- This can now be invoked with `npm run bundle`, it creates a `bundle/` folder that has:
- gemini.js
- sandbox-macos-minimal.sb
- sandbox-macos-strict.sb
- shell.json
- shell.md
- This doesn't include any sort of automation for auto bundling pieces. It's just the root capability which we can weave into other locations.
Fixes https://b.corp.google.com/issues/411432723
* SANDBOX_SET_UID_GID option for systems where this is necessary (should be only rootful docker on linux w/o userns-remap configured)
* Merge remote-tracking branch 'origin/main' into sandbox_uid_gid
* enable servers in sandbox to listen on localhost (127.0.0.1) instead of 0.0.0.0, ensuring servers can be container/host-agnostic
* Merge remote-tracking branch 'origin/main' into sandbox_localhost_works
* env flags SANDBOX_{MOUNTS,ENV}, improved debugging through sandbox that should now work in all scenarios
* Merge remote-tracking branch 'origin/main' into sandbox_flags_improved_debugging
* instant (dev) sandbox
* leave Dockerfile as is to pass deploy test
* fix comma
* fix prod build
* do not use "images exists" which docker does not support
* separate dev-mode flag
* Merge remote-tracking branch 'origin/main' into instant_sandbox
* shell bones
* Merge remote-tracking branch 'origin/main' into shell_bones
* add line break
* another line break
* drop the log to avoid breaking terminals
* rename tool to be consistent with terminal
* fix build
If `nounset` is active, it'll require that TERM and COLORTERM is set in the
environment. It's not necessary that these variables are set and it should be
passed to the sandbox. This change just causes the TERM and COLORTERM to be set
to an empty string if they are unset.
During docker build `npm install` running as node was exiting with 243 (EACCES) from trying to install the tgz files because `npm pack` created the files with 400 permissions on my system.