v0.1 step 1: Dockerfile + per-language toolchain smoke

Monolith image with every toolchain in the spec: - Python 3.12 + uv/ruff/mypy/pytest/pip-audit/semgrep - Node 22 LTS + bun - Go 1.22 + govulncheck/staticcheck - Rust stable + cargo-audit/cargo-deny - Ruby 3.x + bundler-audit - PHP 8.x + composer/phpstan - JDK 17 + 21 + Maven + Gradle - .NET 8 SDK - Swift 5.9.2 - Kotlin 1.9.25 - clang + cmake + valgrind + ASan/UBSan/TSan - bash + shellcheck smoke.sh proves each toolchain compiles + runs a hello-world. compose.yml uses the existing 'sulkta' bridge network. No API yet (steps 2-3); no MCP yet (step 7); no runner yet (step 4). This is the foundation. NOTE: docker build + smoke verification not yet run — sandbox doesn't have docker. Needs `docker compose build && docker compose up` on Lucy or any real Docker host before we trust the Dockerfile. Spec: memory/spec-crafting-table.md
2026-04-29 07:29:53 -07:00 · 2026-04-29 07:29:53 -07:00 · 4e668a79e1
commit 4e668a79e1
parent 5bd1b1de7e
5 changed files with 619 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -1,3 +1,88 @@
 # crafting-table

-Polyglot dev/build/audit container with autonomous patch loop + email digest. Recipes for every Sulkta repo, structured findings back to clawdforge.
+Polyglot dev/build/audit container — the build farm for the Sulkta ecosystem.
+
+## What this is
+
+A single Docker container with every toolchain we work with, used as a
+reliable place to compile / test / audit any Sulkta repo regardless of
+where the caller is — agents, Claude sessions, ad-hoc curl, scheduled cron.
+
+Eventual surface (v0.1 full): HTTP API + MCP server + project registry +
+job runner + structured findings + email digest + autonomous patch loop
+through clawdforge.
+
+Spec: `Sulkta-Coop/openclaw-workspace/memory/spec-crafting-table.md` (LAN-only).
+
+## Status — v0.1 step 1 of 10
+
+- [x] Step 1: Dockerfile + per-language smoke
+- [ ] Step 2: SQLite ledger + project registry
+- [ ] Step 3: HTTP API skeleton (FastAPI, port 8810)
+- [ ] Step 4: Job runner core (asyncio worker pool)
+- [ ] Step 5: Per-language parsers (Rust / Python / Go / TS first)
+- [ ] Step 6: Findings extraction + storage
+- [ ] Step 7: MCP server (stdio JSON-RPC, 8 tools)
+- [ ] Step 8: Email digest scheduler
+- [ ] Step 9: Autonomous patch loop (clawdforge integration)
+- [ ] Step 10: Production recipes — clawdforge, cauldron, tradecraft
+
+## Toolchains in v0.1
+
+| Lang     | Versions / extras                                                  |
+|----------|--------------------------------------------------------------------|
+| Python   | 3.11 (Debian default) + uv, pipx, pip-audit, ruff, mypy, pytest, semgrep |
+| Node     | 22.11.0 LTS + npm, pnpm, tsx, eslint, typescript                    |
+| Bun      | latest (rolling)                                                    |
+| Go       | 1.22.10 + govulncheck, staticcheck                                  |
+| Rust     | stable (rustup) + clippy, rustfmt, cargo-audit, cargo-deny          |
+| Ruby     | 3.1 (Debian default) + bundler, bundler-audit, rubocop              |
+| PHP      | 8.2 (Debian default) + composer, phpstan, phpunit                   |
+| JDK      | 17 (default) + 21 (Temurin, alongside via `JAVA_HOME_21`)           |
+| Maven    | 3.x (Debian)                                                        |
+| Gradle   | 8.10                                                                |
+| .NET     | 8.0 SDK                                                             |
+| Swift    | 5.9.2 (Ubuntu 22.04 tarball — works on Debian bookworm)             |
+| Kotlin   | 1.9.25 (compiler)                                                   |
+| C/C++    | clang + lld + cmake + ninja + valgrind                              |
+| Bash     | bash + shellcheck + bats + shfmt                                    |
+| Generic  | git, jq, yq, ripgrep, fd, gh-cli, curl, wget                        |
+
+## Build + smoke
+
+```bash
+docker network inspect sulkta >/dev/null 2>&1 || docker network create sulkta
+docker compose build
+docker compose up
+# expect: "=== ALL TOOLCHAINS GREEN ===" then exit 0
+```
+
+The smoke compiles + runs a hello-world in every language. If it exits 0,
+the image is good.
+
+## Image notes
+
+- Base: `debian:bookworm-slim`. Swift uses the upstream Ubuntu 22.04 tarball
+  which links against bookworm's libicu/libstdc++ baseline.
+- Runs as non-root user `crafter` (uid 1000) with passwordless sudo.
+- Volume mount points: `/workspace`, `/caches/{cargo,maven,gradle,npm,pip,bun}`,
+  `/data`. Compose binds these to named volumes so they survive `compose down`.
+- Network: external `sulkta` bridge (same one clawdforge + cauldron use).
+  Create with `docker network create sulkta` if missing.
+- Image size baseline is large (8-15 GB expected). Per spec: that's fine.
+
+## Layout
+
+```
+.
+├── Dockerfile        # monolith image with all toolchains
+├── compose.yml       # build + run-smoke wiring
+├── smoke.sh          # per-language hello-world test, baked in at /usr/local/bin/smoke.sh
+├── README.md
+├── LICENSE           # MIT
+└── .gitignore
+```
+
+## License
+
+MIT