otherwise, to manually trigger a review, type /review in a comment and save.
You can change the branch exclusion settings here, or contact your Bito workspace admin at [email protected].

[bito-code-review]

Bito Automatic Review Skipped - Branch Excluded

Bito didn't auto-review because the source or target branch is excluded from automatic reviews.
No action is needed if you didn't intend for the agent to review it. Otherwise, to manually trigger a review, type /review in a comment and save.
You can change the branch exclusion settings here, or contact your Bito workspace admin at [email protected].

[bito-code-review]

Bito Automatic Review Skipped - Branch Excluded

Bito didn't auto-review because the source or target branch is excluded from automatic reviews.
No action is needed if you didn't intend for the agent to review it. Otherwise, to manually trigger a review, type /review in a comment and save.
You can change the branch exclusion settings here, or contact your Bito workspace admin at [email protected].

[bito-code-review]

Bito Automatic Review Skipped - Branch Excluded

Bito didn't auto-review because the source or target branch is excluded from automatic reviews.
No action is needed if you didn't intend for the agent to review it. Otherwise, to manually trigger a review, type /review in a comment and save.
You can change the branch exclusion settings here, or contact your Bito workspace admin at [email protected].

[Copilot]

Pull Request Overview

This PR introduces Docker-based development and CI workflows to ensure consistent environments across local development and CI. The changes standardize tool versions and eliminate "works on my machine" issues by containerizing the development environment.

Key changes:

• Creates a unified Docker image (ci.Dockerfile) with pinned tool versions for Go, Python, Node.js, Rust, and Buf
• Implements intelligent CI workflows that automatically build PR-specific Docker images when the Dockerfile is modified
• Updates the Makefile to support both Docker-based (default) and local tool-based development workflows

Reviewed Changes

Copilot reviewed 16 out of 16 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
scripts/docker-dev.sh	Helper script to simplify Docker container usage for development
ci.Dockerfile	Multi-stage Docker image with development tools and optimized caching
Makefile	Updated with Docker-based targets as defaults, local tool targets as alternatives
.github/workflows/build-ci-image.yml	Workflow to build and publish Docker images with PR-specific tagging
.github/workflows/check-generate.yml	Updated to use Docker containers and wait for PR-specific images
docs/	Comprehensive documentation for Docker workflows and development environment

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[bito-code-review]

Bito Automatic Review Skipped - Branch Excluded

Bito didn't auto-review because the source or target branch is excluded from automatic reviews.
No action is needed if you didn't intend for the agent to review it. Otherwise, to manually trigger a review, type /review in a comment and save.
You can change the branch exclusion settings here, or contact your Bito workspace admin at [email protected].

[machichima]

Can we use:

$(DOCKER_RUN) bash -c "git config --global --add safe.directory /workspace && make gen-local"

Same as what we did in docker-gen-local? In this case we do not need buf-... and buf-...-local. We can just have buf-... as what we have originally

[EngHabu]

I was keeping it so you can continue to run individual commands (but now using docker).... I'll follow your guidance and we can bring them back if needed.

[machichima]

Can we also name the image built locally as ghcr.io/flyteorg/flyte/ci:v2?

In this case, no matter using remote image or build locally, we can run make gen. If no changes in ci.Dockerfile, we use make docker-pull before make gen, otherwise use make docker-build.

The process will become:

• typical usage:

1. pull CI image make docker-pull
2. run make gen

• If there's modification in ci.Dockerfile:

1. build the CI image make docker-build
2. also run make gen

I think it can make the process easier to follow and also make the Makefile cleaner

[machichima]

Maybe we can use name gen.Dockerfile instead? As I think this is mainly for generating

[Copilot]

Pull Request Overview

Copilot reviewed 14 out of 14 changed files in this pull request and generated 8 comments.

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

Documentation references Dockerfile.ci, but the repository adds gen.Dockerfile; update all occurrences to avoid confusion.

[Copilot]

Example detection logic uses Dockerfile.ci instead of gen.Dockerfile; this is inconsistent with the actual file name and will mislead users.

[Copilot]

[nitpick] Running as root in the container will create root-owned files on the host, complicating cleanup. Consider adding --user $(id -u):$(id -g) to preserve host ownership.

[Copilot]

Table rows start with double pipe characters, which can break Markdown table rendering. Remove the extra leading pipe on these lines.

[flyte-bot]

Bito Automatic Review Skipped - Branch Excluded

Bito didn't auto-review because the source or target branch is excluded from automatic reviews.
No action is needed if you didn't intend for the agent to review it. Otherwise, to manually trigger a review, type /review in a comment and save.
You can change the branch exclusion settings here, or contact your Bito workspace admin at [email protected].

[machichima]

Not familiar with github action YAML, but tried running make docker-pull gen DOCKER_CI_IMAGE=ghcr.io/flyteorg/flyte/ci:pr-6671 locally and it works.

Overall LGTM! Just some small nits on docs

[flyte-bot]

Bito Automatic Review Skipped - Branch Excluded

Bito didn't auto-review because the source or target branch is excluded from automatic reviews.
No action is needed if you didn't intend for the agent to review it. Otherwise, to manually trigger a review, type /review in a comment and save.
You can change the branch exclusion settings here, or contact your Bito workspace admin at [email protected].

[machichima]

Sorry I miss this. I think it should be master instead of main branch

[machichima]

Suggested change

	- main
	- master

[EngHabu]

So I created a main branch.. it's where I deleted everything from the master branch... I think what we will do is when we are ready to switch over, we will switch the default branch for the repo from master to main... and let master be the v1 stuff

[machichima]

Suggested change

	type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
	type=raw,value=latest,enable=${{ github.ref == 'refs/heads/master' }}

[machichima]

Suggested change

	elif [ "${{ github.ref }}" == "refs/heads/main" ]; then
	elif [ "${{ github.ref }}" == "refs/heads/master" ]; then

[machichima]

Suggested change

	# Use 'latest' tag for main branch
	# Use 'latest' tag for master branch

[machichima]

Suggested change

	- Runs on: PR with Dockerfile changes, push to main/v2
	- Runs on: PR with Dockerfile changes, push to master/v2

[machichima]

Suggested change

	| main branch push | `latest` | Built on every push to master |
	| master branch push | `latest` | Built on every push to master |