Chore: [AEA-0000] - Use common dev container

[anthony-nhs]

Summary

• Routine Change

Details

• use common dev container

[github-actions]

This PR is linked to a ticket in an NHS Digital JIRA Project. Here's a handy link to the ticket:

AEA-0000

[Copilot]

Pull request overview

This PR migrates the repository to use the shared “eps common” devcontainer approach, simplifying CI by pulling config (including pinned devcontainer images) from a reusable workflow and removing the repo-level asdf version file.

Changes:

• Switch CI/pull request/release workflows to get-repo-config + *-devcontainer reusable workflows and pass pinned_image.
• Update devcontainer to build FROM a published ghcr.io/nhsdigital/eps-devcontainers/... image and simplify post-attach setup.
• Remove root .tool-versions.asdf, bump asdf version in the base devcontainer config, and add a bootstrap .tool-versions file for fallback builds.

Reviewed changes

Copilot reviewed 8 out of 9 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
src/base/.devcontainer/.tool-versions.asdf	Bumps asdf version used by base devcontainer scripts.
.tool-versions.asdf	Removes repo-level asdf version file (no longer used by workflows).
.github/workflows/release.yml	Uses common reusable workflows and consumes pinned_image/tag_format.
.github/workflows/pull_request.yml	Uses common reusable workflows for PR quality checks with pinned_image.
.github/workflows/ci.yml	Uses common reusable workflows; adds permissions for tag workflow.
.devcontainer/devcontainer.json	Updates build args and post-attach behavior to match the common devcontainer image approach.
.devcontainer/Dockerfile.bootstrap	Adds a bootstrap build for when published images aren’t available.
.devcontainer/Dockerfile	Changes devcontainer build to extend from a published eps-devcontainers image and optionally remap docker group GID.
.devcontainer/.tool-versions.bootstrap	Adds tool versions used by the bootstrap Dockerfile.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

DOCKER_GID is used in the RUN block but isn't declared as a build arg (ARG DOCKER_GID) anywhere in this Dockerfile, so the value passed from devcontainer.json won't be available and the docker group remap will never run. Declare ARG DOCKER_GID (and ideally validate it’s a numeric GID and quote the variable when passing it to groupadd/groupmod) before this RUN instruction.

Suggested change

	FROM ghcr.io/nhsdigital/eps-devcontainers/${IMAGE_NAME}:${IMAGE_VERSION}
	USER root
	# specify DOCKER_GID to force container docker group id to match host
	RUN if [ -n "${DOCKER_GID}" ]; then \
	if ! getent group docker; then \
	groupadd -g ${DOCKER_GID} docker; \
	else \
	groupmod -g ${DOCKER_GID} docker; \
	ARG DOCKER_GID
	FROM ghcr.io/nhsdigital/eps-devcontainers/${IMAGE_NAME}:${IMAGE_VERSION}
	USER root
	# specify DOCKER_GID to force container docker group id to match host
	RUN if [ -n "${DOCKER_GID}" ]; then \
	if ! printf '%s\n' "${DOCKER_GID}" | grep -Eq '^[0-9]+$'; then \
	echo "Invalid DOCKER_GID: ${DOCKER_GID} (must be a numeric GID)" >&2; \
	exit 1; \
	fi; \
	if ! getent group docker >/dev/null; then \
	groupadd -g "${DOCKER_GID}" docker; \
	else \
	groupmod -g "${DOCKER_GID}" docker; \

[Copilot]

eslint.useFlatConfig and eslint.format.enable are currently defined as siblings of settings, not inside the settings object. Devcontainer VS Code settings are only picked up from customizations.vscode.settings, so these values likely won’t apply unless they’re moved under settings.

[Copilot]

The build arg for DOCKER_GID is sourced from ${env:DOCKER_GID:} while other host-derived values use ${localEnv:...}. For a host Docker group mapping, this should likely be ${localEnv:DOCKER_GID:}; otherwise it will typically resolve empty at build time. Also, USER_UID/USER_GID are being passed but the current .devcontainer/Dockerfile doesn’t declare/use them, which can be confusing unless the image build is updated to apply them.

Suggested change

	"DOCKER_GID": "${env:DOCKER_GID:}",
	"IMAGE_NAME": "node_24_python_3_14",
	"IMAGE_VERSION": "latest",
	"USER_UID": "${localEnv:USER_ID:}",
	"USER_GID": "${localEnv:GROUP_ID:}"
	"DOCKER_GID": "${localEnv:DOCKER_GID:}",
	"IMAGE_NAME": "node_24_python_3_14",
	"IMAGE_VERSION": "latest"

[Copilot]

tag_release in this workflow calls the same reusable workflow as ci.yml, but unlike ci.yml it doesn't grant contents: write (and potentially id-token: write) permissions. If the reusable workflow needs these to create tags/releases or use OIDC, this run will fail; consider mirroring the permissions block from .github/workflows/ci.yml here.