SANDBOX_PORTS env var (#204)

This commit is contained in:
Olcan 2025-04-28 15:44:17 -07:00 committed by GitHub
parent 57ceadb7d8
commit cd1ddcb4f1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 25 additions and 3 deletions

View File

@ -203,6 +203,16 @@ async function start_sandbox(sandbox: string) {
nodeArgs.push(`--inspect-brk=0.0.0.0:${debugPort}`);
}
// open additional ports if SANDBOX_PORTS is set
if (process.env.SANDBOX_PORTS) {
for (let port of process.env.SANDBOX_PORTS.split(',')) {
if ((port = port.trim())) {
console.log(`SANDBOX_PORTS: ${port}`);
args.push('-p', `${port}:${port}`);
}
}
}
// append remaining args (image, node, node args, cli path, cli args)
args.push(image, 'node', ...nodeArgs, cliPath, ...process.argv.slice(2));

View File

@ -40,7 +40,8 @@ if ! $CMD images -q "$IMAGE" | grep -q .; then
fi
# use interactive tty mode and auto-remove container on exit
run_args=(-it --rm)
# run init binary inside container to forward signals & reap zombies
run_args=(-it --rm --init --workdir "$WORKDIR")
# mount current directory as $WORKDIR inside container
run_args+=(-v "$PWD:$WORKDIR")
@ -133,10 +134,21 @@ if [ -n "${DEBUG:-}" ]; then
fi
node_args+=("$CLI_PATH" "$@")
# open additional ports if SANDBOX_PORTS is set
if [ -n "${SANDBOX_PORTS:-}" ]; then
ports=$(echo "$SANDBOX_PORTS" | tr ',' '\n')
for port in $ports; do
if [ -n "$port" ]; then
echo "SANDBOX_PORTS: $port"
run_args+=(-p "$port:$port")
fi
done
fi
# run gemini-code in sandbox container
if [[ "$CMD" == "podman" ]]; then
# use empty --authfile to skip unnecessary auth refresh overhead
$CMD run "${run_args[@]}" --init --authfile <(echo '{}') --workdir "$WORKDIR" "$IMAGE" node "${node_args[@]}"
$CMD run "${run_args[@]}" --authfile <(echo '{}') "$IMAGE" node "${node_args[@]}"
else
$CMD run "${run_args[@]}" --init --workdir "$WORKDIR" "$IMAGE" node "${node_args[@]}"
$CMD run "${run_args[@]}" "$IMAGE" node "${node_args[@]}"
fi