Add agentic workflow for py-cppmodel

.devcontainer/Dockerfile

@@ -1,13 +1,49 @@
-FROM python:3.12-slim
+FROM ubuntu:24.04
 
-# Install essential packages and create non-root user
-RUN apt-get update && apt-get install -y --no-install-recommends git curl sudo bash-completion vim \
-    && useradd -m -s /bin/bash vscode \
+# Install gcc, clang and some supporting tools for downloading/installing later tools.
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    bash-completion \
+    cmake \
+    curl \
+    g++ \
+    gdb \
+    git \
+    gpg \
+    lcov \
+    llvm \
+    ninja-build \
+    python-is-python3 \
+    python3-pip \
+    python3-venv \
+    software-properties-common \
+    ssh \
+    sudo \
+    unzip \
+    vim \
+    wget \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install bazelisk.
+RUN ARCH=$(dpkg --print-architecture) && \
+    wget -q https://github.com/bazelbuild/bazelisk/releases/download/v1.25.0/bazelisk-linux-${ARCH} -O /usr/local/bin/bazelisk \
+    && chmod +x /usr/local/bin/bazelisk \
+    && ln -s /usr/local/bin/bazelisk /usr/local/bin/bazel
+
+# Create non-root user and add to sudoers
+RUN useradd -m -s /bin/bash vscode \
     && echo "vscode ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers \
     && mkdir -p /workspace \
-    && chown vscode:vscode /workspace \
+    && chown vscode:vscode /workspace
+
+# Install Node.js (required for Gemini CLI)
+RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
+    && apt-get install -y --no-install-recommends nodejs \
     && rm -rf /var/lib/apt/lists/*
 
+# Install Gemini CLI globally
+RUN npm install -g @google/gemini-cli \
+    && npm cache clean --force
+
 WORKDIR /workspace
 
 # Switch to non-root user
@@ -21,4 +57,10 @@ RUN echo 'source /usr/share/bash-completion/completions/git' >> ~/.bashrc \
 RUN curl -LsSf https://astral.sh/uv/install.sh | sh
 
 # Set up environment variables
-ENV PATH="/home/vscode/.local/bin:${PATH}"
+ENV PATH="/home/vscode/.local/bin:/usr/local/bin:${PATH}"
+ENV UV_PROJECT_ENVIRONMENT="/home/vscode/.venv"
+
+# Pre-configure Gemini CLI
+RUN mkdir -p /home/vscode/.gemini \
+    && echo '{"/workspace": "TRUST_FOLDER"}' > /home/vscode/.gemini/trustedFolders.json \
+    && echo '{"security": {"auth": {"selectedType": "gemini-api-key"}}}' > /home/vscode/.gemini/settings.json

.devcontainer/devcontainer.json

@@ -17,10 +17,10 @@
                 "ms-toolsai.jupyter-renderers",
                 "ms-toolsai.jupyter",
                 "ms-toolsai.vscode-jupyter-cell-tags",
-                "ms-toolsai.vscode-jupyter-slideshow",
+                "ms-toolsai.vscode-jupyter-slideshow"
             ],
             "settings": {
-                "python.defaultInterpreterPath": "/${workspaceFolder}/.venv/bin/python",
+                "python.defaultInterpreterPath": "${workspaceFolder}/.venv/bin/python",
                 "[python]": {
                     "editor.defaultFormatter": "charliermarsh.ruff",
                     "editor.formatOnSave": true,

scripts/gemini-sandbox.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+
+# Exit on error
+set -euo pipefail
+
+# Check if GEMINI_API_KEY is set
+if [ -z "${GEMINI_API_KEY:-}" ]; then
+    echo "Error: GEMINI_API_KEY environment variable is not set."
+    echo "Please set it before running this script:"
+    echo "  export GEMINI_API_KEY='your_api_key_here'"
+    exit 1
+fi
+
+IMAGE_NAME="py-cppmodel-sandbox"
+DOCKERFILE=".devcontainer/Dockerfile"
+
+# Build the image
+echo "--- Building Docker Sandbox: $IMAGE_NAME ---"
+docker build -t "$IMAGE_NAME" -f "$DOCKERFILE" .
+
+# Run the container
+echo "--- Starting Sandboxed Gemini Session ---"
+echo "Note: Your current directory $(pwd) is mounted to /workspace"
+
+docker run -it --rm \
+    -v "$(pwd):/workspace" \
+    -e GEMINI_API_KEY="$GEMINI_API_KEY" \
+    -e TERM=${TERM:-} \
+    -e COLORTERM=${COLORTERM:-} \
+    "$IMAGE_NAME" \
+    gemini