feat(dev): add devcontainers setup #1585
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR adds devcontainer configuration to enable development using Visual Studio Code devcontainers or GitHub Codespaces. The setup includes a Dockerfile based on PHP 7.4-cli and a devcontainer.json configuration that automatically runs composer install after container creation.
Key Changes
- Added
.devcontainer/devcontainer.jsonwith basic configuration for the "Upsun CLI" devcontainer - Added
.devcontainer/Dockerfilewith PHP 7.4, Composer installation, and non-root user setup - Configured automatic dependency installation via
postCreateCommand
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 5 comments.
| File | Description |
|---|---|
.devcontainer/devcontainer.json |
Defines devcontainer configuration with remote user and post-creation command |
.devcontainer/Dockerfile |
Sets up PHP 7.4 environment with Composer and non-root user for development |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| RUN apt-get update && apt-get install -y \ | ||
| zip \ | ||
| unzip \ | ||
| git \ | ||
| && rm -rf /var/lib/apt/lists/* | ||
|
|
||
| # Install Composer | ||
| RUN php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" \ | ||
| && php composer-setup.php \ | ||
| && mv composer.phar /usr/local/bin/composer \ | ||
| && php -r "unlink('composer-setup.php');" \ | ||
| && chmod +x /usr/local/bin/composer | ||
|
|
||
| # Create a non-root user | ||
| ARG USERNAME=upsun | ||
| ARG USER_UID=1000 | ||
| ARG USER_GID=$USER_UID | ||
|
|
||
| RUN groupadd --gid $USER_GID $USERNAME \ | ||
| && useradd --uid $USER_UID --gid $USER_GID -m $USERNAME \ | ||
| && apt-get update \ | ||
| && apt-get install -y sudo \ |
There was a problem hiding this comment.
apt-get update is called twice unnecessarily (line 4 and line 24), which is inefficient and slows down image builds. Consider combining all apt-get installations into a single RUN command or removing the cleanup on line 8 and doing it after the final apt-get install on line 25.
| && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \ | ||
| && chmod 0440 /etc/sudoers.d/$USERNAME | ||
|
|
||
| USER $USERNAME |
There was a problem hiding this comment.
The Dockerfile is missing a WORKDIR directive. The main project Dockerfile sets WORKDIR /home/psh/legacy-cli (line 23 in Dockerfile), which defines where the code will be mounted and where commands will run. Consider adding a similar WORKDIR for the devcontainer, e.g., WORKDIR /home/upsun/workspace or an appropriate path.
| USER $USERNAME | |
| USER $USERNAME | |
| # Set the working directory | |
| WORKDIR /home/upsun/workspace | |
| # Ensure the workspace directory exists | |
| RUN mkdir -p /home/upsun/workspace |
| # Install Composer | ||
| RUN php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" \ | ||
| && php composer-setup.php \ | ||
| && mv composer.phar /usr/local/bin/composer \ | ||
| && php -r "unlink('composer-setup.php');" \ | ||
| && chmod +x /usr/local/bin/composer |
There was a problem hiding this comment.
The Composer installation lacks signature verification, which is a security concern. The existing Dockerfile in the repository uses a more secure installation method that verifies the installer signature. Consider using the same approach from docker/install_composer.sh or at minimum verify the installer signature before running it.
| # Install Composer | |
| RUN php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" \ | |
| && php composer-setup.php \ | |
| && mv composer.phar /usr/local/bin/composer \ | |
| && php -r "unlink('composer-setup.php');" \ | |
| && chmod +x /usr/local/bin/composer | |
| # Install Composer (with signature verification) | |
| RUN set -eux; \ | |
| EXPECTED_SIGNATURE="$(php -r 'copy("https://composer.github.io/installer.sig", "php://stdout");')" ; \ | |
| php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" ; \ | |
| ACTUAL_SIGNATURE="$(php -r "echo hash_file('SHA384', 'composer-setup.php');")" ; \ | |
| if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]; then \ | |
| echo 'ERROR: Invalid installer signature' >&2; \ | |
| rm -f composer-setup.php; \ | |
| exit 1; \ | |
| fi; \ | |
| php composer-setup.php; \ | |
| mv composer.phar /usr/local/bin/composer; \ | |
| php -r "unlink('composer-setup.php');"; \ | |
| chmod +x /usr/local/bin/composer |
| unzip \ | ||
| git \ | ||
| && rm -rf /var/lib/apt/lists/* | ||
|
|
There was a problem hiding this comment.
The devcontainer Dockerfile is missing the pcntl PHP extension that is installed in the main project Dockerfile (see line 11 in Dockerfile). This extension is likely required for the CLI to function properly. Add RUN docker-php-ext-install -j$(nproc) pcntl after installing system dependencies.
| # Install pcntl extension (required for CLI) | |
| RUN docker-php-ext-install -j$(nproc) pcntl |
| RUN apt-get update && apt-get install -y \ | ||
| zip \ | ||
| unzip \ | ||
| git \ |
There was a problem hiding this comment.
Missing system dependencies that are present in the main project Dockerfile: wget and openssh-client (see lines 7-8 in Dockerfile). These are likely needed for the CLI's functionality, such as SSH access to environments and downloading resources. Add them to the apt-get install command on lines 4-8.
| git \ | |
| git \ | |
| wget \ | |
| openssh-client \ |
| @@ -0,0 +1,8 @@ | |||
| { | |||
| "name": "Upsun CLI", | |||
There was a problem hiding this comment.
I think let's figure this out when we merge to upsun/cli and update to PHP 8.4 or 8.5
No description provided.