justin/safeclaude
Public Access
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

first round of changes: dedicated cache folder, cleaner base image, version management

Browse Source
This commit is contained in:
Justin
2026-06-20 10:56:44 -04:00
parent 4b3df1ddae
commit ecfdbd9f98
10 changed files with 122 additions and 110 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
example/README.md
View File

@ -1,8 +1,8 @@
# Example: a Ruby + Postgres project
A filled-in `.safeclaude/` for a typical Rails-style app — Ruby (via rbenv), the
Postgres client, and headless Chrome for browser tests. It's here as a reference
you can copy from when setting up your own project.
A filled-in `.safeclaude/` for a typical Rails-style app — a pinned Ruby and
Node, the Postgres client, and headless Chrome for browser tests. It's here as a
reference you can copy from when setting up your own project.
## How to use it
@ -16,13 +16,18 @@ you can copy from when setting up your own project.
| File | When it runs | What it does |
| --- | --- | --- |
| `.safeclaude/Dockerfile` | once, then cached | installs system packages, sets up Chrome and the Ruby/Node version managers |
| `hooks/10-ruby.sh` | each launch | installs the project's Ruby and bundler (skips if already done) |
| `.safeclaude/Dockerfile` | once, then cached | installs system packages, a pinned Ruby + Node, Chrome, and bundler |
| `hooks/20-bundle.sh` | each launch | runs `bundle install`, but only when `Gemfile.lock` changed |
| `hooks/30-pg-proxy.sh` | each launch | lets the app reach the host's Postgres at the usual `127.0.0.1:5432` |
| `hooks/15-node.sh.example` | off by default | optional Node setup — rename to `15-node.sh` to turn on |
| `.env.example` | — | copy to `.env` for a private gem token (kept out of git) |
| `version` | — | the safeclaude version this config was created with |
The pattern to take away: slow, one-time installs go in the **Dockerfile** so
they're cached; anything that needs your code or has to stick around between
runs goes in a **hook**.
A couple of things to take away:
- Slow, one-time installs go in the **Dockerfile** so they're cached. Pin one
Ruby and one Node there directly — a project only needs one of each, so a
version manager would just be overhead. Anything that needs your code present,
or has to stick around between runs, goes in a **hook**.
- `cache/` is the project's scratch space, on the host and gitignored. Here the
gems install into it (`BUNDLE_PATH`), so they survive container and volume
resets without ever touching your repo.