let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test(sandbox): add coverage for binds -v flag emission

Browse Source
This commit is contained in:
Aaron Konyer
2026-01-12 13:40:33 -07:00
committed by Peter Steinberger
parent 0b2b8c7c52
commit 583fc4fb11
3 changed files with 71 additions and 11159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11154
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

66
src/agents/sandbox-create-args.test.ts
View File

@@ -91,4 +91,70 @@ describe("buildSandboxCreateArgs", () => {
expect.arrayContaining(["nofile=1024:2048", "nproc=128", "core=0"]), expect.arrayContaining(["nofile=1024:2048", "nproc=128", "core=0"]),
); );
}); });
it("emits -v flags for custom binds", () => {
const cfg: SandboxDockerConfig = {
image: "clawdbot-sandbox:bookworm-slim",
containerPrefix: "clawdbot-sbx-",
workdir: "/workspace",
readOnlyRoot: false,
tmpfs: [],
network: "none",
capDrop: [],
binds: [
"/home/user/source:/source:rw",
"/var/run/docker.sock:/var/run/docker.sock",
],
};
const args = buildSandboxCreateArgs({
name: "clawdbot-sbx-binds",
cfg,
scopeKey: "main",
createdAtMs: 1700000000000,
});
expect(args).toContain("-v");
const vFlags: string[] = [];
for (let i = 0; i < args.length; i++) {
if (args[i] === "-v") {
const value = args[i + 1];
if (value) vFlags.push(value);
}
}
expect(vFlags).toContain("/home/user/source:/source:rw");
expect(vFlags).toContain("/var/run/docker.sock:/var/run/docker.sock");
});
it("omits -v flags when binds is empty or undefined", () => {
const cfg: SandboxDockerConfig = {
image: "clawdbot-sandbox:bookworm-slim",
containerPrefix: "clawdbot-sbx-",
workdir: "/workspace",
readOnlyRoot: false,
tmpfs: [],
network: "none",
capDrop: [],
binds: [],
};
const args = buildSandboxCreateArgs({
name: "clawdbot-sbx-no-binds",
cfg,
scopeKey: "main",
createdAtMs: 1700000000000,
});
// Count -v flags that are NOT workspace mounts (workspace mounts are internal)
const customVFlags: string[] = [];
for (let i = 0; i < args.length; i++) {
if (args[i] === "-v") {
const value = args[i + 1];
if (value && !value.includes("/workspace")) {
customVFlags.push(value);
}
}
}
expect(customVFlags).toHaveLength(0);
});
}); });

10
src/agents/sandbox.ts
View File

@@ -1020,6 +1020,11 @@ export function buildSandboxCreateArgs(params: {
const formatted = formatUlimitValue(name, value); const formatted = formatUlimitValue(name, value);
if (formatted) args.push("--ulimit", formatted); if (formatted) args.push("--ulimit", formatted);
} }
if (params.cfg.binds?.length) {
for (const bind of params.cfg.binds) {
args.push("-v", bind);
}
}
return args; return args;
} }
@@ -1055,11 +1060,6 @@ async function createSandboxContainer(params: {
`${params.agentWorkspaceDir}:${SANDBOX_AGENT_WORKSPACE_MOUNT}${agentMountSuffix}`, `${params.agentWorkspaceDir}:${SANDBOX_AGENT_WORKSPACE_MOUNT}${agentMountSuffix}`,
); );
} }
if (cfg.binds?.length) {
for (const bind of cfg.binds) {
args.push("-v", bind);
}
}
args.push(cfg.image, "sleep", "infinity"); args.push(cfg.image, "sleep", "infinity");
await execDocker(args); await execDocker(args);