Stabilize and automate the dev container build

This commit resolves a series of build and runtime errors to create a stable,
portable, and fully automated dev container environment that works on both
`arm64` and `x86_64` architectures out-of-the-box.

- Stabilize Dockerfile Build:
    - Upgrades the base image from `bullseye` to `bookworm`.
    - Consolidates all `apt-get` dependencies into a single, correctly ordered
      layer, installing necessary tools for cross-compilation
      (`gcc-x86-64-linux-gnu`, `libc6-dev-amd64-cross`).
    - Fixes `rustup` permission errors by installing the toolchain as `root`
      and granting ownership to the `vscode` user.
    - Adds `--break-system-packages` to the `pip install` command to comply
      with Debian `bookworm`'s package management policies.

- Improve Architecture Portability:
    - Makes the `bin/build` and `bin/test` scripts architecture-aware, allowing
      them to run seamlessly on both `arm64` and `x86_64` hosts without manual
      configuration.
    - Fixes a bug that caused inconsistent naming of the shared library (`.so`)
      file between build and test runs.

- Fix Container Startup on ARM64:
    - Centralizes QEMU and `binfmt` setup within the `Dockerfile` build,
      creating an architecture-aware initialization process.
    - This allows for the removal of legacy, conflicting setup methods that
      caused startup failures on `arm64` hosts:
        - Removes the privileged `docker run` command for `qemu-user-static`
          from the `postCreate` script.
        - Disables the redundant QEMU setup in the `docker-in-docker` feature
          by configuring `install-qemu: false` for the feature.

Author: brcarp

.devcontainer/Dockerfile

@@ -1,30 +1,39 @@
-FROM mcr.microsoft.com/devcontainers/rust:1-1-bullseye
+FROM mcr.microsoft.com/devcontainers/rust:2-1-bookworm
 
-RUN sudo apt-get update -y \
-    && sudo apt-get upgrade -y 
+RUN apt-get update -y \
+    && apt-get upgrade -y \
+    && apt-get install -y --fix-missing --no-install-recommends \
+    zip \
+    qemu-system \
+    binfmt-support \
+    qemu-user-static \
+    nodejs \
+    ruby \
+    php \
+    php-common \
+    python3-pip \
+    gcc-x86-64-linux-gnu \
+    libc6-dev-amd64-cross \
+    && rm -rf /var/lib/apt/lists/* \
+    && update-binfmts --enable qemu-aarch64
 
-RUN sudo apt-get install -y --fix-missing zip 
+# Easy way to install Python.
+RUN update-alternatives --install /usr/bin/python python /usr/bin/python3 1
 
-RUN sudo apt-get update -y \
-    && sudo apt-get upgrade -y \
-    && sudo apt-get install -y zip ltrace
+# Switch to root to install rust targets and fix permissions
+USER root
 
-RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
+# Install rust targets for cross-compilation
 RUN rustup update \
-    && rustup target add aarch64-unknown-linux-gnu
+    && rustup default stable \
+    && rustup target add aarch64-unknown-linux-gnu \
+    && rustup target add x86_64-unknown-linux-gnu
 
-RUN rustup default stable
-# x86_64 to arm64 support.
-RUN sudo apt-get install -y \
-    qemu \
-    binfmt-support \
-    qemu-user-static
+# Grant vscode user ownership of rustup and cargo directories
+RUN chown -R vscode:vscode /usr/local/rustup /usr/local/cargo
 
-# Easy way to install node, ruby, and php
-RUN apt-get -y install nodejs ruby php php-common
-
-# Easy way to install Python.
-RUN update-alternatives --install /usr/bin/python python /usr/bin/python3 1
+# Switch back to vscode user
+USER vscode
 
 # Multi-platform SAM CLI. https://github.com/aws/aws-sam-cli/issues/3908
-RUN apt-get install -y pip && pip install aws-sam-cli
+RUN pip install aws-sam-cli --break-system-packages

.devcontainer/devcontainer.json

@@ -5,7 +5,9 @@
   },
   "features": {
     "ghcr.io/devcontainers/features/aws-cli:latest": {},
-    "ghcr.io/devcontainers/features/docker-in-docker:latest": {},
+    "ghcr.io/devcontainers/features/docker-in-docker:latest": {
+      "install-qemu": false
+    },
     "ghcr.io/customink/codespaces-features/docker-log-level": {},
     "ghcr.io/devcontainers/features/sshd:latest": {}
   },

.devcontainer/postCreate

@@ -1,8 +1,8 @@
 #!/bin/sh
 set -e
 
-docker run \
-  --rm \
-  --privileged \
-  multiarch/qemu-user-static \
-  --reset -p yes 
+# Wait for docker to be ready
+while ! docker info > /dev/null 2>&1; do
+    echo "Waiting for docker daemon..."
+    sleep 1
+done 

bin/build

@@ -3,7 +3,23 @@ set -e
 
 # Sync with bin/build, bin/test, & test/libcrypteia.sh.
 export CRYPTEIA_BUILD_OS="${CRYPTEIA_BUILD_OS:=debian}"
-export CRYPTEIA_BUILD_TARGET="${CRYPTEIA_BUILD_TARGET:=x86_64-unknown-linux-gnu}"
+
+# Auto-detect build target if not already set
+if [ -z "${CRYPTEIA_BUILD_TARGET}" ]; then
+  case "$(uname -m)" in
+    aarch64)
+      export CRYPTEIA_BUILD_TARGET="aarch64-unknown-linux-gnu"
+      ;;
+    x86_64)
+      export CRYPTEIA_BUILD_TARGET="x86_64-unknown-linux-gnu"
+      ;;
+    *)
+      echo "Unsupported architecture: $(uname -m)"
+      exit 1
+      ;;
+  esac
+fi
+
 if [ "${CRYPTEIA_BUILD_TARGET}" = "aarch64-unknown-linux-gnu" ]; then
   export CRYPTEIA_BUILD_SUFFIX="-arm64"
 fi

bin/build-arch

@@ -16,10 +16,14 @@ cargo build \
   --target "${CRYPTEIA_BUILD_TARGET}" 
 
 cp "./target/${CRYPTEIA_BUILD_TARGET}/release/crypteia" "./build/${BIN}"
-cp ./target/${CRYPTEIA_BUILD_TARGET}/release/libcrypteia.so "./build/${LIB}"
+cp "./target/${CRYPTEIA_BUILD_TARGET}/release/libcrypteia.so" "./build/${LIB}"
 
 cd ./build
-strip "$BIN"
+if [ "${CRYPTEIA_BUILD_TARGET}" = "aarch64-unknown-linux-gnu" ]; then
+  strip "$BIN"
+else
+  x86_64-linux-gnu-strip "$BIN"
+fi
 chmod +x "$BIN"
 zip -r "${BIN}.zip" "$BIN"
 zip -r "libcrypteia-${CRYPTEIA_BUILD_OS}${CRYPTEIA_BUILD_SUFFIX}.zip" "$LIB"

bin/test

@@ -3,7 +3,23 @@ set -e
 
 # Sync with bin/build, bin/test, & test/libcrypteia.sh.
 export CRYPTEIA_BUILD_OS="${CRYPTEIA_BUILD_OS:=debian}"
-export CRYPTEIA_BUILD_TARGET="${CRYPTEIA_BUILD_TARGET:=x86_64-unknown-linux-gnu}"
+
+# Auto-detect build target if not already set
+if [ -z "${CRYPTEIA_BUILD_TARGET}" ]; then
+  case "$(uname -m)" in
+    aarch64)
+      export CRYPTEIA_BUILD_TARGET="aarch64-unknown-linux-gnu"
+      ;;
+    x86_64)
+      export CRYPTEIA_BUILD_TARGET="x86_64-unknown-linux-gnu"
+      ;;
+    *)
+      echo "Unsupported architecture: $(uname -m)"
+      exit 1
+      ;;
+  esac
+fi
+
 if [ "${CRYPTEIA_BUILD_TARGET}" = "aarch64-unknown-linux-gnu" ]; then
   export CRYPTEIA_BUILD_SUFFIX="-arm64"
 fi
@@ -12,9 +28,7 @@ if [ ! "${SKIP_CARGO_TEST}" = "1" ]; then
   cargo test --target "${CRYPTEIA_BUILD_TARGET}" --quiet
 fi
 
-if [ ! "${CRYPTEIA_BUILD_TARGET}" = "aarch64-unknown-linux-gnu" ]; then
-  TEST_LANG=node ./test/libcrypteia.sh 
-  TEST_LANG=ruby ./test/libcrypteia.sh 
-  TEST_LANG=php ./test/libcrypteia.sh 
-  TEST_LANG=python ./test/libcrypteia.sh
-fi
+TEST_LANG=node ./test/libcrypteia.sh
+TEST_LANG=ruby ./test/libcrypteia.sh
+TEST_LANG=php ./test/libcrypteia.sh
+TEST_LANG=python ./test/libcrypteia.sh