Add comprehensive Docker support for containerized Wassette deployments

[Copilot]

• Explore repository structure and understand the project
• Build the project to understand binary requirements
• Create Dockerfile for running Wassette in a container
• Create comprehensive Docker documentation
• Add Docker examples with component mounting
• Update SUMMARY.md to include Docker documentation
• Update CHANGELOG.md
• Create docker-compose example configuration
• Create .dockerignore for optimized builds
• Test Docker build and run commands
• Add Docker section to README.md
• Verify all Docker functionality works
• Capture documentation screenshot
• Address code review feedback
• Update Dockerfile to use Rust 1.90 (matches project version)
• Change default transport to streamable-http
• Merge Docker docs under Installation section in SUMMARY.md
• Update all documentation examples to use streamable-http as default

Changes from Review Feedback (Commits 2367c8e and latest)

All review comments have been fully addressed:

1. Dockerfile versions updated - Changed from rust:1.83 to rust:1.90 to match project Rust version
2. Default transport changed - Updated both Dockerfiles to use --streamable-http instead of --stdio
3. Documentation structure improved - Moved Docker documentation under Installation section
4. All examples updated - Updated all docker run commands in documentation to:
   • Use -p 9001:9001 for port mapping (streamable-http default)
   • Show how to override with --stdio or --sse when needed
   • Reflect streamable-http as the primary transport method
5. Docker Compose updated - Updated example compose file to reflect new default
6. README updated - Updated quick start examples to use streamable-http

The documentation now consistently shows streamable-http as the default with proper port mapping, making it easier for users to get started with HTTP-based access.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>There should be documentation on how to run Wassette in docker</issue_title>
<issue_description>Containerize wassette binary in a docker container for additional defense. It should mount the plugin_dir file paths and other paths that are necessary for wassette to function correctly.</issue_description>

Comments on the Issue (you are @copilot in this section)

Fixes #364

---

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

[Copilot]

Pull Request Overview

This PR adds comprehensive Docker support for containerized Wassette deployments, providing enhanced security isolation through defense-in-depth architecture. The implementation includes multiple Dockerfile variants, production-ready configuration examples, and extensive documentation following Docker security best practices.

• Containerizes Wassette with proper security hardening (non-root user, resource limits, capability dropping)
• Provides comprehensive documentation covering quick start, component mounting, secrets management, and production deployment
• Includes Docker Compose configuration for orchestrated deployments with security defaults

Reviewed Changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
docs/deployment/docker.md	Comprehensive Docker deployment guide with security best practices and troubleshooting
docs/SUMMARY.md	Adds Docker documentation to the book structure under new "Deployment" section
docker-compose.example.yml	Production-ready Docker Compose configuration with security defaults and resource limits
README.md	Updates main readme with Docker installation method and quick start examples
Dockerfile.prebuilt	Alternative Dockerfile for using pre-built binaries to speed up container builds
Dockerfile	Multi-stage Dockerfile that compiles from source with security hardening
CHANGELOG.md	Documents the Docker support addition in the unreleased section
.dockerignore	Optimizes Docker build context by excluding unnecessary files

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

This note about HTTP/SSE binding limitations should include a brief explanation of why 127.0.0.1 binding doesn't work with Docker port forwarding. Consider adding that 127.0.0.1 only accepts connections from localhost within the container, not from the host.

Suggested change

**Note**: The current version of Wassette binds to `127.0.0.1:9001`, which doesn't work directly with Docker port forwarding. The stdio transport is recommended for Docker deployments. HTTP/SSE support for Docker will be improved in a future release.

**Note**: The current version of Wassette binds to `127.0.0.1:9001`, which doesn't work directly with Docker port forwarding because `127.0.0.1` only accepts connections from localhost *within the container*, not from the host. As a result, published ports are not accessible from outside the container. The stdio transport is recommended for Docker deployments. HTTP/SSE support for Docker will be improved in a future release.

[Copilot]

The health check endpoint /health is referenced but it's unclear if this endpoint actually exists in Wassette. Either verify this endpoint exists or provide the correct health check endpoint.

Suggested change

	test: ["CMD", "curl", "-f", "http://localhost:9001/health"]
	test: ["CMD", "curl", "-f", "http://localhost:9001/"]

[Copilot]

Inconsistent health check format between the Docker Compose example and documentation. The documentation uses CMD format while this uses CMD-SHELL. Also, the /health endpoint should be verified to exist.

Suggested change

	test: ["CMD-SHELL", "curl -f http://localhost:9001/health || exit 1"]
	test: ["CMD", "curl", "-f", "http://localhost:9001/health"]

[Copilot]

The download URL pattern uses wassette-linux-x86_64 but it should be verified that this matches the actual release asset naming convention. GitHub releases might use different naming patterns.

Suggested change

	RUN curl -fsSL https://github.com/microsoft/wassette/releases/download/${WASSETTE_VERSION}/wassette-linux-x86_64 -o /usr/local/bin/wassette && \
	# NOTE: The asset name may change between releases. Check the actual asset name at:
	# https://github.com/microsoft/wassette/releases/tag/${WASSETTE_VERSION}
	ARG WASSETTE_ASSET=wassette-linux-x86_64
	RUN curl -fsSL https://github.com/microsoft/wassette/releases/download/${WASSETTE_VERSION}/${WASSETTE_ASSET} -o /usr/local/bin/wassette && \

[Mossaka]

@copilot

[Mossaka]

I think you could merge the docs with quick started

[Copilot]

Done in 2367c8e. Moved Docker documentation under the Installation section as a sub-item, removing the separate Deployment section.

[Mossaka]

use rust 1.90 version

[Copilot]

Updated to Rust 1.90 in 2367c8e to match the project's Rust version.

[Mossaka]

default start with streamable-http

[Copilot]

Changed default to streamable-http in 2367c8e.

[Mossaka]

same comment as above

[Copilot]

Changed default to streamable-http in 2367c8e.

[Mossaka]

@copilot apply changes based on the comments in this thread

[Copilot]

@copilot apply changes based on the comments in this thread

All the comments from that review thread have already been addressed in commit 2367c8e:

• Merged Docker docs under Installation section in SUMMARY.md
• Updated Dockerfile to use Rust 1.90
• Changed default transport to streamable-http in both Dockerfiles

Are there additional changes you'd like me to make?

[Mossaka]

@copilot apply changes based on the comments in this thread

[Copilot]

@copilot apply changes based on the comments in this thread

Completed in 88ea633. Updated all documentation to reflect streamable-http as the default transport:

• All docker run examples now use -p 9001:9001 with streamable-http
• README updated with correct default
• Docker Compose example updated
• Documentation shows how to override with --stdio or --sse when needed