Dev Container Stage2 with static link libstdc++ support

.github/workflows/docker-build-push.yml

@@ -0,0 +1,110 @@
+name: Docker Build and Push
+
+on:
+  push:
+    branches:
+      - main
+      - develop
+  release:
+    types: [created]
+  workflow_dispatch:
+    inputs:
+      compiler:
+        description: 'Compiler to use (gcc, clang, zig)'
+        required: false
+        default: 'clang'
+        type: choice
+        options:
+          - gcc
+          - clang
+          - zig
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-push:
+    strategy:
+      matrix:
+        compiler: [gcc, clang, zig]
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+
+      - name: Setup Docker buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log into registry ${{ env.REGISTRY }}
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch,suffix=-${{ matrix.compiler }}
+            type=ref,event=pr,suffix=-${{ matrix.compiler }}
+            type=semver,pattern={{version}},suffix=-${{ matrix.compiler }}
+            type=semver,pattern={{major}}.{{minor}},suffix=-${{ matrix.compiler }}
+            type=raw,value=latest-${{ matrix.compiler }},enable={{is_default_branch}}
+
+      - name: Build Docker image using build.sh
+        run: |
+          # Make build script executable
+          chmod +x ./docker/linux/build.sh
+
+          # Run build script with cache configuration
+          ./docker/linux/build.sh \
+            --compiler ${{ matrix.compiler }} \
+            --cache-from type=gha,scope=${{ matrix.compiler }} \
+            --cache-to type=gha,mode=max,scope=${{ matrix.compiler }} \
+            --rebuild
+
+      - name: Tag and push image to registry
+        run: |
+          # Get the local image name from build.sh
+          LOCAL_IMAGE=$(docker images --format "{{.Repository}}:{{.Tag}}" | grep "clice-dev-container.*${{ matrix.compiler }}" | head -n 1)
+
+          if [ -z "$LOCAL_IMAGE" ]; then
+            echo "Error: Could not find built image"
+            exit 1
+          fi
+
+          echo "Built image: $LOCAL_IMAGE"
+
+          # Tag and push for each metadata tag
+          echo '${{ steps.meta.outputs.tags }}' | while read -r tag; do
+            if [ -n "$tag" ]; then
+              echo "Tagging as: $tag"
+              docker tag "$LOCAL_IMAGE" "$tag"
+              docker push "$tag"
+            fi
+          done
+
+      - name: Get image digest
+        id: digest
+        run: |
+          # Get the digest of the pushed image
+          FIRST_TAG=$(echo '${{ steps.meta.outputs.tags }}' | head -n 1)
+          DIGEST=$(docker inspect --format='{{index .RepoDigests 0}}' "$FIRST_TAG" | cut -d'@' -f2)
+          echo "digest=$DIGEST" >> $GITHUB_OUTPUT
+
+      - name: Generate artifact attestation
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          subject-digest: ${{ steps.digest.outputs.digest }}
+          push-to-registry: true

config/default-toolchain-version.json

@@ -0,0 +1,11 @@
+{
+  "xmake": "3.0.3",
+  "cmake": "3.31.8",
+  "python": "3.13",
+  "uv": "0.9.2",
+  "gcc": "14.3.0",
+  "llvm": "20.1.8",
+  "glibc": "2.39",
+  "linux": "6.17",
+  "msvc": null
+}