Fix Docker build on ARM by pre-installing numpy

[sbryngelson]

User description

User description

Summary

• Pre-installs numpy before other Python dependencies in toolchain/bootstrap/python.sh
• Fixes Docker build failures on ARM architecture where packages like cantera, pandas, matplotlib need numpy at build time when compiling from source

Context

The Docker workflow was failing on ubuntu-22.04-arm because several scientific Python packages require numpy to be importable during their wheel build process. Since pre-built binary wheels often don't exist for ARM64, pip tries to build from source and fails when numpy isn't installed yet.

See: https://github.com/MFlowCode/MFC/actions/runs/21636236188

Test plan

• Re-run the Docker containerization workflow to verify ARM builds succeed

🤖 Generated with Claude Code

---

PR Type

Bug fix

---

Description

• Pre-installs numpy before other Python dependencies in bootstrap script

• Fixes Docker build failures on ARM architecture where packages need numpy at build time

• Adds error handling for numpy installation with proper logging and cleanup

---

Diagram Walkthrough

flowchart LR
  A["Python venv setup"] --> B["Pre-install numpy"]
  B --> C["Install other dependencies"]
  C --> D["Build succeeds on ARM"]
  B -.->|"If fails"| E["Error handling & exit"]

Loading

File Walkthrough

Relevant files

Bug fix

python.sh Pre-install numpy with error handling                                        toolchain/bootstrap/python.sh Adds numpy pre-installation step before main dependency installation Includes error handling with logging and virtual environment cleanup on failure Adds explanatory comments about why numpy must be installed first for ARM builds Uses PIP_DISABLE_PIP_VERSION_CHECK flag consistent with existing code style +11/-0

---

Note

Low Risk
Low risk: changes only the Python bootstrap install order by adding an extra pip3 install numpy step, with straightforward failure handling. Main impact is dependency resolution/build behavior during installs, especially on platforms compiling wheels from source (e.g., ARM).

Overview
Fixes ARM/Docker bootstrap failures by pre-installing numpy in the venv before installing the project’s Python dependencies.

toolchain/bootstrap/python.sh now installs numpy as an explicit build-time prerequisite (with logging and early-exit error handling) prior to running pip3 install $(pwd)/toolchain.

^{Written by Cursor Bugbot for commit 24a3063. Configure here.}

---

CodeAnt-AI Description

Pre-install numpy in bootstrap to fix Docker ARM builds

What Changed

• The bootstrap script now installs numpy before other Python dependencies so packages that need numpy at build time (e.g., pandas, cantera, matplotlib) can compile on architectures without pre-built wheels (notably ARM).
• If numpy installation fails, the script logs a clear error, exits the virtual environment, and stops the build early instead of continuing to a later, harder-to-diagnose failure.
• The toolchain installation step runs only after numpy is successfully installed.

Impact

✅ Fewer ARM Docker build failures
✅ Shorter CI debugging for Python wheel build errors
✅ Clearer failure messages when numpy can't be installed

💡 Usage Guide

Checking Your Pull Request

Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.

Talking to CodeAnt AI

Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:

@codeant-ai ask: Your question here

This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.

Example

@codeant-ai ask: Can you suggest a safer alternative to storing this secret?

Preserve Org Learnings with CodeAnt

You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:

@codeant-ai: Your feedback here

This helps CodeAnt AI learn and adapt to your team's coding style and standards.

Example

@codeant-ai: Do not flag unused imports.

Retrigger review

Ask CodeAnt AI to review the PR again, by typing:

@codeant-ai: review

Check Your Repository Health

To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.

Summary by CodeRabbit

• Chores
  • Improved bootstrap so builds install a key scientific dependency up front, reducing build-time failures and improving dependency resolution.
  • Updated CI repository fetch to use the runtime-provided server URL, making workflow execution more flexible and robust.

[codeant-ai]

CodeAnt AI is reviewing your PR.

---

Thanks for using CodeAnt! 🎉

We're free for open-source projects. if you're enjoying it, help us grow by sharing.

Share on X ·
Reddit ·
LinkedIn

[qodo-code-review]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Version Pinning The script installs numpy without a version constraint. This can introduce non-reproducible builds (different numpy versions over time) and may break builds on some architectures or Python versions. Consider constraining/pinning numpy (or using a constraints file) to align with the rest of the toolchain dependencies. # Pre-install numpy as it's required at build time by several dependencies # (pandas, cantera, matplotlib, etc.) that may need to compile from source # on architectures without pre-built wheels (e.g., ARM) log "(venv) Pre-installing numpy (build-time dependency)." if ! PIP_DISABLE_PIP_VERSION_CHECK=1 pip3 install numpy; then error "(venv) Failed to install numpy." Install Method Using pip3 install numpy directly can sometimes invoke a different pip than the venv’s interpreter in edge cases. Using python -m pip install ... is typically more robust to ensure the venv pip is used. if ! PIP_DISABLE_PIP_VERSION_CHECK=1 pip3 install numpy; then error "(venv) Failed to install numpy." Cleanup Logic On numpy install failure, the script deactivates the venv and exits, but it doesn’t remove or invalidate the partially-created environment. If subsequent steps reuse the same venv directory, this could lead to confusing states. Consider cleaning/removing the venv (or marking it invalid) similarly to how other failure paths are handled in the script. error "(venv) Failed to install numpy." log "(venv) Exiting the$MAGENTA Python$COLOR_RESET virtual environment." deactivate exit 1 fi

[coderabbitai]

Warning

Rate limit exceeded

@sbryngelson has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 2 minutes and 20 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📝 Walkthrough

Walkthrough

The pull request adds a pre-installation step for numpy in the bootstrap script before the main toolchain dependencies are installed. If the numpy installation fails, the script logs an error and exits. The rest of the dependency installation flow remains unchanged.

Changes

Cohort / File(s)	Summary
Numpy Pre-installation toolchain/bootstrap/python.sh	Added pre-installation of numpy as a build-time dependency before main toolchain installation, with error handling that logs failures and terminates the script.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 A rabbit hops through the bootstrap script so fine,
Installing numpy first—a clever design!
Build-time dependencies now in their place,
The toolchain installs with improved grace. ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main change: pre-installing numpy to fix Docker builds on ARM architecture.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description check	✅ Passed	The PR description is comprehensive and well-structured, following most template requirements with clear context, bug fix classification, test plan, and detailed walkthroughs.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[qodo-code-review]

✅ Suggestion: Fix a formatting issue in a log message by adding a missing space before the color code. [general, importance: 4]

Suggested change

	log "(venv) Exiting the$MAGENTA Python$COLOR_RESET virtual environment."
	log "(venv) Exiting the $MAGENTA Python$COLOR_RESET virtual environment."

[codeant-ai]

Nitpicks 🔍

🔒 No security issues identified

⚡ Recommended areas for review Unpinned dependency / version mismatch Installing an unconstrained numpy may produce a version that conflicts with other packages declared in pyproject.toml or the toolchain. Consider aligning the pre-installed numpy version with project constraints to avoid incompatibilities. Build-time failures on ARM Installing numpy on ARM can still trigger a source build if a pre-built wheel is unavailable, which fails when system build dependencies (BLAS, compilers) are missing. The current single pip install numpy attempt has no fallback or explicit wheel preference and may lead to long builds or failures. pip vs python module Calling pip3 directly can invoke a system pip if the virtualenv isn't active or PATH ordering differs. This may install numpy into the wrong Python environment. Prefer invoking pip via the interpreter (e.g., python3 -m pip) to ensure the target interpreter's pip is used.

[codeant-ai]

CodeAnt AI finished reviewing your PR.

[Copilot]

Pull request overview

This PR fixes Docker build failures on ARM architecture by pre-installing numpy before other Python dependencies. The issue occurs because several scientific Python packages (pandas, cantera, matplotlib) require numpy to be importable during their build process when compiling from source. On ARM64, pre-built binary wheels often don't exist, causing pip to build from source and fail when numpy isn't available.

Changes:

• Added numpy pre-installation step in toolchain/bootstrap/python.sh before installing other dependencies

[Copilot]

Consider adding MAKEFLAGS to enable parallel compilation when building numpy from source on ARM. This would be consistent with the main installation command at line 159 and improve build performance. The command could be: PIP_DISABLE_PIP_VERSION_CHECK=1 MAKEFLAGS=$nthreads pip3 install numpy

Suggested change

	if ! PIP_DISABLE_PIP_VERSION_CHECK=1 pip3 install numpy; then
	if ! PIP_DISABLE_PIP_VERSION_CHECK=1 MAKEFLAGS=$nthreads pip3 install numpy; then

[Copilot]

pip3 install numpy fetches and executes a third-party package from the default index without any version pinning or integrity controls, which introduces supply chain risk in the build toolchain. If the numpy package or its distribution channel is compromised, a malicious release could execute arbitrary code during the Docker build and persist backdoors into the resulting image. To reduce this risk, pin numpy to a specific trusted version (and/or vendor it or use a private index with vetted artifacts) so that builds are deterministic and not automatically picking up potentially malicious new releases.

[cubic-dev-ai]

No issues found across 1 file