Merge pull request #1 from xiaomakuaiz/main

add docker/base/bookworm/Dockerfile

Author: xiaomakuaiz

.github/workflows/ci.yaml

@@ -0,0 +1,62 @@
+name: ci
+
+on:
+  pull_request:
+    paths:
+      - "docker/**"
+      - "scripts/**"
+      - ".github/workflows/**"
+      - "README.md"
+  push:
+    branches: [main]
+    tags: ["*"]
+
+env:
+  REGISTRY: ghcr.io/chaitin/monkeycode-runner
+  STACK: base
+  VERSION: bookworm
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.STACK }}
+          tags: |
+            type=raw,value=${{ env.VERSION }}
+            type=raw,value=${{ env.VERSION }}-${{ github.ref_name }},enable=${{ startsWith(github.ref, 'refs/heads/') && github.ref != 'refs/heads/main' }}
+            type=ref,event=tag
+            type=raw,value=${{ env.VERSION }}-${{ github.ref_name }},enable=${{ startsWith(github.ref, 'refs/tags/') }}
+            type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GHCR
+        if: github.event_name == 'push'
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build (no push on PR)
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: docker/${{ env.STACK }}/${{ env.VERSION }}/Dockerfile
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          push: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }}

README.md

@@ -1 +1,20 @@
-# DevRunner
+# DevRunner
+
+Base container images for Chaitin MonkeyCode developer workflows.
+
+## Base image (bookworm)
+- Dockerfile: `docker/base/bookworm/Dockerfile` (Debian bookworm-slim, git/curl/build-essential/python3, en_US.UTF-8 locale, default user root).
+- Build locally: `STACK=base VERSION=bookworm ./scripts/build.sh`
+- Push to GHCR: `PUSH=true REGISTRY=ghcr.io/chaitin/monkeycode-runner STACK=base VERSION=bookworm ./scripts/build.sh` (needs `docker login ghcr.io`).
+- Run: `docker run --rm -it ghcr.io/chaitin/monkeycode-runner/base:bookworm bash`
+
+## Layout
+- `docker/base/bookworm/Dockerfile` – base image definition.
+- `scripts/build.sh` – helper to build/push images (env-driven: STACK, VERSION, REGISTRY, PUSH).
+- `docs/` – docs placeholder for future stacks and CI notes.
+
+## CI/CD
+- Workflow: `.github/workflows/ci.yaml`
+  - PR: build only (no push).
+  - Push to `main` branch: login to GHCR with `GITHUB_TOKEN` and push tags from metadata (`bookworm`, `latest`, branch/tag-derived). Non-main branches/tags build only. Target registry: `ghcr.io/chaitin/monkeycode-runner`.
+- No personal access token needed; workflow requests `packages: write` and `contents: read` via `GITHUB_TOKEN` (ensure Actions permissions allow this if repository is restricted).

docker/base/bookworm/Dockerfile

@@ -0,0 +1,38 @@
+# Base developer-friendly image (Debian bookworm-slim)
+FROM debian:bookworm-slim
+
+LABEL org.opencontainers.image.title="DevRunner Base" \
+      org.opencontainers.image.source="https://github.com/chaitin/DevRunner" \
+      org.opencontainers.image.description="Base toolbox image for DevRunner stacks"
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends \
+        ca-certificates \
+        locales \
+        curl \
+        git \
+        gnupg \
+        build-essential \
+        pkg-config \
+        unzip \
+        zip \
+        less \
+        vim-tiny \
+        procps \
+        python3 \
+        python3-pip \
+    && echo "en_US.UTF-8 UTF-8" > /etc/locale.gen \
+    && locale-gen \
+    && update-locale LANG=en_US.UTF-8 LC_ALL=en_US.UTF-8 \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN mkdir -p /workspace
+
+ENV LANG=en_US.UTF-8 \
+    LC_ALL=en_US.UTF-8 \
+    PATH=/root/.local/bin:${PATH} \
+    WORKSPACE=/workspace
+
+WORKDIR /workspace

scripts/build.sh

@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Simple builder for DevRunner images.
+# Usage:
+#   STACK=base VERSION=bookworm REGISTRY=ghcr.io/chaitin/monkeycode-runner PUSH=false ./scripts/build.sh
+
+STACK=${STACK:-base}
+VERSION=${VERSION:-bookworm}
+REGISTRY=${REGISTRY:-ghcr.io/chaitin/monkeycode-runner}
+PUSH=${PUSH:-false}
+
+if [[ "${STACK}" == "base" ]]; then
+  DOCKERFILE="docker/base/${VERSION}/Dockerfile"
+else
+  DOCKERFILE="docker/${STACK}/${VERSION}/Dockerfile"
+fi
+
+if [[ ! -f "${DOCKERFILE}" ]]; then
+  echo "Dockerfile not found: ${DOCKERFILE}" >&2
+  exit 1
+fi
+
+IMAGE="$(echo "${REGISTRY}" | tr '[:upper:]' '[:lower:]')/${STACK}:${VERSION}"
+echo "Building ${IMAGE} with ${DOCKERFILE}"
+docker build -f "${DOCKERFILE}" -t "${IMAGE}" .
+
+if [[ "${PUSH}" == "true" ]]; then
+  echo "Pushing ${IMAGE}"
+  docker push "${IMAGE}"
+fi