diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 0104e4dc2..7e90f63d9 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -63,6 +63,7 @@ "omzPlugins": "https://github.com/zsh-users/zsh-autosuggestions.git https://github.com/zsh-users/zsh-syntax-highlighting.git", "plugins": "zsh-autosuggestions zsh-syntax-highlighting" }, + "ghcr.io/devcontainers/features/aws-cli:1": {}, "ghcr.io/devcontainers/features/common-utils": { "configureZshAsDefaultShell": true, "installOhMyZsh": true, @@ -75,11 +76,11 @@ "installDockerComposeSwitch": true, "moby": true, "version": "latest" - }, - "ghcr.io/devcontainers/features/ruby:1": {} + } }, "mounts": [ - "source=${localEnv:HOME}/.ssh,target=/home/vscode/.ssh,type=bind,consistency=cached" + "source=${localEnv:HOME}/.ssh,target=/home/vscode/.ssh,type=bind,consistency=cached", + "source=${localEnv:HOME}/.aws,target=/home/vscode/.aws,type=bind,consistency=cached" ], "name": "Devcontainer", "postCreateCommand": "scripts/devcontainer/postcreatecommand.sh" diff --git a/.tool-versions b/.tool-versions index 8fd353861..7141c23f8 100644 --- a/.tool-versions +++ b/.tool-versions @@ -3,7 +3,7 @@ gitleaks 8.24.0 jq 1.6 nodejs 22.15.0 pre-commit 3.6.0 -python 3.13.2 +python 3.12.11 terraform 1.10.1 terraform-docs 0.19.0 trivy 0.61.0 diff --git a/.vscode/settings.json b/.vscode/settings.json index f0b23acc3..d7c02400c 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -8,8 +8,7 @@ "**/.svn": true, "**/CVS": true, "**/Thumbs.db": true, - //".devcontainer": true, ".github": false, ".vscode": false - }, + } } diff --git a/scripts/devcontainer/Dockerfile b/scripts/devcontainer/Dockerfile index 57129de57..990163b6f 100644 --- a/scripts/devcontainer/Dockerfile +++ b/scripts/devcontainer/Dockerfile @@ -1,18 +1,42 @@ # syntax=docker/dockerfile:1 FROM mcr.microsoft.com/devcontainers/base:ubuntu -# Copy CA certs and Dynamically set NODE_EXTRA_CA_CERTS accordingly -RUN apt-get update && apt-get install -y ca-certificates +# Copy CA certs and install Ruby and Go via Ubuntu packages (much faster than building from source) +# Also install development libraries needed for Python compilation via asdf +RUN apt-get update && apt-get install -y \ + ca-certificates \ + ruby-full \ + ruby-dev \ + build-essential \ + golang-go \ + libsqlite3-dev \ + libbz2-dev \ + libncurses-dev \ + libffi-dev \ + libreadline-dev \ + liblzma-dev \ + libssl-dev \ + zlib1g-dev \ + && rm -rf /var/lib/apt/lists/* COPY custom-ca-certs/. /usr/local/share/ca-certificates/ RUN update-ca-certificates -# Concatenate all certs for use in EnvVars -RUN find /usr/local/share/ca-certificates -type f \( -name '*.pem' -o -name '*.crt' \) -exec cat {} + > "/usr/local/share/ca-certificates/combined-cacerts.pem" +# Use the updated system CA bundle which now includes both system and custom CAs +ENV NODE_EXTRA_CA_CERTS="/etc/ssl/certs/ca-certificates.crt" +ENV SSL_CERT_FILE="/etc/ssl/certs/ca-certificates.crt" +ENV REQUESTS_CA_BUNDLE="/etc/ssl/certs/ca-certificates.crt" +ENV CURL_CA_BUNDLE="/etc/ssl/certs/ca-certificates.crt" +ENV GIT_SSL_CAINFO="/etc/ssl/certs/ca-certificates.crt" + +# Set Go environment variables and prepend asdf shims/bin to PATH +ENV GOPATH="/home/vscode/go" +ENV PATH="/home/vscode/.asdf/shims:/home/vscode/.asdf/bin:/go/bin:${GOPATH}/bin:${PATH}" # Ensure CA Certs is available for all shells, Node, Python & Ruby USER vscode -RUN echo 'NODE_EXTRA_CA_CERTS="/usr/local/share/ca-certificates/combined-cacerts.pem"' >> ~/.zshrc -RUN echo 'SSL_CERT_FILE="/usr/local/share/ca-certificates/combined-cacerts.pem"' >> ~/.zshrc -RUN echo 'REQUESTS_CA_BUNDLE="/usr/local/share/ca-certificates/combined-cacerts.pem"' >> ~/.zshrc -RUN echo 'CURL_CA_BUNDLE="/usr/local/share/ca-certificates/combined-cacerts.pem"' >> ~/.zshrc -RUN echo 'GIT_SSL_CAINFO="/usr/local/share/ca-certificates/combined-cacerts.pem"' >> ~/.zshrc + +RUN echo 'NODE_EXTRA_CA_CERTS="/etc/ssl/certs/ca-certificates.crt"' >> ~/.zshrc +RUN echo 'SSL_CERT_FILE="/etc/ssl/certs/ca-certificates.crt"' >> ~/.zshrc +RUN echo 'REQUESTS_CA_BUNDLE="/etc/ssl/certs/ca-certificates.crt"' >> ~/.zshrc +RUN echo 'CURL_CA_BUNDLE="/etc/ssl/certs/ca-certificates.crt"' >> ~/.zshrc +RUN echo 'GIT_SSL_CAINFO="/etc/ssl/certs/ca-certificates.crt"' >> ~/.zshrc diff --git a/scripts/devcontainer/postcreatecommand.sh b/scripts/devcontainer/postcreatecommand.sh index 986a1d5b5..39c334c8b 100755 --- a/scripts/devcontainer/postcreatecommand.sh +++ b/scripts/devcontainer/postcreatecommand.sh @@ -1,18 +1,14 @@ -#!/bin/bash - -rm -Rf ~/.asdf -git clone https://github.com/asdf-vm/asdf.git ~/.asdf; -chmod +x ~/.asdf/asdf.sh; -echo '. $HOME/.asdf/asdf.sh' >> ~/.zshrc +#!/bin/zsh echo 'export GPG_TTY=$TTY' | cat - ~/.zshrc > temp && mv temp ~/.zshrc +echo 'eval "$(asdf completion zsh)"' >> ~/.zshrc source ~/.zshrc -echo 'asdf setup complete' - +make _install-dependencies # required before config to ensure python is available due to race between config:: make targets make config +sudo gem install jekyll bundler jekyll --version && cd docs && bundle install echo 'jekyll setup complete'