diff --git a/README.md b/README.md index 743e6f71..b24546c0 100644 --- a/README.md +++ b/README.md @@ -76,8 +76,12 @@ Chances are you will need to manually address errors output. You can also try `n To enable sandboxing, set `GEMINI_CODE_SANDBOX=true` in your environment or `.env` file. Once enabled, `npm run build` will build a minimal container ("sandbox") image and `npm start` will launch inside a fresh instance of that container. Requires either `docker` or `podman` to be installed on host machine. -The sandbox (container) mounts the current directory with read-write access and is started/stopped/removed automatically as you start/stop Gemini Code. You can tell you are inside the sandbox with the `cwd` being reported as `/sandbox/...`. Files created within the sandbox should be automatically mapped to your user/group on host machine. +The sandbox (container) mounts the current directory with read-write access and is started/stopped/removed automatically as you start/stop Gemini Code. You can tell you are inside the sandbox with the `cwd` being reported as `/sandbox/`. Files created within the sandbox should be automatically mapped to your user/group on host machine. The very first build of the container (with `npm run build` or `scripts/build_sandbox.sh`) can take 20-30s (mostly due to downloading of the base image) but after that both build and start overhead should be minimal (1-2s). -You can customize the sandbox in `Dockerfile` (e.g. for pre-installed utilities) or in `scripts/build_sandbox.sh` (e.g. for mounts, environment variables, etc) and changes will be automatically picked up by `npm run build` and `npm start` respectively. \ No newline at end of file +You can customize the sandbox in `Dockerfile` (e.g. for pre-installed utilities) or in `scripts/build_sandbox.sh` (e.g. for mounts `-v ...`, ports `-p ...`, or environment variables `-e ...`) and any changes should be automatically picked up by `npm run build` and `npm start` respectively. + +### Attaching from VSCode + +You can have VSCode (or forks) attach to a running sandbox using the [Dev Containers](https://marketplace.cursorapi.com/items?itemName=ms-vscode-remote.remote-containers) extension. Simply use `Dev Containers: Attach to Running Container ...` command and select your container named `gemini-code-sandbox-#`. Once attached you can open the project folder at `/sandbox/`. You may need the VSCode setting `dev.containers.dockerPath` to be `podman` if using `podman`. Without this setting you may be prompted to install Docker. \ No newline at end of file diff --git a/scripts/start_sandbox.sh b/scripts/start_sandbox.sh index 64964600..ce405d6e 100755 --- a/scripts/start_sandbox.sh +++ b/scripts/start_sandbox.sh @@ -2,8 +2,8 @@ set -euo pipefail IMAGE=gemini-code-sandbox -CLI_DIST=/usr/local/share/npm-global/lib/node_modules/\@gemini-code/cli WORKDIR=/sandbox/$(basename "$PWD") +CLI_DIST=/usr/local/share/npm-global/lib/node_modules/\@gemini-code/cli # use docker if installed, otherwise try to use podman instead if command -v docker &> /dev/null; then @@ -15,6 +15,19 @@ else exit 1 fi +# use interactive tty mode and auto-remove container on exit +run_args=(-it --rm) + +# mount current directory as $WORKDIR inside container +run_args+=(-v "$PWD:$WORKDIR") + +# name container after image, plus numeric suffix to avoid conflicts +INDEX=0 +while $CMD ps -a --format "{{.Names}}" | grep -q "$IMAGE-$INDEX"; do + INDEX=$((INDEX + 1)) +done +run_args+=(--name "$IMAGE-$INDEX") + # run gemini-code in sandbox container # use empty --authfile to skip unnecessary auth refresh overhead -$CMD run -it --rm --authfile <(echo '{}') -v"$PWD:$WORKDIR" --workdir "$WORKDIR" "$IMAGE" node "$CLI_DIST" \ No newline at end of file +$CMD run "${run_args[@]}" --authfile <(echo '{}') --workdir "$WORKDIR" "$IMAGE" node "$CLI_DIST" \ No newline at end of file