Chore: [AEA-0000] - use published dev container

.devcontainer/Dockerfile

@@ -1,53 +1,19 @@
-FROM mcr.microsoft.com/devcontainers/base:ubuntu
-
-# provide DOCKER_GID via build args if you need to force group id to match host
-ARG DOCKER_GID
+ARG IMAGE_VERSION=latest
+ARG IMAGE=node_24_python_3_14
+FROM ghcr.io/nhsdigital/eps-devcontainers/${IMAGE}:${IMAGE_VERSION}
 
+USER root
 # specify DOCKER_GID to force container docker group id to match host
 RUN if [ -n "${DOCKER_GID}" ]; then \
-      if ! getent group docker; then \
-        groupadd -g ${DOCKER_GID} docker; \
-      else \
-        groupmod -g ${DOCKER_GID} docker; \
-      fi && \
-      usermod -aG docker vscode; \
+    if ! getent group docker; then \
+    groupadd -g ${DOCKER_GID} docker; \
+    else \
+    groupmod -g ${DOCKER_GID} docker; \
+    fi && \
+    usermod -aG docker vscode; \
     fi
 
-# Anticipate and resolve potential permission issues with apt
-RUN mkdir -p /tmp && chmod 1777 /tmp
-
-RUN apt-get update \
-    && export DEBIAN_FRONTEND=noninteractive \
-    && apt-get -y dist-upgrade \
-    && apt-get -y install --no-install-recommends htop vim curl git build-essential \
-    libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev libbz2-dev \
-    zlib1g-dev unixodbc unixodbc-dev libsecret-1-0 libsecret-1-dev libsqlite3-dev \
-    jq apt-transport-https ca-certificates gnupg-agent \
-    software-properties-common bash-completion python3-pip make libbz2-dev \
-    libreadline-dev libsqlite3-dev wget llvm libncurses5-dev libncursesw5-dev \
-    xz-utils tk-dev liblzma-dev netcat-traditional libyaml-dev
-
-USER vscode
-
-# Install ASDF
-RUN git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch v0.11.3 && \
-    echo '. $HOME/.asdf/asdf.sh' >> ~/.bashrc && \
-    echo '. $HOME/.asdf/completions/asdf.bash' >> ~/.bashrc
-
-ENV PATH="$PATH:/home/vscode/.asdf/bin/:/workspaces/eps-prescription-tracker-ui/node_modules/.bin:/workspaces/eps-common-workflows/.venv/bin"
-
-# Install ASDF plugins#
-RUN asdf plugin add nodejs https://github.com/asdf-vm/asdf-nodejs.git && \
-    asdf plugin add actionlint && \
-    asdf plugin add shellcheck https://github.com/luizm/asdf-shellcheck.git && \
-    asdf plugin add poetry https://github.com/asdf-community/asdf-poetry.git && \
-    asdf plugin add python
-
-WORKDIR /workspaces/eps-common-workflows
-
-ADD .tool-versions /workspaces/eps-common-workflows/.tool-versions
-ADD .tool-versions /home/vscode/.tool-versions
-
-RUN asdf install python && \
-    asdf install && \
-    asdf reshim nodejs
+# fix vscode user back to 1000
+RUN usermod -u 1000 vscode; \
+    groupmod -g 1000 vscode; \
+    chown -R vscode:vscode /home/vscode

.devcontainer/devcontainer.json

@@ -1,52 +1,44 @@
-// For format details, see https://aka.ms/devcontainer.json. For config options, see the
-// README at: https://github.com/devcontainers/templates/tree/main/src/ubuntu
 {
   "name": "Ubuntu",
-  // Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile
   "build": {
     "dockerfile": "Dockerfile",
     "context": "..",
     "args": {
-      "DOCKER_GID": "${env:DOCKER_GID:}"
-    }
-  },
-  "mounts": [
-    "source=${env:HOME}${env:USERPROFILE}/.aws,target=/home/vscode/.aws,type=bind",
-    "source=${env:HOME}${env:USERPROFILE}/.ssh,target=/home/vscode/.ssh,type=bind",
-    "source=${env:HOME}${env:USERPROFILE}/.gnupg,target=/home/vscode/.gnupg,type=bind",
-    "source=${env:HOME}${env:USERPROFILE}/.npmrc,target=/home/vscode/.npmrc,type=bind"
-  ],
-  "containerUser": "vscode",
-  "remoteEnv": {
-    "LOCAL_WORKSPACE_FOLDER": "${localWorkspaceFolder}"
-  },
-  "postAttachCommand": "docker build -f /workspaces/eps-common-workflows/dockerfiles/nhsd-git-secrets.dockerfile -t git-secrets . && pre-commit install --install-hooks -f",
-  "features": {
-    "ghcr.io/devcontainers/features/github-cli:1": {},
-    "ghcr.io/devcontainers/features/docker-outside-of-docker:1": {
-      "version": "latest",
-      "moby": "true",
-      "installDockerBuildx": "true"
-    }
-  },
-  "customizations": {
-    "vscode": {
-      "extensions": [
-        "AmazonWebServices.aws-toolkit-vscode",
-        "redhat.vscode-yaml",
-        "eamodio.gitlens",
-        "github.vscode-pull-request-github",
-        "streetsidesoftware.code-spell-checker",
-        "timonwong.shellcheck",
-        "github.vscode-github-actions"
-      ],
-      "settings": {
-        "cSpell.words": [
-          "fhir",
-          "Formik",
-          "pino",
-          "serialisation"
-        ]
+      "DOCKER_GID": "${env:DOCKER_GID:}",
+      "IMAGE_VERSION": "pr-16-36dcbc3",
+      "IMAGE": "node_24_python_3_14"
+    },
+    "postAttachCommand": "git-secrets --register-aws; git-secrets --add-provider -- cat /usr/share/secrets-scanner/nhsd-rules-deny.txt",
+    "mounts": [
+      "source=${env:HOME}${env:USERPROFILE}/.aws,target=/home/vscode/.aws,type=bind",
+      "source=${env:HOME}${env:USERPROFILE}/.ssh,target=/home/vscode/.ssh,type=bind",
+      "source=${env:HOME}${env:USERPROFILE}/.gnupg,target=/home/vscode/.gnupg,type=bind",
+      "source=${env:HOME}${env:USERPROFILE}/.npmrc,target=/home/vscode/.npmrc,type=bind"
+    ],
+    "containerUser": "vscode",
+    "remoteEnv": {
+      "LOCAL_WORKSPACE_FOLDER": "${localWorkspaceFolder}"
+    },
+    "features": {},
+    "customizations": {
+      "vscode": {
+        "extensions": [
+          "AmazonWebServices.aws-toolkit-vscode",
+          "redhat.vscode-yaml",
+          "eamodio.gitlens",
+          "github.vscode-pull-request-github",
+          "streetsidesoftware.code-spell-checker",
+          "timonwong.shellcheck",
+          "github.vscode-github-actions"
+        ],
+        "settings": {
+          "cSpell.words": [
+            "fhir",
+            "Formik",
+            "pino",
+            "serialisation"
+          ]
+        }
       }
     }
   }

.github/workflows/pull_request.yml

@@ -16,11 +16,12 @@ jobs:
       AUTOMERGE_PEM: ${{ secrets.AUTOMERGE_PEM }}
   pr_title_format_check:
     uses: ./.github/workflows/pr_title_check.yml
-  get_asdf_version:
+  get_config_values:
     runs-on: ubuntu-22.04
     outputs:
       asdf_version: ${{ steps.asdf-version.outputs.version }}
       tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }}
+      devcontainer_version: ${{ steps.load-config.outputs.DEVCONTAINER_VERSION }}
     steps:
       - name: Checkout code
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
@@ -32,20 +33,22 @@ jobs:
         id: load-config
         run: |
           TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml)
+          DEVCONTAINER_VERSION=$(jq -r '.build.args.IMAGE_VERSION' .devcontainer/devcontainer.json)
           echo "TAG_FORMAT=$TAG_FORMAT" >> "$GITHUB_OUTPUT"
+          echo "DEVCONTAINER_VERSION=$DEVCONTAINER_VERSION" >> "$GITHUB_OUTPUT"
   quality_checks:
     uses: ./.github/workflows/quality-checks.yml
-    needs: [get_asdf_version]
+    needs: [get_config_values]
     with:
-      asdfVersion: ${{ needs.get_asdf_version.outputs.asdf_version }}
+      runtime_docker_image: "node_24_python_3_14:${{ needs.get_config_values.outputs.devcontainer_version }}"
     secrets:
       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
   tag_release:
-    needs: [quality_checks, get_asdf_version]
+    needs: [quality_checks, get_config_values]
     uses: ./.github/workflows/tag-release.yml
     with:
       dry_run: true
-      asdfVersion: ${{ needs.get_asdf_version.outputs.asdf_version }}
+      asdfVersion: ${{ needs.get_config_values.outputs.asdf_version }}
       branch_name: ${{ github.event.pull_request.head.ref }}
-      tag_format: ${{ needs.get_asdf_version.outputs.tag_format }}
+      tag_format: ${{ needs.get_config_values.outputs.tag_format }}
     secrets: inherit