feat: add optional Nix container flavor for docker-git projects#55
feat: add optional Nix container flavor for docker-git projects#55skulidropek wants to merge 67 commits intoProverCoderAI:mainfrom
Conversation
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
- Print codex resume hint on interactive shells\n- Disable Ubuntu MOTD/last-login noise inside containers\n- Silence SSH host-key warnings via LogLevel=ERROR\n- Force docker compose output to plain/no-ANSI to avoid escape sequences\n- Keep generated project templates in sync on compose up
Skip port re-selection when docker compose is already running for the project.
- Connect managed containers to the default bridge network after compose up - Prefer bridge IP for access logging so other containers can reach services by IP
- Default model: gpt-5.3-codex (xhigh) with pragmatic personality - Enable live web search + web_search_request - Enable shell_snapshot/collab/apps by default
- Allow waiting for remote actions via sleep-based polling - Prefer gh for issues/PRs and CI checks; wait for Actions after push
- Rewrite docker-git-managed Codex config.toml when defaults change - Ensure per-project .orch/auth/codex/config.toml is updated on create and up
- Grant GITHUB_TOKEN contents:read so actions/checkout can fetch. - Reduce lint complexity in resolveCreateInputs.
CI test job runs `pnpm test` without building @effect-template/lib, but the package exports types from dist. Add `pretest` to build lib so lint:tests + vitest can resolve imports.
fix(ci): checkout permissions + lint complexity
…oderAI#6) Co-authored-by: codex-agent <codex-agent@users.noreply.github.com>
…roverCoderAI#8) * ci(workflows): align with effect-template and add deps prune check * fix(ci): restore snapshot checkout permission for private repo
|
Design note 1/3 (feasibility): A full immediate switch from Ubuntu -> Nix for all generated containers is not cost-effective right now because we would couple infrastructure migration with product behavior changes. So this PR uses a dual-flavor architecture ( |
|
Design note 2/3 (runtime compatibility): Entrypoint logic expects legacy absolute paths ( This keeps existing shell/SSH startup logic unchanged and avoids touching unrelated runtime code in the same migration step. |
|
Design note 3/3 (migration strategy): Recommended rollout sequence after merge:
This preserves team throughput while collecting real-world data before any default-flavor change. |
|
Closing in favor of #56 (clean branch based directly on current upstream main; same feature set, no historical commit tail). |
3 participants
Summary
This PR implements a safe migration path toward Nix-based containers without breaking current users.
baseFlavorto project template config (ubuntu|nix), default =ubuntu--base-flavor <ubuntu|nix>--nix/--ubuntushorthandnixos/nix+nix profile install ...) while keeping existing Ubuntu path intact/usr/bin/zsh,/usr/sbin/sshd)docker-git.json(withoutbaseFlavor) still worksWhy this approach is practical
A hard switch to Nix for everyone is risky. This PR introduces a dual-mode system so teams can migrate project-by-project, compare stability/performance, and roll back instantly by switching flavor.
Proof (tests)
1) Parser supports new flags
2) Template generation supports Nix flavor
3) Type/lint checks for changed packages
Notes
pnpm --filter ./packages/app testcurrently fails locally in this environment due vibecode-linter dependency preflight (npx biome/npx tscresolution), but parser tests and effect lint/type checks pass.Closes #36