Fix devcontainer

[a5chin]

User description

Type of Change

• Hotfix
• Bug Fix
• Dependency Update
• Feature
• Refactor
• CI/CD
• Documentation

Related Issues

Breaking Changes

• No breaking changes
• API signature changed
• Configuration changed
• Behavior changed
• Dependencies changed
• Features removed

Checklist

• Dependencies added/updated
• New environment variables
• Performance impact assessed
• Security implications reviewed
• Deployment notes

Additional Context

---

PR Type

Enhancement, Documentation

---

Description

• Configure devcontainer with named volumes for cache and venv.

• Bind-mount local SSH keys into the devcontainer.

• Update Ruff configuration with new ignore rules and Python target.

• Streamline VSCode interpreter paths to use relative paths.

---

Diagram Walkthrough

flowchart LR
  A[devcontainer.json] --> B{Add Mounts};
  B -- "Cache Volume" --> C[/.cache];
  B -- "Venv Volume" --> D[/.venv];
  B -- "SSH Bind Mount" --> E[/.ssh];
  A -- "Update UV_PROJECT_ENVIRONMENT" --> F[Environment Variables];
  A -- "Add updateContentCommand" --> G[File Ownership];
  A -- "Update VSCode Extensions" --> H[VSCode Configuration];
  I[.vscode/settings.json] --> J[Relative Paths];
  K[docs/configurations/ruff.md] --> L[Ruff Configuration Updates];
  M[docs/configurations/uv.md] --> N[Devcontainer Docs Update];
  O[docs/usecases/jupyter.md] --> J;

Loading

File Walkthrough

	Relevant files
Configuration changes	devcontainer.json Configure devcontainer with named volumes and SSH bind mount. .devcontainer/devcontainer.json Introduced mounts for cache, venv, and SSH keys using named volumes and bind mounts. Updated UV_PROJECT_ENVIRONMENT to use ${containerWorkspaceFolder}/.venv. Added updateContentCommand to manage file ownership for mounted volumes. Included new VSCode extensions like astral-sh.ty and dorzey.vscode-sqlfluff. +19/-1    settings.json Use relative paths for Python interpreter and SQLFluff.    .vscode/settings.json Changed python.defaultInterpreterPath from an absolute path to a relative .venv/bin/python. Updated sqlfluff.config and sqlfluff.executablePath to use relative paths. +3/-3
Documentation	ruff.md Update Ruff configuration documentation with new rules and target. docs/configurations/ruff.md Updated highlighted lines in code blocks to reflect new Ruff configurations. Added PLC0415 to the list of ignored Ruff rules. Introduced [lint.per-file-ignores] to ignore INP001 and S101 for tests/**. Updated target-version for Ruff to py314. +15/-5    uv.md Document new devcontainer UV configuration with volume mounts. docs/configurations/uv.md Replaced the Dockerfile example with a detailed devcontainer.json configuration. Documented the new mounts section for cache, venv, and SSH keys. Explained the UV_PROJECT_ENVIRONMENT variable and updateContentCommand. Provided key configuration details for the devcontainer setup. +46/-13  jupyter.md Adjust Jupyter documentation for relative Python interpreter path. docs/usecases/jupyter.md Updated python.defaultInterpreterPath to use a relative path .venv/bin/python. +1/-1

---

[a5chin]

/review

[github-actions]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪

🧪 No relevant tests

🔒 Security concerns Sensitive information exposure: The bind mount of ${localEnv:HOME}/.ssh (lines 20-24 in .devcontainer/devcontainer.json) exposes the host's SSH keys to the devcontainer. While common for development environments, this is a security risk if the container is compromised. Ensure that only necessary keys are present on the host or consider alternative, more secure methods for Git authentication within the container if possible.

⚡ Recommended focus areas for review Python Version The Ruff configuration documentation updates the target Python version to py314. Please confirm if the project is indeed targeting Python 3.14, as this is a significant version bump and should align with the project's actual Python environment and CI/CD setup. # Assume Python 3.14 target-version = "py314" Doc Discrepancy The updateContentCommand in the uv.md documentation is missing /home/${remoteUser}/.cache compared to the actual .devcontainer/devcontainer.json file. This could lead to permission issues for the cache directory if users follow the documentation. "updateContentCommand": "sudo chown -R vscode ${containerWorkspaceFolder}/.venv /home/${remoteUser}/.ssh", Permissions Check The updateContentCommand sets ownership for the mounted volumes, including the SSH directory. It's crucial to ensure this command is robust and correctly handles all scenarios to prevent permission issues or unintended access to the host's SSH keys within the container. "updateContentCommand": "sudo chown -R vscode /home/${remoteUser}/.cache ${containerWorkspaceFolder}/.venv /home/${remoteUser}/.ssh",

[a5chin]

/improve