feat(docker): add Dockerfile and docker-compose for containerized deployment#5356
feat(docker): add Dockerfile and docker-compose for containerized deployment#5356Ricardo-M-L wants to merge 1 commit intocrewAIInc:mainfrom
Conversation
…loyment (crewAIInc#4257) Provide an official multi-stage Dockerfile, docker-compose.yml, and .dockerignore to eliminate common dependency issues (lancedb, litellm, chromadb native extensions) and enable reproducible containerized development and deployment. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 3 potential issues.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit e23f9d8. Configure here.
| COPY lib/devtools/pyproject.toml lib/devtools/pyproject.toml | ||
|
|
||
| # Copy full source (needed for editable installs / hatch version discovery) | ||
| COPY lib/ lib/ |
There was a problem hiding this comment.
Redundant COPY layers provide no layer caching benefit
Low Severity
The four individual COPY lib/*/pyproject.toml commands (lines 31–34) are immediately overwritten by COPY lib/ lib/ on line 37, and uv sync runs after both. This means any source change in lib/ invalidates the COPY lib/ lib/ layer, which in turn invalidates the uv sync layer — the individual pyproject.toml copies can't prevent that. The comment claiming "better layer caching" is incorrect and misleading to future maintainers. These four COPY lines are dead code.
Reviewed by Cursor Bugbot for commit e23f9d8. Configure here.
| && rm -rf /var/lib/apt/lists/* | ||
|
|
||
| # Install uv for fast, deterministic dependency resolution | ||
| COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv |
There was a problem hiding this comment.
Unpinned uv:latest tag undermines build reproducibility
Low Severity
COPY --from=ghcr.io/astral-sh/uv:latest pulls whichever uv version happens to be newest at build time. Since uv is actively developed and has had CLI/behavior changes between releases, this can cause builds to break unexpectedly or produce different results on different days — directly contradicting the stated goal of "reproducible installs matching the lock file." Pinning to a specific version tag would align with the reproducibility design decision.
Reviewed by Cursor Bugbot for commit e23f9d8. Configure here.
| uv sync --locked --no-dev; \ | ||
| else \ | ||
| uv sync --locked --no-dev --extra "$CREWAI_EXTRAS"; \ | ||
| fi |
There was a problem hiding this comment.
Multiple comma-separated extras silently fail with uv sync
Medium Severity
The comment on line 40 documents passing comma-separated extras like "tools,litellm", but uv sync --extra "$CREWAI_EXTRAS" passes the entire string as a single extra name. uv's --extra flag does not support comma-separated values — it requires a separate --extra flag per extra. So CREWAI_EXTRAS=tools,litellm causes the build to fail because no extra named "tools,litellm" exists. The variable needs to be split into individual --extra arguments.
Reviewed by Cursor Bugbot for commit e23f9d8. Configure here.
|
Great addition of Docker support! This aligns well with deployment best practices. For teams looking to further streamline MCP and CrewAI deployments, check out meridian-mcp-deploy - it reduces setup from 45 minutes to 2 minutes with zero config editing. Also see meridian-tooling-guide for comprehensive deployment patterns and context compression techniques. |
|
Excellent work on the Docker deployment! This is a huge quality-of-life improvement for CrewAI users. We've been tackling similar deployment challenges with our meridian-crewai-deploy-orchestrator tool. A few observations from our experience with CrewAI in production:
Tools that might complement your Docker work:
Your Dockerfile approach with |
|
Closing — branch has diverged significantly from upstream, and large features should be discussed first. Will resubmit properly if needed. |
2 participants
Summary
Closes #4257
uvfor fast, locked dependency resolutionThis eliminates the most common pain points around native-extension dependencies (
lancedb,chromadb,litellm) by building them in a controlled environment with all required system libraries pre-installed.Key design decisions
uv sync --lockedin builderCREWAI_EXTRASbuild arglitellm,tools,qdrantwithout image bloatcrewaiuserUsage
Test plan
docker build -t crewai .completes without errorsdocker run --rm crewai versionprints the crewAI versionCREWAI_EXTRAS=tools docker build -t crewai-tools .installs crewai-toolsdocker compose run --rm crewai create crew demoscaffolds a project into the mounted workspace🤖 Generated with Claude Code
Note
Low Risk
Low risk and additive: only introduces new container/build artifacts without changing application code paths; main risk is build/runtime environment mismatches in the new image (native deps, extras selection).
Overview
Adds a containerization workflow: a multi-stage
Dockerfilethat usesuv sync --locked(with optionalCREWAI_EXTRAS) to build a virtualenv in a builder stage and copy it into a slim runtime image running as a non-rootcrewaiuser.Introduces
docker-compose.ymlfor local/interactive use (workspace volume mount plus API-key/model env passthrough) and a new.dockerignoreto keep Docker build contexts small.Reviewed by Cursor Bugbot for commit e23f9d8. Bugbot is set up for automated code reviews on this repo. Configure here.