How to Use AI Rules in Dev Containers

Dev Containers: Standardized AI Development Environments

Dev Containers (the open specification, not just GitHub Codespaces): define reproducible development environments using Docker containers. They work in: VS Code (with the Dev Containers extension), GitHub Codespaces, JetBrains IDEs (via Gateway), and any tool that supports the devcontainer.json specification. For AI rules: Dev Containers ensure every developer has the same AI tools installed, the same extensions enabled, and access to the same rule files — regardless of their local machine's configuration.

The Dev Container advantage for AI rules: local development without Dev Containers: each developer installs AI tools differently (different versions, different configurations, different API key management). With Dev Containers: the devcontainer.json specifies exactly which AI tools are installed, which versions, and how they are configured. Every developer: opens the project, the container builds, and AI tools are ready with rules loaded. Zero per-developer setup.

Dev Containers vs GitHub Codespaces: Codespaces run Dev Containers in the cloud. Local Dev Containers: run on the developer's machine using Docker Desktop. The devcontainer.json: identical for both. Write it once, use it locally and in the cloud. AI rule: 'One devcontainer.json: works for local Dev Containers and GitHub Codespaces. No platform-specific configuration needed.'

Step 1: Configuring AI Tools in devcontainer.json

VS Code extensions: add AI extensions to the devcontainer customizations. 'customizations': { 'vscode': { 'extensions': ['GitHub.copilot', 'GitHub.copilot-chat'] } }. These extensions: installed automatically when the container is created. The developer: does not need to install them manually. For Copilot: the extension activates if the developer has a Copilot subscription linked to their GitHub account.

Claude Code CLI: install via a Dev Container Feature or postCreateCommand. Feature approach: 'features': { 'ghcr.io/devcontainers/features/node:1': { 'version': '20' } } — ensures Node.js is available, then 'postCreateCommand': 'npm install -g @anthropic-ai/claude-code'. The postCreateCommand: runs after the container is created, installing Claude Code globally. API key: passed via environment variable from the host or from container secrets.

Environment variables for API keys: in devcontainer.json: 'remoteEnv': { 'ANTHROPIC_API_KEY': '${localEnv:ANTHROPIC_API_KEY}' }. This passes the API key from the developer's local environment into the container. The developer: sets the key once on their host machine. Every Dev Container: inherits it automatically. For teams: document the required environment variables in the README. AI rule: 'Use remoteEnv to pass API keys from the host. The developer configures keys once. Every container session: has the keys automatically.'

💡 remoteEnv Passes Keys Without Storing Them in the Repo

'remoteEnv': { 'ANTHROPIC_API_KEY': '${localEnv:ANTHROPIC_API_KEY}' } — reads the key from the developer's host machine and injects it into the container. The key: never appears in devcontainer.json, never committed to git, never visible in the container image. Each developer: sets the key on their host once. Every container session: has it automatically. Secure, convenient, zero-configuration per container launch.

Step 2: Rule File Access and Verification

Rule files in the repository: CLAUDE.md, .cursorrules, and .github/copilot-instructions.md are in the repository. When the Dev Container is created: the repository is cloned into the container. Rule files: available at the workspace root. No additional mounting or copying needed. The AI tools: read the rules from the workspace automatically.

Verification on container creation: add a postStartCommand that verifies the AI environment. 'postStartCommand': 'echo "=== AI Environment Check ===" && (test -f CLAUDE.md && echo "CLAUDE.md: found" || echo "WARNING: CLAUDE.md not found") && (which claude > /dev/null 2>&1 && echo "Claude Code: $(claude --version)" || echo "Claude Code: not installed") && echo "=========================="'. This prints a summary when the container starts, confirming rule files and tools are available.

Shared volumes for global rules: if the team maintains a global rules file (~/.claude/CLAUDE.md for personal preferences), mount it from the host: 'mounts': ['source=${localEnv:HOME}/.claude,target=/home/vscode/.claude,type=bind,consistency=cached']. This makes the developer's global AI configuration available inside the container alongside the project-specific rules. AI rule: 'Project rules: from the repository (automatic). Global rules: mounted from the host (explicit mount in devcontainer.json). Both are available inside the container.'

ℹ️ One devcontainer.json Works Locally and in Codespaces

The devcontainer.json you write for local Docker-based development: also works in GitHub Codespaces without changes. Codespaces: runs the same container definition in the cloud. Write once, use everywhere: local Docker Desktop, GitHub Codespaces, JetBrains Gateway, and any devcontainer-compatible tool. The AI tool configuration: portable across all these environments. No platform-specific workarounds needed.

Step 3: Team Workflow with Dev Containers

Onboarding: a new developer clones the repo, opens in VS Code, clicks 'Reopen in Container.' Docker builds the container (2-5 minutes first time, cached afterward). AI tools: installed. Rules: loaded. Extensions: configured. The developer: starts their first AI-assisted coding session without any manual setup. Onboarding AI tools: reduced from 30-60 minutes to zero. AI rule: 'Dev Containers reduce AI tool onboarding to zero. The developer's first experience: productive coding, not tool installation.'

Consistency across the team: every developer's Dev Container: built from the same devcontainer.json. Same Node.js version. Same Claude Code version. Same extensions. Same settings. No developer has a custom setup that produces different AI behavior. If the devcontainer.json is updated: all developers rebuild to get the update. AI rule: 'Dev Containers eliminate 'works on my machine' for AI tool configuration. Every container: identical AI environment.'

Offline and remote development: Dev Containers work locally (Docker Desktop, no internet needed after the initial build). For remote development: Dev Containers work over SSH (VS Code Remote - SSH + Dev Containers). For air-gapped environments: pre-build the container image with all AI tools, push to an internal registry, and reference the image in devcontainer.json. AI rule: 'Dev Containers are the most flexible AI environment setup: local, cloud (Codespaces), remote (SSH), and air-gapped (pre-built images). One devcontainer.json for all scenarios.'

⚠️ First Container Build Takes 2-5 Minutes — Subsequent Launches Are Cached

The first time a developer opens the Dev Container: Docker pulls the base image, runs postCreateCommand (npm install, Claude Code install), and configures extensions. This takes 2-5 minutes. The developer may think: 'This is slow.' After the first build: Docker caches the layers. Subsequent launches: 10-30 seconds. Communicate this to the team: 'First launch is slow (one-time setup). Every launch after: nearly instant.' For even faster first builds: use prebuilt container images.

Dev Container AI Rules Summary

Complete Dev Container + AI rules setup.

Extensions: Copilot, Copilot Chat in devcontainer customizations. Auto-installed per container
Claude Code: npm install -g in postCreateCommand. Node.js via Dev Container Feature
API keys: remoteEnv passes keys from host. Developer configures once, every container inherits
Rule files: in the repository, available at workspace root. No additional mounting needed
Global rules: mount ~/.claude from host for personal AI preferences
Verification: postStartCommand prints AI tool and rule file status on container start
Onboarding: clone → reopen in container → AI tools ready. Zero manual setup
Flexibility: works locally, in Codespaces, remote SSH, and air-gapped with pre-built images