Skip to content

validate setup universal #116

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
willwang-openai merged 4 commits into from
Jan 14, 2026
Merged

validate setup universal #116

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
28d3507
init
willwang-openai Jan 13, 2026
0ec801a
fix versions
willwang-openai Jan 13, 2026
b539a5f
add version check to set up
willwang-openai Jan 13, 2026
f01af4b
remove forcing version in build
willwang-openai Jan 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 13 additions & 6 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -118,21 +118,19 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \

### PYTHON ###

ARG PYENV_VERSION=v2.6.10
ARG PYTHON_VERSIONS="3.10 3.11 3.12 3.13 3.14"
ARG PYTHON_VERSIONS="3.14 3.13 3.12 3.11 3.10"

# Install pyenv
ENV PYENV_ROOT=/root/.pyenv
ENV PATH=$PYENV_ROOT/bin:$PATH
RUN git -c advice.detachedHead=0 clone --branch "$PYENV_VERSION" --depth 1 https://github.com/pyenv/pyenv.git "$PYENV_ROOT" \
RUN git -c advice.detachedHead=0 clone --depth 1 https://github.com/pyenv/pyenv.git "$PYENV_ROOT" \
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Jan 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Pin pyenv checkout to keep builds reproducible

This clone no longer pins a pyenv release; git clone without --branch tracks whatever HEAD is on the default branch at build time. That makes the image build non‑reproducible and can break later when upstream changes or removes python-build definitions needed by pyenv install $PYTHON_VERSIONS. Consider restoring a specific tag/commit pin (as before) so builds are stable across time.

Useful? React with 👍 / 👎.

&& echo 'export PYENV_ROOT="$HOME/.pyenv"' >> /etc/profile \
&& echo 'export PATH="$PYENV_ROOT/shims:$PYENV_ROOT/bin:$PATH"' >> /etc/profile \
&& echo 'eval "$(pyenv init - bash)"' >> /etc/profile \
&& cd "$PYENV_ROOT" \
&& src/configure \
&& make -C src \
&& pyenv install $PYTHON_VERSIONS \
&& pyenv global "${PYTHON_VERSIONS%% *}" \
&& rm -rf "$PYENV_ROOT/cache"

# Install pipx for common global package managers (e.g. poetry)
Expand Down Expand Up @@ -238,7 +236,7 @@ RUN --mount=type=cache,target=/root/.cargo/registry \

### RUBY ###

ARG RUBY_VERSIONS="3.2.3 3.3.8 3.4.4"
ARG RUBY_VERSIONS="3.4.4 3.3.8 3.2.3"
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
--mount=type=cache,target=/root/.cache/mise \
Expand Down Expand Up @@ -326,7 +324,16 @@ RUN chmod +x /opt/codex/setup_universal.sh
### VERIFICATION SCRIPT ###

COPY verify.sh /opt/verify.sh
RUN chmod +x /opt/verify.sh && bash -lc "/opt/verify.sh"
RUN chmod +x /opt/verify.sh \
&& PYTHON_VERSIONS="$PYTHON_VERSIONS" \
NODE_VERSIONS="24 22 20 18" \
RUST_VERSIONS="$RUST_VERSIONS" \
GO_VERSIONS="$GO_VERSIONS" \
SWIFT_VERSIONS="$SWIFT_VERSIONS" \
RUBY_VERSIONS="$RUBY_VERSIONS" \
PHP_VERSIONS="$PHP_VERSIONS" \
JAVA_VERSIONS="$( [ "$TARGETARCH" = "arm64" ] && echo "$ARM_JAVA_VERSIONS" || echo "$AMD_JAVA_VERSIONS" )" \
"/opt/verify.sh"

### ENTRYPOINT ###

Expand Down
9 changes: 8 additions & 1 deletion setup_universal.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,14 +22,15 @@ echo "Configuring language runtimes..."
if [ -n "${CODEX_ENV_PYTHON_VERSION}" ]; then
echo "# Python: ${CODEX_ENV_PYTHON_VERSION}"
pyenv global "${CODEX_ENV_PYTHON_VERSION}"
python3 --version
fi

if [ -n "${CODEX_ENV_NODE_VERSION}" ]; then
current=$(node -v | cut -d. -f1) # ==> v20
echo "# Node.js: v${CODEX_ENV_NODE_VERSION} (default: ${current})"
if [ "${current}" != "v${CODEX_ENV_NODE_VERSION}" ]; then
nvm alias default "${CODEX_ENV_NODE_VERSION}"
nvm use "${CODEX_ENV_NODE_VERSION}"
nvm use --save "${CODEX_ENV_NODE_VERSION}"
corepack enable
fi
fi
Expand All @@ -39,6 +40,7 @@ if [ -n "${CODEX_ENV_RUBY_VERSION}" ]; then
echo "# Ruby: ${CODEX_ENV_RUBY_VERSION} (default: ${current})"
if [ "${current}" != "${CODEX_ENV_RUBY_VERSION}" ]; then
mise use --global "ruby@${CODEX_ENV_RUBY_VERSION}"
ruby --version
Comment on lines 40 to +43
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Jan 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Restore a Ruby default before probing ruby -v

Because the Dockerfile no longer sets a global Ruby (mise use --global was removed), setup_universal.sh now runs ruby -v with no default configured when it is invoked by verify.sh during the image build. The ruby shim exits non‑zero in that state, and with set -e the script aborts before it can call mise use --global, causing the verification step (and build) to fail. Consider restoring a default Ruby in the install step or making the current‑version probe resilient to an unset default (e.g., mise current ruby || true).

Useful? React with 👍 / 👎.

fi
fi

Expand All @@ -47,6 +49,7 @@ if [ -n "${CODEX_ENV_RUST_VERSION}" ]; then
echo "# Rust: ${CODEX_ENV_RUST_VERSION} (default: ${current})"
if [ "${current}" != "${CODEX_ENV_RUST_VERSION}" ]; then
rustup default "${CODEX_ENV_RUST_VERSION}"
rustc --version
fi
fi

Expand All @@ -55,6 +58,7 @@ if [ -n "${CODEX_ENV_GO_VERSION}" ]; then
echo "# Go: go${CODEX_ENV_GO_VERSION} (default: ${current})"
if [ "${current}" != "go${CODEX_ENV_GO_VERSION}" ]; then
mise use --global "go@${CODEX_ENV_GO_VERSION}"
go version
fi
fi

Expand All @@ -63,6 +67,7 @@ if [ -n "${CODEX_ENV_SWIFT_VERSION}" ]; then
echo "# Swift: ${CODEX_ENV_SWIFT_VERSION} (default: ${current})"
if [ "${current}" != "${CODEX_ENV_SWIFT_VERSION}" ]; then
swiftly use "${CODEX_ENV_SWIFT_VERSION}"
swift --version
fi
fi

Expand All @@ -72,6 +77,7 @@ if [ -n "${CODEX_ENV_PHP_VERSION}" ]; then
echo "# PHP: ${CODEX_ENV_PHP_VERSION} (default: ${current})"
if [ "${current}" != "${CODEX_ENV_PHP_VERSION}" ]; then
phpenv global "${CODEX_ENV_PHP_VERSION}snapshot"
php --version
fi
fi

Expand All @@ -80,5 +86,6 @@ if [ -n "${CODEX_ENV_JAVA_VERSION}" ]; then
echo "# Java: ${CODEX_ENV_JAVA_VERSION} (default: ${current})"
if [ "${current}" != "${CODEX_ENV_JAVA_VERSION}" ]; then
mise use --global "java@${CODEX_ENV_JAVA_VERSION}"
java -version
fi
fi
50 changes: 42 additions & 8 deletions verify.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,19 +4,53 @@ set -euo pipefail

echo "Verifying language runtimes ..."

read -ra PYTHON <<< "$PYTHON_VERSIONS"
read -ra NODE <<< "$NODE_VERSIONS"
read -ra RUST <<< "$RUST_VERSIONS"
read -ra GO <<< "$GO_VERSIONS"
read -ra SWIFT <<< "$SWIFT_VERSIONS"
read -ra RUBY <<< "$RUBY_VERSIONS"
read -ra PHP <<< "$PHP_VERSIONS"
read -ra JAVA <<< "$JAVA_VERSIONS"

max=$(printf "%s\n" \
${#PYTHON[@]} \
${#NODE[@]} \
${#RUST[@]} \
${#GO[@]} \
${#SWIFT[@]} \
${#RUBY[@]} \
${#PHP[@]} \
${#JAVA[@]} \
| sort -nr | head -1)

for ((i=max-1; i>=0; i--)); do
CODEX_ENV_PYTHON_VERSION=${PYTHON[i]:-${PYTHON[0]}} \
CODEX_ENV_NODE_VERSION=${NODE[i]:-${NODE[0]}} \
CODEX_ENV_RUST_VERSION=${RUST[i]:-${RUST[0]}} \
CODEX_ENV_GO_VERSION=${GO[i]:-${GO[0]}} \
Comment on lines +27 to +31
Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot Jan 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Restore Node default after version loop

Because the loop runs from max-1 down to 0, the last setup_universal.sh invocation uses NODE[0] as the version. With NODE_VERSIONS="18 20 22" in the Dockerfile, that means the final pass sets Node to 18. setup_universal.sh persists this via nvm alias default (setup_universal.sh:27-33), so the built image ends up defaulting to Node 18 instead of the intended NODE_VERSION=22 (Dockerfile:158-182). This changes the runtime version users see and makes the verification output reflect the wrong default. Consider iterating forward, reversing NODE_VERSIONS, or explicitly restoring the desired default after the loop.

Useful? React with 👍 / 👎.

CODEX_ENV_SWIFT_VERSION=${SWIFT[i]:-${SWIFT[0]}} \
CODEX_ENV_RUBY_VERSION=${RUBY[i]:-${RUBY[0]}} \
CODEX_ENV_PHP_VERSION=${PHP[i]:-${PHP[0]}} \
CODEX_ENV_JAVA_VERSION=${JAVA[i]:-${JAVA[0]}} \
bash -lc '
printf "\n\nTesting setup_universal with versions:\n"
env | grep "^CODEX_ENV_" | sort
printf "\n"
/opt/codex/setup_universal.sh
'
done

echo "- Python:"
python3 --version
pyenv versions | sed 's/^/ /'

echo "- Node.js:"
for version in "18" "20" "22"; do
nvm use --global "${version}"
node --version
npm --version
pnpm --version
yarn --version
npm ls -g
done
node --version
npm --version
pnpm --version
yarn --version
npm ls -g

echo "- Bun:"
bun --version
Expand Down