feat(devcontainer): introduce RTK and gh (#3479)

[KATO-Hiro]

close #3479

Summary by CodeRabbit

リリースノート

• Chores

  • 開発環境の設定とセキュリティ権限を更新しました。
  • 依存関係をピン留めしました。

• Documentation

  • AI支援ツール関連のドキュメントを追加しました。

[coderabbitai]

Warning

Rate limit exceeded

@KATO-Hiro has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 22 minutes and 46 seconds before requesting another review.

To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: bc8f3692-4c26-425b-928f-7a4d68fa317a

📥 Commits

Reviewing files that changed from the base of the PR and between 43a7c7d and 9b614fd.

📒 Files selected for processing (3)

• .devcontainer/devcontainer-lock.json
• .devcontainer/devcontainer.json
• .devcontainer/setup-devcontainer.sh

📝 Walkthrough

Walkthrough

開発コンテナ環境に RTK（トークン最適化プロキシ）と GitHub CLI をセットアップする変更。devcontainer 設定を更新してマウントを追加し、新しいブートストラップスクリプトで Claude CLI、CodeRabbit CLI、RTK をインストールします。

Changes

開発環境の統合セットアップ

レイヤー / ファイル	概要
セキュリティ制約 \.claude/settings.json``	PR/Issue/Release 管理などの GitHub CLI 操作 7 つを サンドボックス拒否リストに追加。
Devcontainer 構成 \.devcontainer/devcontainer.json`, `.devcontainer/devcontainer-lock.json``	.claude と .gitconfig のホストディレクトリをマウント、github-cli フィーチャーを有効化、github-cli v1.1.0 をロック。
セットアップ自動化 \.devcontainer/setup-devcontainer.sh``	新規スクリプト：Claude Code CLI、CodeRabbit CLI、RTK をグローバルインストールし、pnpm install で依存関係を構築。
ドキュメント CONTRIBUTING.md	AI 支援ツールセクションに RTK（トークン最適化プロキシ）の説明を追記。

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

RTK が来た、トークン節約の星
gh コマンドも用意、dev環境はパワーアップ✨
セキュリティも忘れず、設定はクリーン
ブートストラップで、すべて自動、楽々スタート🚀

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	PRタイトルは主な変更内容（RTKとGitHub CLIのインストール、devcontainer設定の改善）を的確に要約している。
Linked Issues check	✅ Passed	コード変更は#3479の要件（RTKのインストール・初期化、GitHub CLIのインストール・有効化）を完全に満たしている。
Out of Scope Changes check	✅ Passed	全ての変更は#3479の要件に関連している。.claude/settings.json の gh コマンド制限追加は gh の安全な使用のための適切なスコープ内の変更。
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch #3479

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 0/1 reviews remaining, refill in 22 minutes and 46 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.devcontainer/devcontainer.json:
- Line 12: The bind mount
"source=${localEnv:HOME}/.gitconfig,target=/home/node/.gitconfig,type=bind,consistency=cached"
can create a host directory when the file is missing; update initializeCommand
to guard ~/.gitconfig by testing if $HOME/.gitconfig is a directory and, if so,
remove it and create an empty regular file, and also create the file if it does
not exist—this ensures the host-mounted path ends up as a file (not a directory)
before the container relies on git configuration.

In @.devcontainer/setup-devcontainer.sh:
- Line 5: Pin the global install of `@anthropic-ai/claude-code` to a specific
tested version instead of leaving it floating; update the line installing the
package to use an explicit semver (e.g. npm install -g
`@anthropic-ai/claude-code`@x.y.z), choose and document the chosen version in the
script, and optionally add a comment explaining to update the version only after
validation to prevent silent breakages.
- Around line 11-12: The curl install pipeline (curl -fsSL ... | sh) and the
subsequent rtk init -g --auto-patch should be made robust: wrap the curl install
invocation with the same fallback pattern used for CodeRabbit (so failure does
not abort the whole script despite set -euo pipefail), add a fallback for the
rtk init command as well, and ensure ~/.local/bin is available to
non-interactive shells by exporting PATH="$HOME/.local/bin:$PATH" before running
rtk init (or sourcing /etc/profile.d/00-restore-env.sh if appropriate); update
the lines that run the curl installer and rtk init to include these fallbacks
and the PATH export so postCreateCommand won’t fail on network or PATH issues.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 777e35e5-bb1c-4bd1-9384-a24716dabf02

📥 Commits

Reviewing files that changed from the base of the PR and between c9dc3b5 and 43a7c7d.

📒 Files selected for processing (5)

• .claude/settings.json
• .devcontainer/devcontainer-lock.json
• .devcontainer/devcontainer.json
• .devcontainer/setup-devcontainer.sh
• CONTRIBUTING.md

[KATO-Hiro]

LGTM