Add Docker development environment (#50)

* Add Dockerfile

* try speeding up Docker build

* Free up some disk-space on runner first

* Add smoke test for Docker run

* Run smoke-test quickly

* Fix CUDA env variable settings

* Run part of the smoke test inside to simplify across nodes

* Remove tool cache too for space

* Refactoring and hopefully slimming down

Author: charlesbmi

.dockerignore

@@ -0,0 +1,39 @@
+# Build artifacts
+build/
+dist/
+*.egg-info
+**/__pycache__
+.venv/
+*.pyc
+*.so
+
+# Version control
+.git/
+.github/
+
+# Documentation
+docs/_build/
+docs/generated/
+
+# Testing output
+tests/output/
+.benchmarks/
+.pytest_cache/
+.coverage
+.coverage.*
+htmlcov/
+
+# IDE files
+.vscode/
+.idea/
+*.code-workspace
+
+# Environment and logs
+.env
+*.log
+.python-version
+
+# Other artifacts
+*.h5
+!ATS*
+wheelhouse/

.github/workflows/docker-build.yml

@@ -0,0 +1,114 @@
+name: Build and push Docker image
+
+on:
+  workflow_dispatch:
+  pull_request:
+    paths:
+      - "Dockerfile"
+      - "docker-compose.yml"
+      - ".dockerignore"
+      - ".github/workflows/docker-build.yml"
+  push:
+    branches:
+      - main
+  release:
+    types:
+      - published
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}-dev
+
+jobs:
+  build-and-push:
+    name: Build and push Docker image
+    runs-on: ubuntu-22.04
+    permissions:
+      contents: read
+      packages: write
+    outputs:
+      image-tag: ${{ steps.export-tag.outputs.tag }}
+
+    steps:
+      - name: Free Disk Space (Ubuntu)
+        uses: jlumbroso/free-disk-space@main
+        with:
+          # aggressively free disk space because
+          # the container is so large
+          tool-cache: true
+
+      - name: Check out repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+            type=sha
+            type=raw,value=latest,enable={{is_default_branch}}
+
+      - name: Build and push Docker image
+        id: build
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          load: ${{ github.event_name == 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Export image tag
+        id: export-tag
+        run: |
+          # Get first tag from metadata output
+          TAG=$(echo "${{ steps.meta.outputs.tags }}" | head -n1)
+          echo "tag=$TAG" >> $GITHUB_OUTPUT
+
+      - name: Smoke test image (no GPU)
+        run: |
+          docker run --rm "${{ steps.export-tag.outputs.tag }}" \
+            python -c "import mach; print(f'✓ mach version: {mach.__version__}')"
+
+  smoke-test-gpu:
+    name: Smoke test Docker image on GPU
+    needs: build-and-push
+    if: github.event_name != 'pull_request'
+    runs-on: linux-x64-nvidia-gpu-t4
+    permissions:
+      packages: read
+    timeout-minutes: 10
+
+    container:
+      image: ${{ needs.build-and-push.outputs.image-tag }}
+      credentials:
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+      options: --gpus all
+
+    steps:
+      - name: Test mach import and version
+        run: |
+          python -c "import mach; print(f'✓ mach version: {mach.__version__}')"
+
+      - name: Test CUDA backend availability
+        run: |
+          python -c "import mach._cuda_impl; print('✓ CUDA backend loaded successfully')"

Dockerfile

@@ -0,0 +1,68 @@
+# syntax=docker/dockerfile:1
+
+# Development environment for mach-beamform
+# Provides CUDA compilation without requiring local CUDA installation
+
+ARG CUDA_VERSION=12.6.3
+FROM nvidia/cuda:${CUDA_VERSION}-devel-ubuntu22.04
+
+# Avoid interactive prompts during package installation
+ENV DEBIAN_FRONTEND=noninteractive
+
+# Install build dependencies
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    gcc \
+    g++ \
+    make \
+    cmake \
+    ninja-build \
+    curl \
+    ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install uv (will automatically install Python when needed)
+COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/
+
+# Set CUDA environment variables
+ENV CUDA_HOME=/usr/local/cuda
+ENV PATH="${CUDA_HOME}/bin:${PATH}"
+ENV LD_LIBRARY_PATH="${CUDA_HOME}/lib64:${LD_LIBRARY_PATH}"
+
+# Silence warning about not being able to use hard links with cache mount
+ENV UV_LINK_MODE=copy
+
+# Shared flags for uv sync: install all optional extras but exclude heavy dev-dependencies
+ENV UV_SYNC_FLAGS="--frozen --all-extras --no-dev --no-group test --no-group profile --no-group build --no-group array --no-group compare --no-group docs"
+
+# Set working directory
+WORKDIR /workspace
+
+# Copy dependency files first for better layer caching
+# Dependencies only rebuild when these files change
+COPY pyproject.toml uv.lock ./
+
+# Install dependencies with cache mount
+# This layer is cached and reused when only source code changes
+# Install all optional dependencies but exclude heavy dev-dependencies
+RUN --mount=type=cache,target=/root/.cache/uv \
+    uv sync $UV_SYNC_FLAGS --no-install-project
+
+# Copy the rest of the project
+# Source code changes won't trigger dependency reinstall
+COPY . .
+
+# Install the project itself (fast, no dependency downloads)
+RUN --mount=type=cache,target=/root/.cache/uv \
+    uv sync $UV_SYNC_FLAGS
+
+# Add virtual environment to PATH so Python and installed packages are available
+ENV PATH="/workspace/.venv/bin:${PATH}"
+
+# OCI labels
+LABEL org.opencontainers.image.title="mach-beamform-dev" \
+      org.opencontainers.image.description="Development environment for ultrafast GPU-accelerated beamforming" \
+      org.opencontainers.image.source="https://github.com/Forest-Neurotech/mach" \
+      org.opencontainers.image.vendor="Forest Neurotech"
+
+# Default command: interactive bash shell
+CMD ["/bin/bash"]

Makefile

@@ -109,4 +109,12 @@ clean: ## Cleans build artifacts
 	@echo "Cleaning build artifacts..."
 	rm -rf dist/ build/ mach.*.so
 
+.PHONY: docker-build
+docker-build: ## Builds the Docker development image
+	docker compose build
+
+.PHONY: docker-dev
+docker-dev: ## Runs the development container
+	docker compose run --rm dev
+
 .DEFAULT_GOAL := help

README.md

@@ -49,6 +49,34 @@ Build prerequisites:
 * `gcc >= 8`
 * `nvcc >= 11.0`
 
+### Docker Development
+
+Compile and test without installing the CUDA *toolkit* using our Docker development environment.
+
+**Prerequisites:**
+* Docker Engine with [nvidia-container-toolkit](https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/install-guide.html)
+* CUDA-capable GPU with driver >= 12.3
+
+**Quick start:**
+
+```bash
+# Build and start development container
+docker compose run --rm dev
+
+# Or use make shortcuts
+make docker-build  # Build image (first time: ~2-3 min, rebuilds: ~30s)
+make docker-dev    # Run container
+```
+
+**Inside the container:**
+
+```bash
+make compile  # Compile CUDA extension
+make test     # Run tests
+```
+
+Your source code is mounted from the host, so you can edit files locally and compile in the container. Build artifacts (`.venv/` and `build/`) are stored in anonymous volumes to avoid permission issues. Dependencies are pre-installed in the image and cached, so rebuilds are fast when only source code changes.
+
 ## Examples
 
 Try our [examples](https://forest-neurotech.github.io/mach/examples/):

docker-compose.yml

@@ -0,0 +1,26 @@
+services:
+  # Default development service
+  # Mount project as read-write, mask build artifacts with volumes
+  dev:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    image: mach-beamform-dev:latest
+    stdin_open: true
+    tty: true
+    working_dir: /workspace
+
+    # Mount project directory, but use volumes for artifacts to avoid host conflicts
+    volumes:
+      - .:/workspace
+      - /workspace/.venv      # Anonymous volume masks .venv from host
+      - /workspace/build      # Anonymous volume masks build from host
+
+    # GPU access configuration
+    deploy:
+      resources:
+        reservations:
+          devices:
+            - driver: nvidia
+              count: all
+              capabilities: [gpu]