From 929124fbbecf5b6130f59bed5c3876a381ce5a42 Mon Sep 17 00:00:00 2001 From: Bas van Dijk Date: Wed, 7 Jan 2026 23:05:28 +0000 Subject: [PATCH 01/12] chore: integrate Claude Code --- .claude/CLAUDE.md | 59 +++++++++++++++++++++++++++++++++++++++++ .vscode/extensions.json | 3 ++- ci/container/Dockerfile | 3 +++ 3 files changed, 64 insertions(+), 1 deletion(-) create mode 100644 .claude/CLAUDE.md diff --git a/.claude/CLAUDE.md b/.claude/CLAUDE.md new file mode 100644 index 000000000000..266cc54274f1 --- /dev/null +++ b/.claude/CLAUDE.md @@ -0,0 +1,59 @@ +Dev Container +============= + +Building and testing this repository requires being in the dev container since it provides required dependencies. + +Entering the dev container can be done using: + +`ci/container/container-run.sh` + +Individual commands can also be run in the dev container using: + +`ci/container/container-run.sh COMMAND` + + +Rust +==== + +After changing Rust code (`*.rs`) first format the code using `cargo fmt`. + +Then check the code for linting errors using: + +``` +cargo clippy --locked --all-features --workspace --all-targets --keep-going -- \ + -D warnings \ + -D clippy::all \ + -D clippy::mem_forget \ + -C debug-assertions=off \ + -A clippy::uninlined_format_args +``` + +Fix any linting errors before continuing. + + +Building +-------- + +Rust code is built using both `cargo build` and Bazel. + +After changing a package under `rs/$PACKAGE` run `bazel build //rs/$PACKAGE`. + + +Changing crate dependencies +--------------------------- + +If crate dependencies need to be changed or added: + +1. First modify the package local `Cargo.toml`. +2. If a crate is used by multiple packages add it to the workspace `Cargo.toml` in the root of the repo and reference it in the package local `Cargo.toml` using `{ workspace = true }`. +3. Add the crate to `bazel/rust.MODULE.bazel`. +4. Run a `cargo check` such that the `Cargo.lock` files get updated. +5. Run `bin/bazel-pin.sh --force` to sync `Cargo.lock` with `Cargo.Bazel.json.lock`. + + +Testing +======= + +After code can be build it needs to be tested. + +After changing a package under `rs/$PACKAGE` run `bazel test //rs/$PACKAGE`. diff --git a/.vscode/extensions.json b/.vscode/extensions.json index 7fd0b5c80553..69a48950322c 100644 --- a/.vscode/extensions.json +++ b/.vscode/extensions.json @@ -1,5 +1,6 @@ { "recommendations": [ + "anthropic.claude-code", "rust-lang.rust-analyzer", "vadimcn.vscode-lldb", "bazelbuild.vscode-bazel", @@ -9,4 +10,4 @@ "ms-vscode-remote.remote-ssh", "ms-vscode-remote.remote-containers" ] -} +} \ No newline at end of file diff --git a/ci/container/Dockerfile b/ci/container/Dockerfile index 3b117d4a03e1..bcc40d854627 100644 --- a/ci/container/Dockerfile +++ b/ci/container/Dockerfile @@ -146,6 +146,9 @@ RUN cargo install cargo-audit --version ${CARGO_AUDIT_VERSION} # Add zshrc generated from zsh-newuser-install (option 2) COPY --chown=ubuntu:ubuntu ./ci/container/files/zshrc /home/ubuntu/.zshrc +# Install Claude CLI +RUN curl -fsSL https://claude.ai/install.sh | bash + WORKDIR / # Use buildifier (uid 1001) if /entrypoint.sh is overriden # In GitHub that is the case and we need 1001 and we set it via ARG. From f20274c84fb1e6b80c91c2da851190863a89964f Mon Sep 17 00:00:00 2001 From: IDX GitHub Automation <> Date: Wed, 7 Jan 2026 23:14:12 +0000 Subject: [PATCH 02/12] Updating container image to sha256:e4e5c4d3acd1dbfa591e2a4589f65115f04e7de60d508df7149f79dd6b7e8c6b Image tag: de9bafc7cf17b0213ff7ce7883cd21f8d538b5c4fe16b5d7aac9074108f256bf --- .devcontainer/devcontainer.json | 2 +- .github/workflows/ci-main.yml | 2 +- .github/workflows/ci-pr-only.yml | 2 +- .github/workflows/pocket-ic-tests-windows.yml | 2 +- .github/workflows/rate-limits-backend-release.yml | 2 +- .github/workflows/release-testing.yml | 2 +- .github/workflows/rosetta-release.yml | 2 +- .github/workflows/salt-sharing-canister-release.yml | 2 +- .github/workflows/schedule-daily.yml | 2 +- .github/workflows/schedule-rust-bench.yml | 2 +- .github/workflows/schedule-weekly.yml | 2 +- .github/workflows/update-mainnet-canister-revisions.yaml | 2 +- ci/container/TAG | 2 +- 13 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 66b1b465c3b8..dde951561dbf 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,5 +1,5 @@ { - "image": "ghcr.io/dfinity/ic-build@sha256:ea590bb4afc6c513a93f3cdd4e1a370babe068fea9650033dcea03859eb95afe", + "image": "ghcr.io/dfinity/ic-build@sha256:e4e5c4d3acd1dbfa591e2a4589f65115f04e7de60d508df7149f79dd6b7e8c6b", "remoteUser": "ubuntu", "privileged": true, "runArgs": [ diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml index a54c9fe982a0..4bdffa570e79 100644 --- a/.github/workflows/ci-main.yml +++ b/.github/workflows/ci-main.yml @@ -26,7 +26,7 @@ jobs: runs-on: &dind-large-setup labels: dind-large container: &container-setup - image: ghcr.io/dfinity/ic-build@sha256:ea590bb4afc6c513a93f3cdd4e1a370babe068fea9650033dcea03859eb95afe + image: ghcr.io/dfinity/ic-build@sha256:e4e5c4d3acd1dbfa591e2a4589f65115f04e7de60d508df7149f79dd6b7e8c6b options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 90 diff --git a/.github/workflows/ci-pr-only.yml b/.github/workflows/ci-pr-only.yml index db30e8b4a4f5..c941e5e24fb0 100644 --- a/.github/workflows/ci-pr-only.yml +++ b/.github/workflows/ci-pr-only.yml @@ -32,7 +32,7 @@ jobs: runs-on: &dind-small-setup labels: dind-small container: &container-setup - image: ghcr.io/dfinity/ic-build@sha256:ea590bb4afc6c513a93f3cdd4e1a370babe068fea9650033dcea03859eb95afe + image: ghcr.io/dfinity/ic-build@sha256:e4e5c4d3acd1dbfa591e2a4589f65115f04e7de60d508df7149f79dd6b7e8c6b options: >- -e NODE_NAME --mount type=tmpfs,target="/home/buildifier/.local/share/containers" steps: diff --git a/.github/workflows/pocket-ic-tests-windows.yml b/.github/workflows/pocket-ic-tests-windows.yml index d9a06852f27e..4e1add2246b8 100644 --- a/.github/workflows/pocket-ic-tests-windows.yml +++ b/.github/workflows/pocket-ic-tests-windows.yml @@ -45,7 +45,7 @@ jobs: bazel-build-pocket-ic: name: Bazel Build PocketIC container: - image: ghcr.io/dfinity/ic-build@sha256:ea590bb4afc6c513a93f3cdd4e1a370babe068fea9650033dcea03859eb95afe + image: ghcr.io/dfinity/ic-build@sha256:e4e5c4d3acd1dbfa591e2a4589f65115f04e7de60d508df7149f79dd6b7e8c6b options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 90 diff --git a/.github/workflows/rate-limits-backend-release.yml b/.github/workflows/rate-limits-backend-release.yml index 2a77e9dec77f..ec0c166a521e 100644 --- a/.github/workflows/rate-limits-backend-release.yml +++ b/.github/workflows/rate-limits-backend-release.yml @@ -32,7 +32,7 @@ jobs: labels: dind-large container: - image: ghcr.io/dfinity/ic-build@sha256:ea590bb4afc6c513a93f3cdd4e1a370babe068fea9650033dcea03859eb95afe + image: ghcr.io/dfinity/ic-build@sha256:e4e5c4d3acd1dbfa591e2a4589f65115f04e7de60d508df7149f79dd6b7e8c6b options: >- -e NODE_NAME --privileged --cgroupns host -v /var/tmp:/var/tmp -v /ceph-s3-info:/ceph-s3-info --mount type=tmpfs,target="/home/buildifier/.local/share/containers" diff --git a/.github/workflows/release-testing.yml b/.github/workflows/release-testing.yml index cf4f40d67aa1..d3434beaa067 100644 --- a/.github/workflows/release-testing.yml +++ b/.github/workflows/release-testing.yml @@ -32,7 +32,7 @@ jobs: runs-on: &dind-large-setup labels: dind-large container: &container-setup - image: ghcr.io/dfinity/ic-build@sha256:ea590bb4afc6c513a93f3cdd4e1a370babe068fea9650033dcea03859eb95afe + image: ghcr.io/dfinity/ic-build@sha256:e4e5c4d3acd1dbfa591e2a4589f65115f04e7de60d508df7149f79dd6b7e8c6b options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 180 diff --git a/.github/workflows/rosetta-release.yml b/.github/workflows/rosetta-release.yml index 29a2eb603638..66b46c4d89a2 100644 --- a/.github/workflows/rosetta-release.yml +++ b/.github/workflows/rosetta-release.yml @@ -22,7 +22,7 @@ jobs: runs-on: labels: dind-large container: - image: ghcr.io/dfinity/ic-build@sha256:ea590bb4afc6c513a93f3cdd4e1a370babe068fea9650033dcea03859eb95afe + image: ghcr.io/dfinity/ic-build@sha256:e4e5c4d3acd1dbfa591e2a4589f65115f04e7de60d508df7149f79dd6b7e8c6b options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" environment: DockerHub diff --git a/.github/workflows/salt-sharing-canister-release.yml b/.github/workflows/salt-sharing-canister-release.yml index e5e4abb4d74d..2986f483b0fd 100644 --- a/.github/workflows/salt-sharing-canister-release.yml +++ b/.github/workflows/salt-sharing-canister-release.yml @@ -32,7 +32,7 @@ jobs: labels: dind-large container: - image: ghcr.io/dfinity/ic-build@sha256:ea590bb4afc6c513a93f3cdd4e1a370babe068fea9650033dcea03859eb95afe + image: ghcr.io/dfinity/ic-build@sha256:e4e5c4d3acd1dbfa591e2a4589f65115f04e7de60d508df7149f79dd6b7e8c6b options: >- -e NODE_NAME --privileged --cgroupns host -v /var/tmp:/var/tmp -v /ceph-s3-info:/ceph-s3-info --mount type=tmpfs,target="/home/buildifier/.local/share/containers" diff --git a/.github/workflows/schedule-daily.yml b/.github/workflows/schedule-daily.yml index 213a253c1298..f86fe4f074ae 100644 --- a/.github/workflows/schedule-daily.yml +++ b/.github/workflows/schedule-daily.yml @@ -20,7 +20,7 @@ jobs: runs-on: &dind-large-setup labels: dind-large container: &container-setup - image: ghcr.io/dfinity/ic-build@sha256:ea590bb4afc6c513a93f3cdd4e1a370babe068fea9650033dcea03859eb95afe + image: ghcr.io/dfinity/ic-build@sha256:e4e5c4d3acd1dbfa591e2a4589f65115f04e7de60d508df7149f79dd6b7e8c6b options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 720 # 12 hours diff --git a/.github/workflows/schedule-rust-bench.yml b/.github/workflows/schedule-rust-bench.yml index 6d9bb31167a7..ec283a84a701 100644 --- a/.github/workflows/schedule-rust-bench.yml +++ b/.github/workflows/schedule-rust-bench.yml @@ -24,7 +24,7 @@ jobs: # see linux-x86-64 runner group labels: rust-benchmarks container: - image: ghcr.io/dfinity/ic-build@sha256:ea590bb4afc6c513a93f3cdd4e1a370babe068fea9650033dcea03859eb95afe + image: ghcr.io/dfinity/ic-build@sha256:e4e5c4d3acd1dbfa591e2a4589f65115f04e7de60d508df7149f79dd6b7e8c6b # running on bare metal machine using ubuntu user options: --user ubuntu --mount type=tmpfs,target="/home/ubuntu/.local/share/containers" timeout-minutes: 720 # 12 hours diff --git a/.github/workflows/schedule-weekly.yml b/.github/workflows/schedule-weekly.yml index 715f6841f77c..9a54056163ae 100644 --- a/.github/workflows/schedule-weekly.yml +++ b/.github/workflows/schedule-weekly.yml @@ -11,7 +11,7 @@ jobs: runs-on: labels: dind-large container: - image: ghcr.io/dfinity/ic-build@sha256:ea590bb4afc6c513a93f3cdd4e1a370babe068fea9650033dcea03859eb95afe + image: ghcr.io/dfinity/ic-build@sha256:e4e5c4d3acd1dbfa591e2a4589f65115f04e7de60d508df7149f79dd6b7e8c6b options: >- -e NODE_NAME --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 60 # 1 hour diff --git a/.github/workflows/update-mainnet-canister-revisions.yaml b/.github/workflows/update-mainnet-canister-revisions.yaml index 054af3bf67a3..7e7a02b756c6 100644 --- a/.github/workflows/update-mainnet-canister-revisions.yaml +++ b/.github/workflows/update-mainnet-canister-revisions.yaml @@ -25,7 +25,7 @@ jobs: labels: dind-small environment: CREATE_PR container: - image: ghcr.io/dfinity/ic-build@sha256:ea590bb4afc6c513a93f3cdd4e1a370babe068fea9650033dcea03859eb95afe + image: ghcr.io/dfinity/ic-build@sha256:e4e5c4d3acd1dbfa591e2a4589f65115f04e7de60d508df7149f79dd6b7e8c6b options: >- -e NODE_NAME --privileged --cgroupns host -v /var/tmp:/var/tmp -v /ceph-s3-info:/ceph-s3-info --mount type=tmpfs,target="/home/buildifier/.local/share/containers" env: diff --git a/ci/container/TAG b/ci/container/TAG index 204f7fea0569..ad49a8f720eb 100644 --- a/ci/container/TAG +++ b/ci/container/TAG @@ -1 +1 @@ -526725d25d5bac60f390a9608185b42c789dc46e48e5e77590f2e24371b8ff97 +de9bafc7cf17b0213ff7ce7883cd21f8d538b5c4fe16b5d7aac9074108f256bf From c73bbc9150b5ceb572961b3b6db5b6f53bb99753 Mon Sep 17 00:00:00 2001 From: Bas van Dijk Date: Thu, 8 Jan 2026 08:19:26 +0000 Subject: [PATCH 03/12] wip --- .claude/CLAUDE.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.claude/CLAUDE.md b/.claude/CLAUDE.md index 266cc54274f1..f64a9537615d 100644 --- a/.claude/CLAUDE.md +++ b/.claude/CLAUDE.md @@ -11,6 +11,8 @@ Individual commands can also be run in the dev container using: `ci/container/container-run.sh COMMAND` +Alternatively, in VS Code the Dev Containers extension should be used which automatically loads `.devcontainer/devcontainer.json`. + Rust ==== @@ -28,7 +30,7 @@ cargo clippy --locked --all-features --workspace --all-targets --keep-going -- \ -A clippy::uninlined_format_args ``` -Fix any linting errors before continuing. +Fix any linting errors before continuing with building and testing. Building @@ -44,8 +46,8 @@ Changing crate dependencies If crate dependencies need to be changed or added: -1. First modify the package local `Cargo.toml`. -2. If a crate is used by multiple packages add it to the workspace `Cargo.toml` in the root of the repo and reference it in the package local `Cargo.toml` using `{ workspace = true }`. +1. First modify the `Cargo.toml` local to the package. +2. If a crate is used by multiple packages add it to the workspace `Cargo.toml` in the root of the repo and reference it in the `Cargo.toml` local to the package using `{ workspace = true }`. 3. Add the crate to `bazel/rust.MODULE.bazel`. 4. Run a `cargo check` such that the `Cargo.lock` files get updated. 5. Run `bin/bazel-pin.sh --force` to sync `Cargo.lock` with `Cargo.Bazel.json.lock`. @@ -57,3 +59,5 @@ Testing After code can be build it needs to be tested. After changing a package under `rs/$PACKAGE` run `bazel test //rs/$PACKAGE`. + +Tests under `rs/tests` which are defined using the `system_test` bazel macro are end-to-end tests which are called system-tests. These tests are comprehensive but also slow and harder to debug. So run them last or wait for GitHub Actions to run them on your Pull Request. \ No newline at end of file From c9eb5042d208c44024af832af2671826e0322bc7 Mon Sep 17 00:00:00 2001 From: IDX GitHub Automation <> Date: Fri, 9 Jan 2026 12:32:18 +0000 Subject: [PATCH 04/12] Updating container image to sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc Image tag: fce88279927e39e73aeee10f40121761adf272500f61045c9f1506b0c628c37e --- .devcontainer/devcontainer.json | 2 +- .github/workflows/ci-main.yml | 2 +- .github/workflows/ci-pr-only.yml | 2 +- .github/workflows/pocket-ic-tests-windows.yml | 2 +- .github/workflows/rate-limits-backend-release.yml | 2 +- .github/workflows/release-testing.yml | 2 +- .github/workflows/rosetta-release.yml | 2 +- .github/workflows/salt-sharing-canister-release.yml | 2 +- .github/workflows/schedule-daily.yml | 2 +- .github/workflows/schedule-rust-bench.yml | 2 +- .github/workflows/schedule-weekly.yml | 2 +- .github/workflows/update-mainnet-canister-revisions.yaml | 2 +- ci/container/TAG | 2 +- 13 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 01c280c68155..fd7bfbc1d60b 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,5 +1,5 @@ { - "image": "ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29", + "image": "ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc", "remoteUser": "ubuntu", "privileged": true, "runArgs": [ diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml index 9efbea09d518..0d83d6e5c9e8 100644 --- a/.github/workflows/ci-main.yml +++ b/.github/workflows/ci-main.yml @@ -26,7 +26,7 @@ jobs: runs-on: &dind-large-setup labels: dind-large container: &container-setup - image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 + image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 90 diff --git a/.github/workflows/ci-pr-only.yml b/.github/workflows/ci-pr-only.yml index 313a39c2d010..5a48d0c000ff 100644 --- a/.github/workflows/ci-pr-only.yml +++ b/.github/workflows/ci-pr-only.yml @@ -32,7 +32,7 @@ jobs: runs-on: &dind-small-setup labels: dind-small container: &container-setup - image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 + image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc options: >- -e NODE_NAME --mount type=tmpfs,target="/home/buildifier/.local/share/containers" steps: diff --git a/.github/workflows/pocket-ic-tests-windows.yml b/.github/workflows/pocket-ic-tests-windows.yml index 2b9a1d721851..e8a63db8331b 100644 --- a/.github/workflows/pocket-ic-tests-windows.yml +++ b/.github/workflows/pocket-ic-tests-windows.yml @@ -45,7 +45,7 @@ jobs: bazel-build-pocket-ic: name: Bazel Build PocketIC container: - image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 + image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 90 diff --git a/.github/workflows/rate-limits-backend-release.yml b/.github/workflows/rate-limits-backend-release.yml index d6a47a2b4461..023152e6a055 100644 --- a/.github/workflows/rate-limits-backend-release.yml +++ b/.github/workflows/rate-limits-backend-release.yml @@ -32,7 +32,7 @@ jobs: labels: dind-large container: - image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 + image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc options: >- -e NODE_NAME --privileged --cgroupns host -v /var/tmp:/var/tmp -v /ceph-s3-info:/ceph-s3-info --mount type=tmpfs,target="/home/buildifier/.local/share/containers" diff --git a/.github/workflows/release-testing.yml b/.github/workflows/release-testing.yml index 90104802aaf5..87be774e6b0c 100644 --- a/.github/workflows/release-testing.yml +++ b/.github/workflows/release-testing.yml @@ -32,7 +32,7 @@ jobs: runs-on: &dind-large-setup labels: dind-large container: &container-setup - image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 + image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 180 diff --git a/.github/workflows/rosetta-release.yml b/.github/workflows/rosetta-release.yml index fa7ff007be32..2d9288b532d4 100644 --- a/.github/workflows/rosetta-release.yml +++ b/.github/workflows/rosetta-release.yml @@ -22,7 +22,7 @@ jobs: runs-on: labels: dind-large container: - image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 + image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" environment: DockerHub diff --git a/.github/workflows/salt-sharing-canister-release.yml b/.github/workflows/salt-sharing-canister-release.yml index dd7c94d10a76..05e485079e98 100644 --- a/.github/workflows/salt-sharing-canister-release.yml +++ b/.github/workflows/salt-sharing-canister-release.yml @@ -32,7 +32,7 @@ jobs: labels: dind-large container: - image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 + image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc options: >- -e NODE_NAME --privileged --cgroupns host -v /var/tmp:/var/tmp -v /ceph-s3-info:/ceph-s3-info --mount type=tmpfs,target="/home/buildifier/.local/share/containers" diff --git a/.github/workflows/schedule-daily.yml b/.github/workflows/schedule-daily.yml index 81c0264dd450..6902e5000844 100644 --- a/.github/workflows/schedule-daily.yml +++ b/.github/workflows/schedule-daily.yml @@ -20,7 +20,7 @@ jobs: runs-on: &dind-large-setup labels: dind-large container: &container-setup - image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 + image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 720 # 12 hours diff --git a/.github/workflows/schedule-rust-bench.yml b/.github/workflows/schedule-rust-bench.yml index b26445b795b1..54a79626e478 100644 --- a/.github/workflows/schedule-rust-bench.yml +++ b/.github/workflows/schedule-rust-bench.yml @@ -24,7 +24,7 @@ jobs: # see linux-x86-64 runner group labels: rust-benchmarks container: - image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 + image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc # running on bare metal machine using ubuntu user options: --user ubuntu --mount type=tmpfs,target="/home/ubuntu/.local/share/containers" timeout-minutes: 720 # 12 hours diff --git a/.github/workflows/schedule-weekly.yml b/.github/workflows/schedule-weekly.yml index a586a099a0de..481f072951b1 100644 --- a/.github/workflows/schedule-weekly.yml +++ b/.github/workflows/schedule-weekly.yml @@ -11,7 +11,7 @@ jobs: runs-on: labels: dind-large container: - image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 + image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc options: >- -e NODE_NAME --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 60 # 1 hour diff --git a/.github/workflows/update-mainnet-canister-revisions.yaml b/.github/workflows/update-mainnet-canister-revisions.yaml index a23aec7aa916..89eb951d3f21 100644 --- a/.github/workflows/update-mainnet-canister-revisions.yaml +++ b/.github/workflows/update-mainnet-canister-revisions.yaml @@ -25,7 +25,7 @@ jobs: labels: dind-small environment: CREATE_PR container: - image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 + image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc options: >- -e NODE_NAME --privileged --cgroupns host -v /var/tmp:/var/tmp -v /ceph-s3-info:/ceph-s3-info --mount type=tmpfs,target="/home/buildifier/.local/share/containers" env: diff --git a/ci/container/TAG b/ci/container/TAG index 419637a6ac97..c5845c8cf06c 100644 --- a/ci/container/TAG +++ b/ci/container/TAG @@ -1 +1 @@ -8bba9523f8a4518798d447dc9f3ea538f68bcedfa2438c219c17733df733256a +fce88279927e39e73aeee10f40121761adf272500f61045c9f1506b0c628c37e From 6b8d54c809c28789015f6fbab330d71e19b3683d Mon Sep 17 00:00:00 2001 From: Bas van Dijk Date: Fri, 9 Jan 2026 13:28:51 +0000 Subject: [PATCH 05/12] Don't instruct to go into the dev container since claude is already executed from within it --- .claude/CLAUDE.md | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/.claude/CLAUDE.md b/.claude/CLAUDE.md index f64a9537615d..7687138a8ebf 100644 --- a/.claude/CLAUDE.md +++ b/.claude/CLAUDE.md @@ -1,19 +1,3 @@ -Dev Container -============= - -Building and testing this repository requires being in the dev container since it provides required dependencies. - -Entering the dev container can be done using: - -`ci/container/container-run.sh` - -Individual commands can also be run in the dev container using: - -`ci/container/container-run.sh COMMAND` - -Alternatively, in VS Code the Dev Containers extension should be used which automatically loads `.devcontainer/devcontainer.json`. - - Rust ==== From e6a18b99234072e20379178f6fe25e69ba53e029 Mon Sep 17 00:00:00 2001 From: Bas van Dijk Date: Fri, 9 Jan 2026 18:48:27 +0000 Subject: [PATCH 06/12] wip --- .claude/CLAUDE.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.claude/CLAUDE.md b/.claude/CLAUDE.md index 7687138a8ebf..49dc44bce984 100644 --- a/.claude/CLAUDE.md +++ b/.claude/CLAUDE.md @@ -6,7 +6,7 @@ After changing Rust code (`*.rs`) first format the code using `cargo fmt`. Then check the code for linting errors using: ``` -cargo clippy --locked --all-features --workspace --all-targets --keep-going -- \ +cargo clippy --all-features --workspace --all-targets -- \ -D warnings \ -D clippy::all \ -D clippy::mem_forget \ From feab43ab45125d043a9a14edd2741e0594e9048b Mon Sep 17 00:00:00 2001 From: Bas van Dijk Date: Fri, 9 Jan 2026 18:56:57 +0000 Subject: [PATCH 07/12] Add .claude/README.md --- .claude/README.md | 21 +++++++++++++++++++++ .gitignore | 3 +++ 2 files changed, 24 insertions(+) create mode 100644 .claude/README.md diff --git a/.claude/README.md b/.claude/README.md new file mode 100644 index 000000000000..961b6e4e05b0 --- /dev/null +++ b/.claude/README.md @@ -0,0 +1,21 @@ +Claude Code +=========== + +You can you use Claude Code either from the: + +* [Claude Code VS Code Extension](https://code.claude.com/docs/en/vs-code). + +* CLI using the [`claude`](https://code.claude.com/docs/en/cli-reference) command which is already installed in the dev container. + +Login +----- + +* Select `2. Anthropic Console account · API usage billing`. + +* Open the OAuth link in your browser. + +* Choose the `DFINITY` organization. + +* Authorize Claude Code to connect to your Anthropic organization DFINITY + +* Press Enter to continue \ No newline at end of file diff --git a/.gitignore b/.gitignore index f26b7f335de8..b8cb3afd87d6 100644 --- a/.gitignore +++ b/.gitignore @@ -138,3 +138,6 @@ test_tmpdir/** # Bare metal deployment secrets files zh2-dll01.csv + +# Claude Code settings +.claude/settings.local.json \ No newline at end of file From 9c318a719b625e353cfe138c85dba3027c71e0a8 Mon Sep 17 00:00:00 2001 From: Bas van Dijk Date: Fri, 9 Jan 2026 19:00:03 +0000 Subject: [PATCH 08/12] Let IDX own .claude --- .github/CODEOWNERS | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 5b678b9d919e..0099c5197faf 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -35,6 +35,8 @@ go.sum @dfinity/idx # [DevEnv] .vscode/ @dfinity/idx +.claude/ @dfinity/idx + # [Publishing-Artifacts] /publish/ @dfinity/idx From f62f8f91107019028fa4436e41e1b77439f15f3c Mon Sep 17 00:00:00 2001 From: Bas van Dijk Date: Fri, 9 Jan 2026 19:13:22 +0000 Subject: [PATCH 09/12] doc --- .claude/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.claude/README.md b/.claude/README.md index 961b6e4e05b0..ee79f4661134 100644 --- a/.claude/README.md +++ b/.claude/README.md @@ -10,6 +10,8 @@ You can you use Claude Code either from the: Login ----- +Ask #help-it to generate an Anthropic API key for you. Then: + * Select `2. Anthropic Console account · API usage billing`. * Open the OAuth link in your browser. From 7d1ffd4491df8ca035e04b4d56bd07e0486b8c27 Mon Sep 17 00:00:00 2001 From: Bas van Dijk Date: Mon, 12 Jan 2026 15:21:56 +0000 Subject: [PATCH 10/12] Let's add claude after we've split the CI from the dev container --- .vscode/extensions.json | 1 - ci/container/Dockerfile | 3 --- 2 files changed, 4 deletions(-) diff --git a/.vscode/extensions.json b/.vscode/extensions.json index 69a48950322c..c2c9f2dc1400 100644 --- a/.vscode/extensions.json +++ b/.vscode/extensions.json @@ -1,6 +1,5 @@ { "recommendations": [ - "anthropic.claude-code", "rust-lang.rust-analyzer", "vadimcn.vscode-lldb", "bazelbuild.vscode-bazel", diff --git a/ci/container/Dockerfile b/ci/container/Dockerfile index ba9c742e5467..10ba1e2017a5 100644 --- a/ci/container/Dockerfile +++ b/ci/container/Dockerfile @@ -132,9 +132,6 @@ RUN cargo install cargo-audit --version ${CARGO_AUDIT_VERSION} # Add zshrc generated from zsh-newuser-install (option 2) COPY --chown=ubuntu:ubuntu ./ci/container/files/zshrc /home/ubuntu/.zshrc -# Install Claude CLI -RUN curl -fsSL https://claude.ai/install.sh | bash - WORKDIR / # Use buildifier (uid 1001) if /entrypoint.sh is overriden # In GitHub that is the case and we need 1001 and we set it via ARG. From 6de8d10eefc3a907ce8449a74636c9c87ecc361f Mon Sep 17 00:00:00 2001 From: Bas van Dijk Date: Mon, 12 Jan 2026 15:37:41 +0000 Subject: [PATCH 11/12] Don't touch the dev container just yet --- .claude/README.md | 2 +- .devcontainer/devcontainer.json | 2 +- .github/workflows/ci-main.yml | 2 +- .github/workflows/ci-pr-only.yml | 2 +- .github/workflows/pocket-ic-tests-windows.yml | 2 +- .github/workflows/rate-limits-backend-release.yml | 2 +- .github/workflows/release-testing.yml | 2 +- .github/workflows/rosetta-release.yml | 2 +- .github/workflows/salt-sharing-canister-release.yml | 2 +- .github/workflows/schedule-daily.yml | 2 +- .github/workflows/schedule-rust-bench.yml | 2 +- .github/workflows/schedule-weekly.yml | 2 +- .github/workflows/update-mainnet-canister-revisions.yaml | 2 +- .vscode/extensions.json | 2 +- ci/container/TAG | 2 +- 15 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.claude/README.md b/.claude/README.md index ee79f4661134..da7750f78bf0 100644 --- a/.claude/README.md +++ b/.claude/README.md @@ -5,7 +5,7 @@ You can you use Claude Code either from the: * [Claude Code VS Code Extension](https://code.claude.com/docs/en/vs-code). -* CLI using the [`claude`](https://code.claude.com/docs/en/cli-reference) command which is already installed in the dev container. +* CLI using the [`claude`](https://code.claude.com/docs/en/cli-reference) command which will be installed in the dev container later. Login ----- diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index fd7bfbc1d60b..01c280c68155 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,5 +1,5 @@ { - "image": "ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc", + "image": "ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29", "remoteUser": "ubuntu", "privileged": true, "runArgs": [ diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml index 0d83d6e5c9e8..9efbea09d518 100644 --- a/.github/workflows/ci-main.yml +++ b/.github/workflows/ci-main.yml @@ -26,7 +26,7 @@ jobs: runs-on: &dind-large-setup labels: dind-large container: &container-setup - image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc + image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 90 diff --git a/.github/workflows/ci-pr-only.yml b/.github/workflows/ci-pr-only.yml index 858b912993a9..a43a55219ef1 100644 --- a/.github/workflows/ci-pr-only.yml +++ b/.github/workflows/ci-pr-only.yml @@ -32,7 +32,7 @@ jobs: runs-on: &dind-small-setup labels: dind-small container: &container-setup - image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc + image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 options: >- -e NODE_NAME --mount type=tmpfs,target="/home/buildifier/.local/share/containers" steps: diff --git a/.github/workflows/pocket-ic-tests-windows.yml b/.github/workflows/pocket-ic-tests-windows.yml index e8a63db8331b..2b9a1d721851 100644 --- a/.github/workflows/pocket-ic-tests-windows.yml +++ b/.github/workflows/pocket-ic-tests-windows.yml @@ -45,7 +45,7 @@ jobs: bazel-build-pocket-ic: name: Bazel Build PocketIC container: - image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc + image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 90 diff --git a/.github/workflows/rate-limits-backend-release.yml b/.github/workflows/rate-limits-backend-release.yml index 023152e6a055..d6a47a2b4461 100644 --- a/.github/workflows/rate-limits-backend-release.yml +++ b/.github/workflows/rate-limits-backend-release.yml @@ -32,7 +32,7 @@ jobs: labels: dind-large container: - image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc + image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 options: >- -e NODE_NAME --privileged --cgroupns host -v /var/tmp:/var/tmp -v /ceph-s3-info:/ceph-s3-info --mount type=tmpfs,target="/home/buildifier/.local/share/containers" diff --git a/.github/workflows/release-testing.yml b/.github/workflows/release-testing.yml index 2373bab28539..ef699edcfc4f 100644 --- a/.github/workflows/release-testing.yml +++ b/.github/workflows/release-testing.yml @@ -32,7 +32,7 @@ jobs: runs-on: &dind-large-setup labels: dind-large container: &container-setup - image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc + image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 180 diff --git a/.github/workflows/rosetta-release.yml b/.github/workflows/rosetta-release.yml index 2d9288b532d4..fa7ff007be32 100644 --- a/.github/workflows/rosetta-release.yml +++ b/.github/workflows/rosetta-release.yml @@ -22,7 +22,7 @@ jobs: runs-on: labels: dind-large container: - image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc + image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" environment: DockerHub diff --git a/.github/workflows/salt-sharing-canister-release.yml b/.github/workflows/salt-sharing-canister-release.yml index 05e485079e98..dd7c94d10a76 100644 --- a/.github/workflows/salt-sharing-canister-release.yml +++ b/.github/workflows/salt-sharing-canister-release.yml @@ -32,7 +32,7 @@ jobs: labels: dind-large container: - image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc + image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 options: >- -e NODE_NAME --privileged --cgroupns host -v /var/tmp:/var/tmp -v /ceph-s3-info:/ceph-s3-info --mount type=tmpfs,target="/home/buildifier/.local/share/containers" diff --git a/.github/workflows/schedule-daily.yml b/.github/workflows/schedule-daily.yml index 6902e5000844..81c0264dd450 100644 --- a/.github/workflows/schedule-daily.yml +++ b/.github/workflows/schedule-daily.yml @@ -20,7 +20,7 @@ jobs: runs-on: &dind-large-setup labels: dind-large container: &container-setup - image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc + image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 options: >- -e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 720 # 12 hours diff --git a/.github/workflows/schedule-rust-bench.yml b/.github/workflows/schedule-rust-bench.yml index 54a79626e478..b26445b795b1 100644 --- a/.github/workflows/schedule-rust-bench.yml +++ b/.github/workflows/schedule-rust-bench.yml @@ -24,7 +24,7 @@ jobs: # see linux-x86-64 runner group labels: rust-benchmarks container: - image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc + image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 # running on bare metal machine using ubuntu user options: --user ubuntu --mount type=tmpfs,target="/home/ubuntu/.local/share/containers" timeout-minutes: 720 # 12 hours diff --git a/.github/workflows/schedule-weekly.yml b/.github/workflows/schedule-weekly.yml index 481f072951b1..a586a099a0de 100644 --- a/.github/workflows/schedule-weekly.yml +++ b/.github/workflows/schedule-weekly.yml @@ -11,7 +11,7 @@ jobs: runs-on: labels: dind-large container: - image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc + image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 options: >- -e NODE_NAME --mount type=tmpfs,target="/home/buildifier/.local/share/containers" timeout-minutes: 60 # 1 hour diff --git a/.github/workflows/update-mainnet-canister-revisions.yaml b/.github/workflows/update-mainnet-canister-revisions.yaml index 89eb951d3f21..a23aec7aa916 100644 --- a/.github/workflows/update-mainnet-canister-revisions.yaml +++ b/.github/workflows/update-mainnet-canister-revisions.yaml @@ -25,7 +25,7 @@ jobs: labels: dind-small environment: CREATE_PR container: - image: ghcr.io/dfinity/ic-build@sha256:41f0b90954aca8c8099e3b03e18b5958fd11a6d56941a7c45574870843e92ecc + image: ghcr.io/dfinity/ic-build@sha256:df346f8f1099572476440ca77f17082ed270258dcfcac4cfb49c48f6eebf6a29 options: >- -e NODE_NAME --privileged --cgroupns host -v /var/tmp:/var/tmp -v /ceph-s3-info:/ceph-s3-info --mount type=tmpfs,target="/home/buildifier/.local/share/containers" env: diff --git a/.vscode/extensions.json b/.vscode/extensions.json index c2c9f2dc1400..7fd0b5c80553 100644 --- a/.vscode/extensions.json +++ b/.vscode/extensions.json @@ -9,4 +9,4 @@ "ms-vscode-remote.remote-ssh", "ms-vscode-remote.remote-containers" ] -} \ No newline at end of file +} diff --git a/ci/container/TAG b/ci/container/TAG index c5845c8cf06c..419637a6ac97 100644 --- a/ci/container/TAG +++ b/ci/container/TAG @@ -1 +1 @@ -fce88279927e39e73aeee10f40121761adf272500f61045c9f1506b0c628c37e +8bba9523f8a4518798d447dc9f3ea538f68bcedfa2438c219c17733df733256a From 4ea53b1326c1de6663237df13dbb93950f1830a4 Mon Sep 17 00:00:00 2001 From: Bas van Dijk Date: Tue, 13 Jan 2026 12:52:59 +0100 Subject: [PATCH 12/12] Update .claude/CLAUDE.md Co-authored-by: Nicolas Mattia --- .claude/CLAUDE.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.claude/CLAUDE.md b/.claude/CLAUDE.md index 49dc44bce984..d873590d6cb0 100644 --- a/.claude/CLAUDE.md +++ b/.claude/CLAUDE.md @@ -40,7 +40,7 @@ If crate dependencies need to be changed or added: Testing ======= -After code can be build it needs to be tested. +After code can be built it needs to be tested. After changing a package under `rs/$PACKAGE` run `bazel test //rs/$PACKAGE`.