sandcastle: base image on nixos/nix and bake devShells.ci #17
No reviewers
Labels
No labels
in-review
ready-for-agent
ready-for-human
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
weiwen/evie!17
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "sandcastle/issue-11"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Summary
Base the sandcastle Docker image on
nixos/nixinstead ofnode:22-bookwormand bakedevShells.cifromflake.nixinto the image at build time.This eliminates the apt-based tool installation, gives us flake-pinned tool versions, and makes the image reproducible from the same inputs the host uses.
What changed
nixos/nix; install tools vianix develop .#ciwhich pre-caches every package in/nix/storeand symlinks binaries into/usr/local/binvia a newbake-devenv.shscript.devShells.ciwithbash,curl,git,jq,nodejs_22,tea— the tools the agent needs at runtime.ANTHROPIC_API_KEY/CLAUDE_CODE_OAUTH_TOKENto.env.example; addedclaudeinstall step in Dockerfile; switchedmain.mtsagents fromopencodetoclaudeCodefor plan/implement/review stages.ready-for-agentissues and tightened phrasing.Reviewer notes
nix develop .#cibuild step works end-to-end in a fresh container.bake-devenv.shapproach doesn\t7c00024e2eto5ca201198a