From: Jérôme Benoit Date: Wed, 6 May 2026 22:44:33 +0000 (+0200) Subject: chore(sandcastle): install uv, harden APT repo setup X-Git-Tag: cli@v4.7.0~34 X-Git-Url: https://git.piment-noir.org/?a=commitdiff_plain;h=f9ae852a4ae3e118e0c3332251f190acf0933326;p=e-mobility-charging-stations-simulator.git chore(sandcastle): install uv, harden APT repo setup - Add uv via griffo.io APT (provides uvx for MCP servers in sandbox) - Eliminate pipe patterns to prevent silent download failures - Migrate GitHub CLI key to /etc/apt/keyrings/ - Remove gpg from base deps (no longer needed) --- diff --git a/.sandcastle/Dockerfile b/.sandcastle/Dockerfile index 005278a4..ca7ed188 100644 --- a/.sandcastle/Dockerfile +++ b/.sandcastle/Dockerfile @@ -5,24 +5,26 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ curl \ jq \ ca-certificates \ - gpg \ && rm -rf /var/lib/apt/lists/* -# uv (griffo.io APT) — needed for uvx MCP servers -RUN mkdir -p /etc/apt/keyrings \ +# uv +RUN install -m 0755 -d /etc/apt/keyrings \ && curl -fsSL https://debian.griffo.io/EA0F721D231FDD3A0A17B9AC7808B4DD62C41256.asc \ - | gpg --dearmor -o /etc/apt/keyrings/debian.griffo.io.gpg \ - && echo "deb [signed-by=/etc/apt/keyrings/debian.griffo.io.gpg] https://debian.griffo.io/apt trixie main" \ + -o /etc/apt/keyrings/debian.griffo.io.asc \ + && chmod a+r /etc/apt/keyrings/debian.griffo.io.asc \ + && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/debian.griffo.io.asc] https://debian.griffo.io/apt trixie main" \ > /etc/apt/sources.list.d/debian.griffo.io.list \ && apt-get update && apt-get install -y --no-install-recommends uv \ && rm -rf /var/lib/apt/lists/* -# Install GitHub CLI -RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg \ - | dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg \ - && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" \ - | tee /etc/apt/sources.list.d/github-cli.list > /dev/null \ - && apt-get update && apt-get install -y gh \ +# GitHub CLI +RUN install -m 0755 -d /etc/apt/keyrings \ + && curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg \ + -o /etc/apt/keyrings/githubcli-archive-keyring.gpg \ + && chmod a+r /etc/apt/keyrings/githubcli-archive-keyring.gpg \ + && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" \ + > /etc/apt/sources.list.d/github-cli.list \ + && apt-get update && apt-get install -y --no-install-recommends gh \ && rm -rf /var/lib/apt/lists/* # Install coding agents globally