bootc-dev · cgwalters · Mar 9, 2026 · Mar 9, 2026 · gemini-code-assist · Mar 9, 2026
diff --git a/devenv/Containerfile.debian b/devenv/Containerfile.debian
@@ -1,7 +1,7 @@
 # These aren't packages, just low-dependency binaries dropped in /usr/local/bin
 # so we can fetch them independently in a separate build.
 ARG base=docker.io/library/debian:sid
-FROM $base as base
+FROM $base AS base
 # Life is too short to care about dash
 RUN ln -sfr /bin/bash /bin/sh
 RUN <<EORUN
@@ -28,21 +28,21 @@ echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/githubc
 apt -y update
 EORUN
 
-FROM base as tools
+FROM base AS tools
 # renovate: datasource=github-releases depName=astral-sh/uv
 ARG uvversion=0.10.2
 COPY fetch-tools.py tool-versions.txt install-uv.sh /run/src/
-RUN /run/src/fetch-tools.py
+RUN apt -y install python3 && /run/src/fetch-tools.py && apt -y purge python3 && apt -y autoremove
 RUN uvversion=$uvversion /run/src/install-uv.sh
 
-FROM base as rust
+FROM base AS rust
 # renovate: datasource=custom.rust-nightly depName=rust-nightly versioning=rust-release-channel
 ARG rust_nightly=nightly-2026-03-02
 COPY install-rust.sh /run/src/
 RUN rust_nightly=$rust_nightly /run/src/install-rust.sh
 
 # Kani formal verification tool - requires rustup for toolchain management
-FROM rust as kani
+FROM rust AS kani
 # renovate: datasource=crate depName=kani-verifier
 ARG kaniversion=0.67.0
 RUN apt-get update && apt-get install -y --no-install-recommends gcc libc6-dev && rm -rf /var/lib/apt/lists/*