Skip to content

Bump devcontainer image #124

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ejfine merged 18 commits into from
Jan 23, 2026
Merged

Bump devcontainer image #124

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
8a59d8a
docker
ejfine Jan 23, 2026
3550711
more
ejfine Jan 23, 2026
5a5c688
cache
ejfine Jan 23, 2026
5a3b0ca
actioons
ejfine Jan 23, 2026
2a649fb
more actions
ejfine Jan 23, 2026
5295ece
copier
ejfine Jan 23, 2026
ca8fce3
rabbit
ejfine Jan 23, 2026
44f5cc6
node
ejfine Jan 23, 2026
359517f
copier
ejfine Jan 23, 2026
e0d826e
yarn
ejfine Jan 23, 2026
ea67d6f
bash
ejfine Jan 23, 2026
944bd26
comment
ejfine Jan 23, 2026
8ef699b
apt
ejfine Jan 23, 2026
e6f3822
ques
ejfine Jan 23, 2026
0df9dd7
pull
ejfine Jan 23, 2026
82c7a22
answerns
ejfine Jan 23, 2026
477cec9
swap
ejfine Jan 23, 2026
36e4265
stack name
ejfine Jan 23, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 6 additions & 3 deletions .devcontainer/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,19 +1,22 @@
# base image tags available at https://mcr.microsoft.com/v2/devcontainers/universal/tags/list
# added the platform flag to override any local settings since this image is only compatible with linux/amd64. since this image is only x64 compatible, suppressing the hadolint rule
# hadolint ignore=DL3029
FROM --platform=linux/amd64 mcr.microsoft.com/devcontainers/universal:2.13.1-focal
FROM --platform=linux/amd64 mcr.microsoft.com/devcontainers/universal:5.1.1-noble
Copy link

@coderabbitai coderabbitai bot Jan 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

# Verify the image tag exists on MCR
curl -s "https://mcr.microsoft.com/v2/devcontainers/universal/tags/list" | jq -r '.tags[]' | grep -E '^5\.1\.1-noble$' | head -1

Repository: LabAutomationAndScreening/copier-base-template

Length of output: 101

🏁 Script executed:

# Examine the Dockerfile to understand the context
cat .devcontainer/Dockerfile

Repository: LabAutomationAndScreening/copier-base-template

Length of output: 1295

LGTM!

Base image upgrade from focal to noble aligns with the PR objective of addressing outdated image causing build problems. The tag 5.1.1-noble is valid.

Clarify the purpose of exposing SSH port 2222 (line 25) — this addition is not mentioned in the PR description.

🤖 Prompt for AI Agents 
In @.devcontainer/Dockerfile at line 4, The Dockerfile change adds EXPOSE 2222
but the PR and commit message don't explain why SSH on port 2222 is being
exposed; update the Dockerfile and/or PR description to clarify intent by either
adding a concise comment above the EXPOSE 2222 line explaining its purpose
(e.g., for remote debugging, forwarding the devcontainer SSH server, or legacy
tooling) and any required security notes, or amend the PR description to state
why port 2222 is needed and how it’s used; reference the EXPOSE 2222 directive
in the Dockerfile and the FROM change to ensure reviewers can see the context.


SHELL ["/bin/bash", "-o", "pipefail", "-c"]

# temporary hack until yarn updates its GPG key
RUN rm /etc/apt/sources.list.d/yarn.list || true

RUN apt-get update -y && apt-get install -y \
"bash-completion=$(apt-cache madison bash-completion | awk '{print $3}' | grep '^1:2.10' | head -n 1)" --no-install-recommends \
"bash-completion=$(apt-cache madison bash-completion | awk '{print $3}' | grep '^1:2.11' | head -n 1)" --no-install-recommends \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*

# Create the venv folder and set permissions for anyone to modify---this is necessary to be able to break out the venv folder as a separate docker volume for better performance on Windows hosts
ARG REPO_NAME=copier-base-template
ENV VENV_PATH=/workspaces/${REPO_NAME}/.venv
RUN mkdir -p /workspace && \
RUN mkdir -p /workspaces && \
mkdir -p ${VENV_PATH} && \
chmod -R 777 /workspaces ${VENV_PATH} && \
chgrp -R 0 /workspaces ${VENV_PATH}
Expand Down
4 changes: 2 additions & 2 deletions .devcontainer/devcontainer.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
"-AmazonWebServices.aws-toolkit-vscode", // the AWS CLI feature installs this automatically, but it's causing problems in VS Code
// basic tooling
// "eamodio.gitlens@15.5.1",
"coderabbit.coderabbit-vscode@0.16.4",
"coderabbit.coderabbit-vscode@0.16.6",
Copy link

@coderabbitai coderabbitai bot Jan 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🌐 Web query:

coderabbit.coderabbit-vscode 0.16.6 VS Code Marketplace

💡 Result:

I couldn’t find any evidence that CodeRabbit.coderabbit-vscode version 0.16.6 exists on (or is referenced by) the VS Code Marketplace.

  • The Marketplace listing for CodeRabbit (CodeRabbit Inc.) is here:
    https://marketplace.visualstudio.com/items?itemName=CodeRabbit.coderabbit-vscode  [1]
  • A VSIX archive site that mirrors Marketplace packages shows latest version = 0.16.0, updated November 19, 2025 (not 0.16.6). [2]

Conclusion: If you’re looking for 0.16.6, it likely was never published to the Marketplace, was pulled, or the version number you have is from another distribution/build (e.g., internal, pre-release, or a different channel).

Sources: [1] [2]

🌐 Web query:

coderabbit-vscode extension release notes changelog 0.16.6

💡 Result:

I couldn’t find any public release notes/changelog specifically for CodeRabbit VS Code extension v0.16.6.

What I can verify publicly:

  • The official Marketplace listing exists for CodeRabbit.coderabbit-vscode, but it doesn’t expose a readable per-version changelog in the page content I can access. [1]
  • A VSIX mirror site (VsixHub) currently reports the latest published version as 0.16.0 (updated Nov 19, 2025)—not 0.16.6. [2]
  • CodeRabbit’s official product changelog mentions major IDE milestones (e.g., “VS Code extension v1.0” on Aug 13, 2025) but does not provide granular patch-version notes like 0.16.6. [3]

If you tell me where you’re seeing 0.16.6 (e.g., the exact extension ID/source, a screenshot, or your Extensions panel showing that version), I can dig further and try to trace that build (it may be an internal/pre-release channel or a different extension with a similar name).

Sources: [1] [2] [3]

Update extension version to an existing release.

coderabbit.coderabbit-vscode@0.16.6 does not exist on the VS Code Marketplace. The latest available version is 0.16.0 (published November 19, 2025). Update the pinned version to 0.16.0 or remove the version pin to use the latest available release.

🤖 Prompt for AI Agents 
In @.devcontainer/devcontainer.json at line 25, The pinned extension entry
"coderabbit.coderabbit-vscode@0.16.6" is incorrect; update the devcontainer
extension list by replacing that exact string with
"coderabbit.coderabbit-vscode@0.16.0" (the latest published release) or remove
the "@0.16.6" version suffix entirely to let the container install the latest
available version; ensure the change is made where the extension string appears
so the devcontainer.json references a valid Marketplace release.

"ms-vscode.live-server@0.5.2025051301",
"MS-vsliveshare.vsliveshare@1.0.5905",
"github.copilot@1.388.0",
Expand Down Expand Up @@ -62,5 +62,5 @@
"initializeCommand": "sh .devcontainer/initialize-command.sh",
"onCreateCommand": "sh .devcontainer/on-create-command.sh",
"postStartCommand": "sh .devcontainer/post-start-command.sh"
// Devcontainer context hash (do not manually edit this, it's managed by a pre-commit hook): dae258e8 # spellchecker:disable-line
// Devcontainer context hash (do not manually edit this, it's managed by a pre-commit hook): 5e192817 # spellchecker:disable-line
}
6 changes: 3 additions & 3 deletions .devcontainer/install-ci-tooling.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
import subprocess
import sys

UV_VERSION = "0.9.21"
COPIER_VERSION = "9.11.0"
UV_VERSION = "0.9.26"
COPIER_VERSION = "9.11.2"
COPIER_TEMPLATE_EXTENSIONS_VERSION = "0.3.3"
PRE_COMMIT_VERSION = "4.5.0"
PRE_COMMIT_VERSION = "4.5.1"
GITHUB_WINDOWS_RUNNER_BIN_PATH = r"C:\Users\runneradmin\.local\bin"
parser = argparse.ArgumentParser(description="Install CI tooling for the repo")
_ = parser.add_argument(
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/ci.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
persist-credentials: false

- name: Setup Python
uses: actions/setup-python@v6.1.0
uses: actions/setup-python@v6.2.0
with:
python-version: ${{ matrix.python-version }}

Expand All @@ -50,7 +50,7 @@ jobs:
timeout-minutes: 30 # this is the amount of time this action will wait to attempt to acquire the mutex lock before failing, e.g. if other jobs are queued up in front of it

- name: Cache Pre-commit hooks
uses: actions/cache@v4.3.0
uses: actions/cache@v5.0.2
env:
cache-name: cache-pre-commit-hooks
with:
Expand Down Expand Up @@ -95,7 +95,7 @@ jobs:
persist-credentials: false

- name: Setup Python
uses: actions/setup-python@v6.1.0
uses: actions/setup-python@v6.2.0
with:
python-version: ${{ matrix.python-version }}

Expand Down Expand Up @@ -141,7 +141,7 @@ jobs:
timeout-minutes: 30 # this is the amount of time this action will wait to attempt to acquire the mutex lock before failing, e.g. if other jobs are queued up in front of it

- name: Cache Pre-commit hooks
uses: actions/cache@v4.3.0
uses: actions/cache@v5.0.2
env:
cache-name: cache-pre-commit-hooks
with:
Expand Down
28 changes: 14 additions & 14 deletions extensions/context.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,19 +11,19 @@ class ContextUpdater(ContextHook):
@override
def hook(self, context: dict[Any, Any]) -> dict[Any, Any]:
# These are duplicated in the install-ci-tooling.py script in this repository
context["uv_version"] = "0.9.21"
context["pre_commit_version"] = "4.5.0"
context["uv_version"] = "0.9.26"
context["pre_commit_version"] = "4.5.1"
# These also in pyproject.toml
context["copier_version"] = "==9.11.0"
context["copier_version"] = "==9.11.2"
context["copier_template_extensions_version"] = "==0.3.3"
#######
context["pnpm_version"] = "10.27.0"
context["pnpm_version"] = "10.28.1"
# These are duplicated in the pyproject.toml of this repository
context["pyright_version"] = ">=1.1.407"
context["pyright_version"] = ">=1.1.408"
context["pytest_version"] = ">=9.0.2"
context["pytest_randomly_version"] = ">=4.0.1"
context["pytest_cov_version"] = ">=7.0.0"
context["ty_version"] = ">=0.0.9"
context["ty_version"] = ">=0.0.13"
#######
context["sphinx_version"] = "9.0.4"
context["pulumi_version"] = ">=3.214.1"
Expand All @@ -37,14 +37,14 @@ def hook(self, context: dict[Any, Any]) -> dict[Any, Any]:
context["pydantic_version"] = ">=2.12.5"
context["pyinstaller_version"] = ">=6.17.0"
context["setuptools_version"] = "80.7.1"
context["strawberry_graphql_version"] = ">=0.287.0"
context["strawberry_graphql_version"] = ">=0.289.2"
context["fastapi_version"] = ">=0.128.0"
context["fastapi_offline_version"] = ">=1.7.4"
context["uvicorn_version"] = ">=0.40.0"
context["lab_auto_pulumi_version"] = ">=0.1.18"
context["ariadne_codegen_version"] = ">=0.17.0"
context["pytest_mock_version"] = ">=3.15.1"
context["uuid_utils_version"] = ">=0.12.0"
context["uuid_utils_version"] = ">=0.14.0"
context["syrupy_version"] = ">=5.0.0"
context["structlog_version"] = ">=25.5.0"
context["httpx_version"] = "0.28.1"
Expand Down Expand Up @@ -88,19 +88,19 @@ def hook(self, context: dict[Any, Any]) -> dict[Any, Any]:
#######
# These are duplicated in the CI files for this repository
context["gha_checkout"] = "v6.0.1"
context["gha_setup_python"] = "v6.1.0"
context["gha_cache"] = "v4.3.0"
context["gha_setup_python"] = "v6.2.0"
context["gha_cache"] = "v5.0.2"
context["gha_linux_runner"] = "ubuntu-24.04"
#######
context["gha_upload_artifact"] = "v5.0.0"
context["gha_download_artifact"] = "v6.0.0"
context["gha_upload_artifact"] = "v6.0.0"
context["gha_download_artifact"] = "v7.0.0"
context["gha_github_script"] = "v7.0.1"
context["gha_setup_buildx"] = "v3.11.1"
context["buildx_version"] = "v0.27.0"
context["gha_docker_build_push"] = "v6.18.0"
context["gha_configure_aws_credentials"] = "v5.1.1"
context["gha_amazon_ecr_login"] = "v2.0.1"
context["gha_setup_node"] = "v6.1.0"
context["gha_setup_node"] = "v6.2.0"
context["gha_action_gh_release"] = "v2.2.1"
context["gha_mutex"] = "1ebad517141198e08d47cf72f3c0975316620a65 # v1.0.0-alpha.10"
context["gha_pypi_publish"] = "v1.13.0"
Expand All @@ -111,7 +111,7 @@ def hook(self, context: dict[Any, Any]) -> dict[Any, Any]:
context["gha_long_timeout_minutes"] = "15"
context["gha_xlong_timeout_minutes"] = "45"
#######
context["debian_release_name"] = "bookworm"
context["debian_release_name"] = "trixie"
context["alpine_image_version"] = "3.23"
context["nginx_image_version"] = "1.29.4"
#######
Expand Down
6 changes: 3 additions & 3 deletions pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@ dependencies = [
"pytest>=9.0.2",
"pytest-cov>=7.0.0",
"pytest-randomly>=4.0.1",
"pyright[nodejs]>=1.1.407",
"ty>=0.0.9",
"copier==9.11.0",
"pyright[nodejs]>=1.1.408",
"ty>=0.0.13",
"copier==9.11.2",
"copier-template-extensions==0.3.3"
]
2 changes: 1 addition & 1 deletion template/.devcontainer/devcontainer.json.jinja-base
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@
"-AmazonWebServices.aws-toolkit-vscode", // the AWS CLI feature installs this automatically, but it's causing problems in VS Code{% endraw %}{% endif %}{% raw %}
// basic tooling
// "eamodio.gitlens@15.5.1",
"coderabbit.coderabbit-vscode@0.16.4",
"coderabbit.coderabbit-vscode@0.16.6",
"ms-vscode.live-server@0.5.2025051301",
"MS-vsliveshare.vsliveshare@1.0.5905",
"github.copilot@1.388.0",
Expand Down
21 changes: 16 additions & 5 deletions template/copier.yml.jinja-base
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,10 @@
{% raw %}# Questions managed by upstream template
{% raw %}# Questions specific to this template





# Questions managed by upstream template
repo_name:
type: str
help: What is the name of the repository?
Expand Down Expand Up @@ -27,6 +33,11 @@ ssh_port_number:
# Pick a random port, but ensure it's not in the excluded port range on Windows (powershell: `netsh int ipv4 show excludedportrange protocol=tcp`)
default: "{{ ( (range(49152, 49752) | list) + (range(49852, 50000) | list) + (range(50060, 50160) | list) + (range(50160, 50260) | list) + (range(50260, 50360) | list) + (range(50914, 51014) | list) + (range(51114, 51214) | list) + (range(51214, 51314) | list) + (range(51314, 51414) | list) + (range(51623, 51723) | list) + (range(51723, 51823) | list) + (range(65269, 65369) | list) + (range(65369, 65469) | list) ) | random }}"

pull_from_ecr:
type: bool
help: Will you need to pull images from a central AWS Elastic Container Registry?
default: no

use_windows_in_ci:
type: bool
help: Should CI in the instantiated template also use Windows runners?
Expand Down Expand Up @@ -78,24 +89,24 @@ python_ci_versions:
aws_identity_center_id:
type: str
help: What's the ID of your Organization's AWS Identity center, e.g. d-9145c20053?
when: "{{ python_package_registry == 'AWS CodeArtifact' or install_aws_ssm_port_forwarding_plugin {% endraw %}{% if template_uses_pulumi %}{% raw %}or True {% endraw %}{% endif %}{% raw %}}}"
when: "{{ python_package_registry == 'AWS CodeArtifact' or install_aws_ssm_port_forwarding_plugin or pull_from_ecr {% endraw %}{% if template_uses_pulumi %}{% raw %}or True {% endraw %}{% endif %}{% raw %}}}"

aws_org_home_region:
type: str
help: What is the home region of the AWS Organization (where all of the central infrastructure is deployed)?
default: us-east-1
when: "{{ python_package_registry == 'AWS CodeArtifact' or install_aws_ssm_port_forwarding_plugin {% endraw %}{% if template_uses_pulumi %}{% raw %}or True {% endraw %}{% endif %}{% raw %}}}"
when: "{{ python_package_registry == 'AWS CodeArtifact' or install_aws_ssm_port_forwarding_plugin or pull_from_ecr {% endraw %}{% if template_uses_pulumi %}{% raw %}or True {% endraw %}{% endif %}{% raw %}}}"

aws_central_infrastructure_account_id:
type: str
help: What's the ID of your Organization's AWS Account containing Central Infrastructure (e.g. CodeArtifact)?
when: "{{ python_package_registry == 'AWS CodeArtifact' }}"
when: "{{ python_package_registry == 'AWS CodeArtifact' or pull_from_ecr }}"
default: "000000000000"

core_infra_base_access_profile_name:
type: str
help: What's the AWS Identity Center Profile name for base access to the Central Infrastructure account (i.e. to read from CodeArtifact)?
when: "{{ python_package_registry == 'AWS CodeArtifact' }}"
when: "{{ python_package_registry == 'AWS CodeArtifact' or pull_from_ecr }}"
default: CoreInfraBaseAccess

{% endraw %}{% endif %}{% raw %}
Expand Down
4 changes: 2 additions & 2 deletions ...ons/{% if template_uses_pulumi %}pulumi_ephemeral_deploy{% endif %}/action.yml.jinja-base
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -93,9 +93,9 @@ runs:
uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b
with:
message: |
:eyes: **Pulumi Preview for ${{ inputs.deploy-script-module-name }}:** :eyes:
:eyes: **Pulumi Preview for ${{ inputs.deploy-script-module-name }} stack ${{ inputs.stack-name }}:** :eyes:

```bash
${{ steps.pulumi-run.outputs.stdout }}
```
comment-tag: previewonpr-${{ inputs.deploy-script-module-name }}{% endraw %}
comment-tag: previewonpr-${{ inputs.deploy-script-module-name }}-${{ inputs.stack-name }}{% endraw %}
1 change: 1 addition & 0 deletions template/tests/copier_data/data1.yaml.jinja-base
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ is_open_source: true
description: Doing amazing things
install_claude_cli: false
ssh_port_number: 12345
pull_from_ecr: false
use_windows_in_ci: false
{% endraw %}{% if template_might_want_to_install_aws_ssm_port_forwarding_plugin %}{% raw %}install_aws_ssm_port_forwarding_plugin: true{% endraw %}{% endif %}{% raw %}
{% endraw %}{% if template_might_want_to_use_vcrpy %}{% raw %}configure_vcrpy: true{% endraw %}{% endif %}{% raw %}
Expand Down
1 change: 1 addition & 0 deletions template/tests/copier_data/data2.yaml.jinja-base
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ is_open_source: false
description: Doing crazy things! So many things!
install_claude_cli: true
ssh_port_number: 54321
pull_from_ecr: true
use_windows_in_ci: true
{% endraw %}{% if template_might_want_to_install_aws_ssm_port_forwarding_plugin %}{% raw %}install_aws_ssm_port_forwarding_plugin: false{% endraw %}{% endif %}{% raw %}
{% endraw %}{% if template_might_want_to_use_vcrpy %}{% raw %}configure_vcrpy: false{% endraw %}{% endif %}{% raw %}
Expand Down
Loading