fix: harden Docker environment so tests pass inside container

- Add procps to runtime stage so `ps` is available for process management - Remove noexec from /tmp and /home/storkit tmpfs mounts so test scripts can be executed from tempdir - Update coder agent system_prompt to run clippy --all-targets --all-features matching what the server acceptance gate actually runs Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-22 14:21:27 +00:00
parent af72f593e8
commit 1c2824fa31
3 changed files with 8 additions and 6 deletions
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -67,6 +67,8 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
        build-essential \
        pkg-config \
        libssl-dev \
+        # procps provides ps, needed by tests and process management
+        procps \
    && rm -rf /var/lib/apt/lists/*

 # Node.js in runtime
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -71,8 +71,8 @@ services:
    # tmpfs paths are writable.
    read_only: true
    tmpfs:
-      - /tmp:size=512M
-      - /home/storkit:size=512M,uid=999,gid=999
+      - /tmp:size=512M,exec
+      - /home/storkit:size=512M,uid=999,gid=999,exec

    # Drop all Linux capabilities, then add back only what's needed.
    # SETUID/SETGID needed by Claude Code's PTY allocation (openpty).