FROM docker.io/library/node:22-slim

USER root

RUN apt-get update && apt-get install -y --no-install-recommends \
        git \
        ca-certificates \
        curl \
        openssh-client \
        build-essential \
        python3 \
        ripgrep \
        fd-find \
    && rm -rf /var/lib/apt/lists/* \
    && ln -s /usr/bin/fdfind /usr/local/bin/fd

# Install Pi coding agent (latest stable).
# --ignore-scripts mirrors the official install command from
# https://pi.dev/docs/latest — it skips lifecycle hooks that pi does not need.
RUN npm install -g --ignore-scripts @earendil-works/pi-coding-agent

# agentcage introspection: bake a short "you are sandboxed" brief into Pi's
# global context file (~/.pi/agent/AGENTS.md) so the agent discovers it is
# caged with zero setup. agentcage stages the canonical AGENTS.md brief into
# the build context (see agentcage.scaffold_brief) — not committed per-scaffold.
#
# Delivered as a plain, writable, node-owned file — deliberately NOT a
# read-only bind mount over ~/.pi (that makes the runtime create ~/.pi
# root-owned, breaking Pi's own state/session writes). Pi keeps full
# ownership of ~/.pi.
RUN mkdir -p /home/node/.pi/agent
COPY AGENTS.md /home/node/.pi/agent/AGENTS.md
RUN chown -R node:node /home/node/.pi

# node:22-slim already has user node (1000:1000)
USER node
WORKDIR /workspace
