Skip to content

feat: enable Docker CLI inside container image #11

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

feat: enable Docker CLI inside container image #11

wants to merge 2 commits into from

Conversation

krzemienski
Copy link

@krzemienski krzemienski commented May 17, 2025
edited
Loading

✨ Summary

Enable Docker CLI and Compose v2 inside the codex-universal container image for Ubuntu 24.04 by installing the docker.io client plus the docker-compose-v2 plugin in a dedicated ### DOCKER ### layer.
This guarantees docker compose … works out‑of‑the‑box when Codex tests repositories that rely on container orchestration.

Fixes #10

🔍 Context

  • Modern integration tests frequently orchestrate services (DBs, caches, side‑cars) with docker compose.
  • The current image ships only language runtimes; any repo that invokes Docker fails immediately.
  • On Ubuntu 24.04 LTS (“noble”) docker.io does not bundle Compose—the v2 CLI lives in docker-compose-v2. Installing both packages (no daemon, just CLI) unblocks container workflows while keeping the existing security model (CLI talks to a mounted socket; no privileged service starts inside the image).

🛠️ What’s inside

File Change
Dockerfile Append
apt-get install -y --no-install-recommends docker.io docker-compose-v2 in a new ### DOCKER ### layer

No other files or behaviours are modified.

🚀 How to Test

# Build the updated image
docker build -t codex-universal-docker .

# Run it with access to the host Docker socket
docker run --rm -it -v /var/run/docker.sock:/var/run/docker.sock codex-universal-docker bash

# Inside the container:
docker --version          # → Docker version <X.Y.Z>, build …
docker compose version    # → Docker Compose version v2.<N>

Optional smoke‑test

echo -e 'FROM alpine\nCMD ["echo","hello"]' > Dockerfile
docker build -t hello-alpine .
docker run --rm hello-alpine   # → prints “hello”

All commands should succeed without “command not found” errors.

📏 Impact & Size

  • Adds ≈ 25 MB compressed to the final image.
  • No privileged mode required; socket pass‑through remains sufficient.
  • Zero breaking changes for projects that never call Docker.

📝 Checklist

@krzemienski krzemienski marked this pull request as draft May 17, 2025 04:35
@seuros
Copy link

seuros commented May 21, 2025
edited
Loading

Excuse me, but running docker inside docker it not possible as far as know in sandbox mode.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@krzemienski @seuros