refactor(sandbox): unify scope + per-agent overrides

2026-01-08 01:17:49 +01:00
parent ad8b7c739b
commit 145fe1cec7
10 changed files with 343 additions and 140 deletions
--- a/src/config/types.ts
+++ b/src/config/types.ts
@@ -625,6 +625,24 @@ export type SandboxDockerSettings = {
  extraHosts?: string[];
 };

+export type SandboxBrowserSettings = {
+  enabled?: boolean;
+  image?: string;
+  containerPrefix?: string;
+  cdpPort?: number;
+  vncPort?: number;
+  noVncPort?: number;
+  headless?: boolean;
+  enableNoVnc?: boolean;
+};
+
+export type SandboxPruneSettings = {
+  /** Prune if idle for more than N hours (0 disables). */
+  idleHours?: number;
+  /** Prune if older than N days (0 disables). */
+  maxAgeDays?: number;
+};
+
 export type GroupChatConfig = {
  mentionPatterns?: string[];
  historyLimit?: number;
@@ -663,11 +681,15 @@ export type RoutingConfig = {
        workspaceRoot?: string;
        /** Docker-specific sandbox overrides for this agent. */
        docker?: SandboxDockerSettings;
+        /** Optional sandboxed browser overrides for this agent. */
+        browser?: SandboxBrowserSettings;
        /** Tool allow/deny policy for sandboxed sessions (deny wins). */
        tools?: {
          allow?: string[];
          deny?: string[];
        };
+        /** Auto-prune overrides for this agent. */
+        prune?: SandboxPruneSettings;
      };
      tools?: {
        allow?: string[];
@@ -1093,28 +1115,14 @@ export type ClawdbotConfig = {
      /** Docker-specific sandbox settings. */
      docker?: SandboxDockerSettings;
      /** Optional sandboxed browser settings. */
-      browser?: {
-        enabled?: boolean;
-        image?: string;
-        containerPrefix?: string;
-        cdpPort?: number;
-        vncPort?: number;
-        noVncPort?: number;
-        headless?: boolean;
-        enableNoVnc?: boolean;
-      };
+      browser?: SandboxBrowserSettings;
      /** Tool allow/deny policy (deny wins). */
      tools?: {
        allow?: string[];
        deny?: string[];
      };
      /** Auto-prune sandbox containers. */
-      prune?: {
-        /** Prune if idle for more than N hours (0 disables). */
-        idleHours?: number;
-        /** Prune if older than N days (0 disables). */
-        maxAgeDays?: number;
-      };
+      prune?: SandboxPruneSettings;
    };
    /** Global tool allow/deny policy for all providers (deny wins). */
    tools?: {