feat(docker): pre-install essential dev tools in minimal image#1304
feat(docker): pre-install essential dev tools in minimal image#1304darrenzeng2025 wants to merge 3 commits intosipeed:mainfrom
Conversation
nikolasdehor
left a comment
nikolasdehor
left a comment
There was a problem hiding this comment.
Adding development tools to the minimal Docker image is a significant change that contradicts PicoClaw's design philosophy of minimal resource usage.
Concerns:
-
Image size impact -- python3 + py3-pip alone adds ~50-80MB to an Alpine image. Combined with git (~25MB) and bash (~5MB), this could more than double the final image size. For a project targeting embedded devices and minimal hardware (<10MB RAM), this is a substantial tradeoff that should be justified with concrete use cases.
-
Security surface area -- python3 + pip introduce a large attack surface (pip can install arbitrary packages, python can execute arbitrary code). For a Docker image that runs an AI gateway, minimizing the attack surface is important.
-
Alternative approach -- rather than bloating the minimal image, consider:
- A separate
Dockerfile.devor adocker-compose.dev.ymlthat extends the minimal image - Multi-stage build with a
--target=devoption - Document how users can extend the image:
FROM picoclaw:latest\nRUN apk add --no-cache python3 git jq bash
- A separate
-
jq is already available via curl + pipe -- many API interactions can be handled without jq since the Go binary itself handles JSON.
-
bash vs sh -- Alpine's default
/bin/sh(busybox ash) handles most shell scripting needs. Adding bash as a dependency is rarely necessary.
I would recommend keeping the minimal image minimal and providing a separate dev/extended image variant instead.
…ash) This addresses PR sipeed#1304 concerns by: - Keeping the main Dockerfile minimal for production use - Creating a separate Dockerfile.dev for development/debugging scenarios - Adding docker-compose service with 'dev' profile for optional use The development image includes tools for scripting, JSON processing, and debugging while maintaining the minimal image for resource-constrained deployments.
|
I've submitted a solution to address the concerns raised in this PR discussion. Solution: Instead of modifying the minimal Dockerfile, I've created a separate development image approach:
This approach:
The changes are in PR #1301 (same branch). Usage: docker compose -f docker/docker-compose.yml --profile dev up picoclaw-gateway-dev |
…ash) This addresses PR sipeed#1304 concerns by: - Keeping the main Dockerfile minimal for production use - Creating a separate Dockerfile.dev for development/debugging scenarios - Adding docker-compose service with 'dev' profile for optional use The development image includes tools for scripting, JSON processing, and debugging while maintaining the minimal image for resource-constrained deployments.
Add commonly used development tools to the minimal Dockerfile: - curl: HTTP requests and health checks - jq: JSON processing - git: Version control for skills - python3 + py3-pip: Python script support - bash: Better shell scripting support These tools are essential for many PicoClaw skills and MCP tools to function properly in containerized environments. Fixes sipeed#1228
…ash) This addresses PR sipeed#1304 concerns by: - Keeping the main Dockerfile minimal for production use - Creating a separate Dockerfile.dev for development/debugging scenarios - Adding docker-compose service with 'dev' profile for optional use The development image includes tools for scripting, JSON processing, and debugging while maintaining the minimal image for resource-constrained deployments.
This reverts commit 55862e5.
darrenzeng2025
force-pushed
the
feat/docker-dev-tools
branch
from
19df15e to
984853f
Compare
…ash) This addresses PR sipeed#1304 concerns by: - Keeping the main Dockerfile minimal for production use - Creating a separate Dockerfile.dev for development/debugging scenarios - Adding docker-compose service with 'dev' profile for optional use The development image includes tools for scripting, JSON processing, and debugging while maintaining the minimal image for resource-constrained deployments.
|
@darrenzeng2025 Hi! This PR has had no activity for over 2 weeks, so I'm closing it for now to keep things tidy. If it's still relevant, feel free to reopen it anytime and we'll pick it back up. |
2 participants
📝 Description
This PR adds essential development tools to the minimal Docker image ().
Tools Added:
Why:
The current minimal image only contains , , and . Many PicoClaw skills and MCP tools require additional utilities like 用法:git [--version] [--help] [-C ] [-c =]
[--exec-path[=]] [--html-path] [--man-path] [--info-path]
[-p | --paginate | -P | --no-pager] [--no-replace-objects] [--bare]
[--git-dir=] [--work-tree=] [--namespace=]
[]
这些是各种场合常见的 Git 命令:
开始一个工作区(参见:git help tutorial)
clone 克隆仓库到一个新目录
init 创建一个空的 Git 仓库或重新初始化一个已存在的仓库
在当前变更上工作(参见:git help everyday)
add 添加文件内容至索引
mv 移动或重命名一个文件、目录或符号链接
restore 恢复工作区文件
rm 从工作区和索引中删除文件
sparse-checkout 初始化及修改稀疏检出
检查历史和状态(参见:git help revisions)
bisect 通过二分查找定位引入 bug 的提交
diff 显示提交之间、提交和工作区之间等的差异
grep 输出和模式匹配的行
log 显示提交日志
show 显示各种类型的对象
status 显示工作区状态
扩展、标记和调校您的历史记录
branch 列出、创建或删除分支
commit 记录变更到仓库
merge 合并两个或更多开发历史
rebase 在另一个分支上重新应用提交
reset 重置当前 HEAD 到指定状态
switch 切换分支
tag 创建、列出、删除或校验一个 GPG 签名的标签对象
协同(参见:git help workflows)
fetch 从另外一个仓库下载对象和引用
pull 获取并整合另外的仓库或一个本地分支
push 更新远程引用和相关的对象
命令 'git help -a' 和 'git help -g' 显示可用的子命令和一些概念帮助。
查看 'git help <命令>' 或 'git help <概念>' 以获取给定子命令或概念的
帮助。
有关系统的概述,查看 'git help git'。 (for skill management), (for JSON parsing), and (for Python-based tools). Users currently need to build custom images or extend the base image.
🗣️ Type of Change
🤖 AI Code Generation
🔗 Related Issue
Fixes #1228
📚 Technical Context
🧪 Test Environment
☑️ Checklist