124 lines
3.4 KiB
JavaScript
124 lines
3.4 KiB
JavaScript
/**
|
|
* @license
|
|
* Copyright 2025 Google LLC
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
*/
|
|
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
import { execSync, spawn } from 'child_process';
|
|
import yargs from 'yargs';
|
|
import { hideBin } from 'yargs/helpers';
|
|
|
|
try {
|
|
execSync('node scripts/sandbox_command.js -q');
|
|
} catch {
|
|
console.error('ERROR: sandboxing disabled. See docs to enable sandboxing.');
|
|
process.exit(1);
|
|
}
|
|
|
|
const argv = yargs(hideBin(process.argv)).option('i', {
|
|
alias: 'interactive',
|
|
type: 'boolean',
|
|
default: false,
|
|
}).argv;
|
|
|
|
if (argv.i && !process.stdin.isTTY) {
|
|
console.error(
|
|
'ERROR: interactive mode (-i) requested without a terminal attached',
|
|
);
|
|
process.exit(1);
|
|
}
|
|
|
|
const image = 'gemini-cli-sandbox';
|
|
const sandboxCommand = execSync('node scripts/sandbox_command.js')
|
|
.toString()
|
|
.trim();
|
|
|
|
const sandboxes = execSync(
|
|
`${sandboxCommand} ps --filter "ancestor=${image}" --format "{{.Names}}"`,
|
|
)
|
|
.toString()
|
|
.trim()
|
|
.split('\n')
|
|
.filter(Boolean);
|
|
|
|
let sandboxName;
|
|
const firstArg = argv._[0];
|
|
|
|
if (firstArg) {
|
|
if (firstArg.startsWith(image) || /^\d+$/.test(firstArg)) {
|
|
sandboxName = firstArg.startsWith(image)
|
|
? firstArg
|
|
: `${image}-${firstArg}`;
|
|
argv._.shift();
|
|
}
|
|
}
|
|
|
|
if (!sandboxName) {
|
|
if (sandboxes.length === 0) {
|
|
console.error(
|
|
'No sandboxes found. Are you running gemini-cli with sandboxing enabled?',
|
|
);
|
|
process.exit(1);
|
|
}
|
|
if (sandboxes.length > 1) {
|
|
console.error('Multiple sandboxes found:');
|
|
sandboxes.forEach((s) => console.error(` ${s}`));
|
|
console.error(
|
|
'Sandbox name or index (0,1,...) must be specified as first argument',
|
|
);
|
|
process.exit(1);
|
|
}
|
|
sandboxName = sandboxes[0];
|
|
}
|
|
|
|
if (!sandboxes.includes(sandboxName)) {
|
|
console.error(`unknown sandbox ${sandboxName}`);
|
|
console.error('known sandboxes:');
|
|
sandboxes.forEach((s) => console.error(` ${s}`));
|
|
process.exit(1);
|
|
}
|
|
|
|
const execArgs = [];
|
|
let commandToRun = [];
|
|
|
|
// Determine interactive flags.
|
|
// If a command is provided, only be interactive if -i is passed.
|
|
// If no command is provided, always be interactive.
|
|
if (argv._.length > 0) {
|
|
if (argv.i) {
|
|
execArgs.push('-it');
|
|
}
|
|
} else {
|
|
execArgs.push('-it');
|
|
}
|
|
|
|
// Determine the command to run inside the container.
|
|
if (argv._.length > 0) {
|
|
// Join all positional arguments into a single command string.
|
|
const userCommand = argv._.join(' ');
|
|
// The container is Linux, so we use bash -l -c to execute the command string.
|
|
// This is cross-platform because it's what the container runs, not the host.
|
|
commandToRun = ['bash', '-l', '-c', userCommand];
|
|
} else {
|
|
// No command provided, so we start an interactive bash login shell.
|
|
commandToRun = ['bash', '-l'];
|
|
}
|
|
|
|
const spawnArgs = ['exec', ...execArgs, sandboxName, ...commandToRun];
|
|
|
|
// Use spawn to avoid shell injection issues and handle arguments correctly.
|
|
spawn(sandboxCommand, spawnArgs, { stdio: 'inherit' });
|