make sandbox attachable, document in README (#80)
This commit is contained in:
parent
7588aef07c
commit
fad526c63f
|
@ -76,8 +76,12 @@ Chances are you will need to manually address errors output. You can also try `n
|
|||
|
||||
To enable sandboxing, set `GEMINI_CODE_SANDBOX=true` in your environment or `.env` file. Once enabled, `npm run build` will build a minimal container ("sandbox") image and `npm start` will launch inside a fresh instance of that container. Requires either `docker` or `podman` to be installed on host machine.
|
||||
|
||||
The sandbox (container) mounts the current directory with read-write access and is started/stopped/removed automatically as you start/stop Gemini Code. You can tell you are inside the sandbox with the `cwd` being reported as `/sandbox/...`. Files created within the sandbox should be automatically mapped to your user/group on host machine.
|
||||
The sandbox (container) mounts the current directory with read-write access and is started/stopped/removed automatically as you start/stop Gemini Code. You can tell you are inside the sandbox with the `cwd` being reported as `/sandbox/<project>`. Files created within the sandbox should be automatically mapped to your user/group on host machine.
|
||||
|
||||
The very first build of the container (with `npm run build` or `scripts/build_sandbox.sh`) can take 20-30s (mostly due to downloading of the base image) but after that both build and start overhead should be minimal (1-2s).
|
||||
|
||||
You can customize the sandbox in `Dockerfile` (e.g. for pre-installed utilities) or in `scripts/build_sandbox.sh` (e.g. for mounts, environment variables, etc) and changes will be automatically picked up by `npm run build` and `npm start` respectively.
|
||||
You can customize the sandbox in `Dockerfile` (e.g. for pre-installed utilities) or in `scripts/build_sandbox.sh` (e.g. for mounts `-v ...`, ports `-p ...`, or environment variables `-e ...`) and any changes should be automatically picked up by `npm run build` and `npm start` respectively.
|
||||
|
||||
### Attaching from VSCode
|
||||
|
||||
You can have VSCode (or forks) attach to a running sandbox using the [Dev Containers](https://marketplace.cursorapi.com/items?itemName=ms-vscode-remote.remote-containers) extension. Simply use `Dev Containers: Attach to Running Container ...` command and select your container named `gemini-code-sandbox-#`. Once attached you can open the project folder at `/sandbox/<project>`. You may need the VSCode setting `dev.containers.dockerPath` to be `podman` if using `podman`. Without this setting you may be prompted to install Docker.
|
|
@ -2,8 +2,8 @@
|
|||
set -euo pipefail
|
||||
|
||||
IMAGE=gemini-code-sandbox
|
||||
CLI_DIST=/usr/local/share/npm-global/lib/node_modules/\@gemini-code/cli
|
||||
WORKDIR=/sandbox/$(basename "$PWD")
|
||||
CLI_DIST=/usr/local/share/npm-global/lib/node_modules/\@gemini-code/cli
|
||||
|
||||
# use docker if installed, otherwise try to use podman instead
|
||||
if command -v docker &> /dev/null; then
|
||||
|
@ -15,6 +15,19 @@ else
|
|||
exit 1
|
||||
fi
|
||||
|
||||
# use interactive tty mode and auto-remove container on exit
|
||||
run_args=(-it --rm)
|
||||
|
||||
# mount current directory as $WORKDIR inside container
|
||||
run_args+=(-v "$PWD:$WORKDIR")
|
||||
|
||||
# name container after image, plus numeric suffix to avoid conflicts
|
||||
INDEX=0
|
||||
while $CMD ps -a --format "{{.Names}}" | grep -q "$IMAGE-$INDEX"; do
|
||||
INDEX=$((INDEX + 1))
|
||||
done
|
||||
run_args+=(--name "$IMAGE-$INDEX")
|
||||
|
||||
# run gemini-code in sandbox container
|
||||
# use empty --authfile to skip unnecessary auth refresh overhead
|
||||
$CMD run -it --rm --authfile <(echo '{}') -v"$PWD:$WORKDIR" --workdir "$WORKDIR" "$IMAGE" node "$CLI_DIST"
|
||||
$CMD run "${run_args[@]}" --authfile <(echo '{}') --workdir "$WORKDIR" "$IMAGE" node "$CLI_DIST"
|
Loading…
Reference in New Issue