feat: prototype publish sandbox script with npm package (#182)

This commit is contained in:
Brandon Keiji 2025-04-26 00:30:50 +00:00 committed by GitHub
parent a5ba681f8d
commit d051c0fd0f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 96 additions and 9 deletions

View File

@ -24,7 +24,7 @@ steps:
# Authenticate with our registry
- name: 'node:bookworm'
entrypoint: 'npm'
args: ['run', 'auth']
args: ['run', 'auth:npm']
# Publish packages from workspaces with 'dogfood' tag
# we awkwardly need to install rsync beforehand. TODO: use a dedicated dev container

View File

@ -24,7 +24,7 @@ steps:
# Authenticate with our registry
- name: 'node:bookworm'
entrypoint: 'npm'
args: ['run', 'auth']
args: ['run', 'auth:npm']
# Dry run publish to make sure that's not broken
# we awkwardly need to install rsync beforehand. TODO: use a dedicated dev container

3
package-lock.json generated
View File

@ -6835,7 +6835,8 @@
"yargs": "^17.7.2"
},
"bin": {
"gemini-code": "dist/index.js"
"gemini-code": "dist/index.js",
"gemini-code-sandbox": "bin/sandbox.sh"
},
"devDependencies": {
"@types/diff": "^7.0.2",

View File

@ -17,7 +17,9 @@
"typecheck": "tsc --noEmit --jsx react",
"format": "prettier --write .",
"preflight": "npm run format --workspaces --if-present && npm run lint --workspaces --if-present && npm run test --workspaces --if-present",
"auth": "npx google-artifactregistry-auth",
"auth:npm": "npx google-artifactregistry-auth",
"auth:docker": "gcloud auth configure-docker us-west1-docker.pkg.dev",
"auth": "npm run auth:npm && npm run auth:docker",
"prerelease:dev": "npm run prerelease:version --workspaces && npm run prerelease:deps --workspaces"
},
"devDependencies": {

27
packages/cli/Dockerfile Normal file
View File

@ -0,0 +1,27 @@
FROM docker.io/library/node:20-slim
ENV GEMINI_CODE_SANDBOX=docker
ENV SANDBOX=sandbox
# install minimal set of packages, then clean up
RUN apt-get update && apt-get install -y --no-install-recommends \
man-db \
curl \
dnsutils \
less \
jq \
bc \
gh \
git \
unzip \
rsync \
ripgrep \
procps \
psmisc \
lsof \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
RUN --mount=type=secret,id=npmrc,dst=/root/.npmrc npm install -g @gemini-code/cli@head --verbose
ENTRYPOINT 'gemini-code'

54
packages/cli/bin/sandbox.sh Executable file
View File

@ -0,0 +1,54 @@
#!/bin/bash
# Copyright 2025 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
REGISTRY="us-west1-docker.pkg.dev/gemini-code-dev/gemini-code-containers" # TODO: swap this to public registry before launch
IMAGE="gemini-code"
TAG="0.1.0-fakeversion" # TODO: make this more configurable
PROJECT=$(basename "$PWD")
WORKDIR=/sandbox/$PROJECT
# use interactive tty mode and auto-remove container on exit
run_args=(-it --rm)
# mount current directory as $WORKDIR inside container
run_args+=(-v "$PWD:$WORKDIR")
# name container after image, plus numeric suffix to avoid conflicts
INDEX=0
while docker ps -a --format "{{.Names}}" | grep -q "$IMAGE-$INDEX"; do
INDEX=$((INDEX + 1))
done
run_args+=(--name "$IMAGE-$INDEX" --hostname "$IMAGE-$INDEX")
# copy GEMINI_API_KEY
if [ -n "${GEMINI_API_KEY:-}" ]; then run_args+=(--env GEMINI_API_KEY="$GEMINI_API_KEY"); fi
# copy GEMINI_CODE_MODEL
if [ -n "${GEMINI_CODE_MODEL:-}" ]; then run_args+=(--env GEMINI_CODE_MODEL="$GEMINI_CODE_MODEL"); fi
# copy SHELL_TOOL to optionally enable shell tool
if [ -n "${SHELL_TOOL:-}" ]; then run_args+=(--env SHELL_TOOL="$SHELL_TOOL"); fi
# copy TERM and COLORTERM to try to maintain terminal setup
if [ -n "${TERM:-}" ]; then run_args+=(--env TERM="$TERM"); fi
if [ -n "${COLORTERM:-}" ]; then run_args+=(--env COLORTERM="$COLORTERM"); fi
# set SANDBOX environment variable as container name
# this is the preferred mechanism to detect if inside container/sandbox
run_args+=(--env "SANDBOX=$IMAGE:$TAG-$INDEX")
node_args=("$CLI_PATH" "$@")
docker run "${run_args[@]}" --init --workdir "$WORKDIR" "$REGISTRY/$IMAGE:$TAG" node "${node_args[@]}"

View File

@ -1,11 +1,12 @@
{
"name": "@gemini-code/cli",
"version": "0.1.0",
"version": "0.1.0-dev-62cc889.0",
"description": "Gemini Code CLI",
"type": "module",
"main": "dist/index.js",
"bin": {
"gemini-code": "dist/index.js"
"gemini-code": "dist/index.js",
"gemini-code-sandbox": "bin/sandbox.sh"
},
"scripts": {
"build": "../../scripts/build_package.sh",
@ -17,13 +18,15 @@
"test": "vitest run",
"prerelease:version": "node ../../scripts/bind_package_version.js",
"prerelease:deps": "node ../../scripts/bind_package_dependencies.js",
"prepack": "npm run build"
"prerelease:sandbox": "DOCKER_BUILDKIT=1 docker build --no-cache --secret id=npmrc,src=$HOME/.npmrc -t 'us-west1-docker.pkg.dev/gemini-code-dev/gemini-code-containers/gemini-code:0.1.0-fakeversion' .",
"prepack": "npm run build",
"xpostpublish": "docker push 'us-west1-docker.pkg.dev/gemini-code-dev/gemini-code-containers/gemini-code:0.1.0-fakeversion'"
},
"files": [
"dist"
],
"dependencies": {
"@gemini-code/server": "*",
"@gemini-code/server": "0.1.0-dev-62cc889.0",
"@google/genai": "^0.8.0",
"diff": "^7.0.0",
"dotenv": "^16.4.7",

View File

@ -1,6 +1,6 @@
{
"name": "@gemini-code/server",
"version": "0.1.0",
"version": "0.1.0-dev-62cc889.0",
"description": "Gemini Code Server",
"type": "module",
"main": "dist/index.js",