harivansh-afk/sandbox-agent
1
0
Fork 0
mirror of https://github.com/harivansh-afk/sandbox-agent.git synced 2026-04-17 16:02:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: add OpenSSL build for musl in runtime Dockerfile

Browse source
This commit is contained in:
Nathan Flurry 2026-01-28 01:23:51 -08:00
parent 6aa591bd91
commit 5dd8a13845
16 changed files with 262 additions and 376 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CLAUDE.md
View file

@ -28,7 +28,6 @@ Universal schema guidance:
## Spec Tracking ## Spec Tracking
- Update `todo.md` as work progresses; add new tasks as they arise.
- Keep CLI subcommands in sync with every HTTP endpoint. - Keep CLI subcommands in sync with every HTTP endpoint.
- Update `CLAUDE.md` to keep CLI endpoints in sync with HTTP API changes. - Update `CLAUDE.md` to keep CLI endpoints in sync with HTTP API changes.
- When changing the HTTP API, update the TypeScript SDK and CLI together. - When changing the HTTP API, update the TypeScript SDK and CLI together.

89
docker/runtime/Dockerfile
View file

@ -3,29 +3,102 @@
# Build stage - compile the binary # Build stage - compile the binary
FROM rust:1.88.0 AS builder FROM rust:1.88.0 AS builder
ARG TARGETARCH
ENV DEBIAN_FRONTEND=noninteractive ENV DEBIAN_FRONTEND=noninteractive
# Install dependencies
RUN apt-get update && apt-get install -y \ RUN apt-get update && apt-get install -y \
musl-tools \ musl-tools \
musl-dev \ musl-dev \
llvm-14-dev \
libclang-14-dev \
clang-14 \
libssl-dev \
pkg-config \ pkg-config \
ca-certificates \ ca-certificates \
git && \ g++ \
apt-get clean && \ g++-multilib \
git \
curl \
wget && \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*
RUN rustup target add x86_64-unknown-linux-musl # Install musl cross toolchain based on architecture
RUN if [ "$TARGETARCH" = "amd64" ]; then \
wget -q https://github.com/cross-tools/musl-cross/releases/latest/download/x86_64-unknown-linux-musl.tar.xz && \
tar -xf x86_64-unknown-linux-musl.tar.xz -C /opt/ && \
rm x86_64-unknown-linux-musl.tar.xz && \
rustup target add x86_64-unknown-linux-musl; \
elif [ "$TARGETARCH" = "arm64" ]; then \
wget -q https://github.com/cross-tools/musl-cross/releases/latest/download/aarch64-unknown-linux-musl.tar.xz && \
tar -xf aarch64-unknown-linux-musl.tar.xz -C /opt/ && \
rm aarch64-unknown-linux-musl.tar.xz && \
rustup target add aarch64-unknown-linux-musl; \
fi
# Set environment variables based on architecture
ENV LIBCLANG_PATH=/usr/lib/llvm-14/lib \
CLANG_PATH=/usr/bin/clang-14 \
CARGO_INCREMENTAL=0 \
CARGO_NET_GIT_FETCH_WITH_CLI=true
# Build OpenSSL for musl target
ENV SSL_VER=1.1.1w
RUN if [ "$TARGETARCH" = "amd64" ]; then \
export PATH="/opt/x86_64-unknown-linux-musl/bin:$PATH" && \
wget https://www.openssl.org/source/openssl-$SSL_VER.tar.gz && \
tar -xzf openssl-$SSL_VER.tar.gz && \
cd openssl-$SSL_VER && \
./Configure no-shared no-async --prefix=/musl --openssldir=/musl/ssl linux-x86_64 && \
make -j$(nproc) && \
make install_sw && \
cd .. && \
rm -rf openssl-$SSL_VER*; \
elif [ "$TARGETARCH" = "arm64" ]; then \
export PATH="/opt/aarch64-unknown-linux-musl/bin:$PATH" && \
wget https://www.openssl.org/source/openssl-$SSL_VER.tar.gz && \
tar -xzf openssl-$SSL_VER.tar.gz && \
cd openssl-$SSL_VER && \
./Configure no-shared no-async --prefix=/musl --openssldir=/musl/ssl linux-aarch64 && \
make -j$(nproc) && \
make install_sw && \
cd .. && \
rm -rf openssl-$SSL_VER*; \
fi
# Set OpenSSL environment variables
ENV OPENSSL_DIR=/musl \
OPENSSL_INCLUDE_DIR=/musl/include \
OPENSSL_LIB_DIR=/musl/lib \
PKG_CONFIG_ALLOW_CROSS=1
WORKDIR /build WORKDIR /build
COPY . . COPY . .
# Build static binary # Build static binary based on architecture
RUN --mount=type=cache,target=/usr/local/cargo/registry \ RUN --mount=type=cache,target=/usr/local/cargo/registry \
--mount=type=cache,target=/usr/local/cargo/git \ --mount=type=cache,target=/usr/local/cargo/git \
--mount=type=cache,target=/build/target \ --mount=type=cache,target=/build/target \
SANDBOX_AGENT_SKIP_INSPECTOR=1 \ if [ "$TARGETARCH" = "amd64" ]; then \
RUSTFLAGS="-C target-feature=+crt-static" \ export PATH="/opt/x86_64-unknown-linux-musl/bin:$PATH" && \
cargo build -p sandbox-agent --release --target x86_64-unknown-linux-musl && \ export CC_x86_64_unknown_linux_musl=x86_64-unknown-linux-musl-gcc && \
cp target/x86_64-unknown-linux-musl/release/sandbox-agent /sandbox-agent export CXX_x86_64_unknown_linux_musl=x86_64-unknown-linux-musl-g++ && \
export AR_x86_64_unknown_linux_musl=x86_64-unknown-linux-musl-ar && \
export CARGO_TARGET_X86_64_UNKNOWN_LINUX_MUSL_LINKER=x86_64-unknown-linux-musl-gcc && \
export RUSTFLAGS="-C target-feature=+crt-static -C link-arg=-static-libgcc" && \
SANDBOX_AGENT_SKIP_INSPECTOR=1 cargo build -p sandbox-agent --release --target x86_64-unknown-linux-musl && \
cp target/x86_64-unknown-linux-musl/release/sandbox-agent /sandbox-agent; \
elif [ "$TARGETARCH" = "arm64" ]; then \
export PATH="/opt/aarch64-unknown-linux-musl/bin:$PATH" && \
export CC_aarch64_unknown_linux_musl=aarch64-unknown-linux-musl-gcc && \
export CXX_aarch64_unknown_linux_musl=aarch64-unknown-linux-musl-g++ && \
export AR_aarch64_unknown_linux_musl=aarch64-unknown-linux-musl-ar && \
export CARGO_TARGET_AARCH64_UNKNOWN_LINUX_MUSL_LINKER=aarch64-unknown-linux-musl-gcc && \
export RUSTFLAGS="-C target-feature=+crt-static -C link-arg=-static-libgcc" && \
SANDBOX_AGENT_SKIP_INSPECTOR=1 cargo build -p sandbox-agent --release --target aarch64-unknown-linux-musl && \
cp target/aarch64-unknown-linux-musl/release/sandbox-agent /sandbox-agent; \
fi
# Runtime stage - minimal image # Runtime stage - minimal image
FROM debian:bookworm-slim FROM debian:bookworm-slim

1
examples/daytona/package.json
View file

@ -4,7 +4,6 @@
"type": "module", "type": "module",
"scripts": { "scripts": {
"start": "tsx src/daytona-fallback.ts", "start": "tsx src/daytona-fallback.ts",
"start:cli": "tsx src/daytona.ts",
"typecheck": "tsc --noEmit" "typecheck": "tsc --noEmit"
}, },
"dependencies": { "dependencies": {

18
examples/daytona/src/daytona-fallback.ts
View file

@ -12,7 +12,6 @@ if (
const SNAPSHOT = "sandbox-agent-ready"; const SNAPSHOT = "sandbox-agent-ready";
const BINARY = "/usr/local/bin/sandbox-agent"; const BINARY = "/usr/local/bin/sandbox-agent";
const AGENT_BIN_DIR = "/root/.local/share/sandbox-agent/bin";
const daytona = new Daytona(); const daytona = new Daytona();
@ -28,18 +27,11 @@ if (!hasSnapshot) {
image: Image.base("ubuntu:22.04").runCommands( image: Image.base("ubuntu:22.04").runCommands(
// Install dependencies // Install dependencies
"apt-get update && apt-get install -y curl ca-certificates", "apt-get update && apt-get install -y curl ca-certificates",
// Download sandbox-agent // Install sandbox-agent via install script
`curl -fsSL -o ${BINARY} https://releases.rivet.dev/sandbox-agent/latest/binaries/sandbox-agent-x86_64-unknown-linux-musl && chmod +x ${BINARY}`, "curl -fsSL https://releases.rivet.dev/sandbox-agent/latest/install.sh | sh",
// Create agent bin directory // Pre-install agents using sandbox-agent CLI
`mkdir -p ${AGENT_BIN_DIR}`, "sandbox-agent install-agent claude",
// Install Claude: get latest version, download binary "sandbox-agent install-agent codex",
`CLAUDE_VERSION=$(curl -fsSL https://storage.googleapis.com/claude-code-dist-86c565f3-f756-42ad-8dfa-d59b1c096819/claude-code-releases/latest) && ` +
`curl -fsSL -o ${AGENT_BIN_DIR}/claude "https://storage.googleapis.com/claude-code-dist-86c565f3-f756-42ad-8dfa-d59b1c096819/claude-code-releases/$CLAUDE_VERSION/linux-x64/claude" && ` +
`chmod +x ${AGENT_BIN_DIR}/claude`,
// Install Codex: download tarball, extract binary
`curl -fsSL -L https://github.com/openai/codex/releases/latest/download/codex-x86_64-unknown-linux-musl.tar.gz | tar -xzf - -C /tmp && ` +
`find /tmp -name 'codex-x86_64-unknown-linux-musl' -exec mv {} ${AGENT_BIN_DIR}/codex \\; && ` +
`chmod +x ${AGENT_BIN_DIR}/codex`,
), ),
}, },
{ onLogs: (log) => console.log(` ${log}`) }, { onLogs: (log) => console.log(` ${log}`) },

8
examples/daytona/src/daytona.ts
View file

@ -27,11 +27,11 @@ if (!hasSnapshot) {
image: Image.base("ubuntu:22.04").runCommands( image: Image.base("ubuntu:22.04").runCommands(
// Install dependencies // Install dependencies
"apt-get update && apt-get install -y curl ca-certificates", "apt-get update && apt-get install -y curl ca-certificates",
// Download sandbox-agent // Install sandbox-agent via install script
`curl -fsSL -o ${BINARY} https://releases.rivet.dev/sandbox-agent/latest/binaries/sandbox-agent-x86_64-unknown-linux-musl && chmod +x ${BINARY}`, "curl -fsSL https://releases.rivet.dev/sandbox-agent/latest/install.sh | sh",
// Pre-install agents using sandbox-agent CLI // Pre-install agents using sandbox-agent CLI
`${BINARY} install-agent claude`, "sandbox-agent install-agent claude",
`${BINARY} install-agent codex`, "sandbox-agent install-agent codex",
), ),
}, },
{ onLogs: (log) => console.log(` ${log}`) }, { onLogs: (log) => console.log(` ${log}`) },

3
examples/docker/package.json
View file

@ -3,7 +3,8 @@
"private": true, "private": true,
"type": "module", "type": "module",
"scripts": { "scripts": {
"start": "tsx src/docker.ts" "start": "tsx src/docker.ts",
"typecheck": "tsc --noEmit"
}, },
"dependencies": { "dependencies": {
"dockerode": "latest", "dockerode": "latest",

168
examples/docker/src/docker.ts
View file

@ -1,132 +1,58 @@
import Docker from "dockerode"; import Docker from "dockerode";
import { pathToFileURL } from "node:url"; import { logInspectorUrl, runPrompt, waitForHealth } from "@sandbox-agent/example-shared";
import {
ensureUrl,
logInspectorUrl,
runPrompt,
waitForHealth,
} from "@sandbox-agent/example-shared";
const INSTALL_SCRIPT = "curl -fsSL https://releases.rivet.dev/sandbox-agent/latest/install.sh | sh"; if (!process.env.OPENAI_API_KEY && !process.env.ANTHROPIC_API_KEY) {
const DEFAULT_IMAGE = "debian:bookworm-slim"; throw new Error("OPENAI_API_KEY or ANTHROPIC_API_KEY required");
const DEFAULT_PORT = 2468; }
async function pullImage(docker: Docker, image: string): Promise<void> { const IMAGE = "debian:bookworm-slim";
const PORT = 3000;
const docker = new Docker({ socketPath: "/var/run/docker.sock" });
// Pull image if needed
try {
await docker.getImage(IMAGE).inspect();
} catch {
console.log(`Pulling ${IMAGE}...`);
await new Promise<void>((resolve, reject) => { await new Promise<void>((resolve, reject) => {
docker.pull(image, (error, stream) => { docker.pull(IMAGE, (err: Error | null, stream: NodeJS.ReadableStream) => {
if (error) { if (err) return reject(err);
reject(error); docker.modem.followProgress(stream, (err: Error | null) => err ? reject(err) : resolve());
return;
}
docker.modem.followProgress(stream, (progressError) => {
if (progressError) {
reject(progressError);
} else {
resolve();
}
});
}); });
}); });
} }
async function ensureImage(docker: Docker, image: string): Promise<void> { console.log("Starting container...");
try { const container = await docker.createContainer({
await docker.getImage(image).inspect(); Image: IMAGE,
} catch { Cmd: ["bash", "-lc", [
await pullImage(docker, image); "apt-get update && apt-get install -y curl ca-certificates",
} "curl -fsSL https://releases.rivet.dev/sandbox-agent/latest/install.sh | sh",
} "sandbox-agent install-agent claude",
"sandbox-agent install-agent codex",
`sandbox-agent server --no-token --host 0.0.0.0 --port ${PORT}`,
].join(" && ")],
ExposedPorts: { [`${PORT}/tcp`]: {} },
HostConfig: {
AutoRemove: true,
PortBindings: { [`${PORT}/tcp`]: [{ HostPort: `${PORT}` }] },
},
});
await container.start();
export async function setupDockerSandboxAgent(): Promise<{ const baseUrl = `http://127.0.0.1:${PORT}`;
baseUrl: string; await waitForHealth({ baseUrl });
token: string; logInspectorUrl({ baseUrl });
cleanup: () => Promise<void>;
}> {
const token = process.env.SANDBOX_TOKEN || "";
const port = Number.parseInt(process.env.SANDBOX_PORT || "", 10) || DEFAULT_PORT;
const hostPort = Number.parseInt(process.env.SANDBOX_HOST_PORT || "", 10) || port;
const image = process.env.DOCKER_IMAGE || DEFAULT_IMAGE;
const containerName = process.env.DOCKER_CONTAINER_NAME;
const socketPath = process.env.DOCKER_SOCKET || "/var/run/docker.sock";
const docker = new Docker({ socketPath }); const cleanup = async () => {
await ensureImage(docker, image); console.log("Cleaning up...");
try { await container.stop({ t: 5 }); } catch {}
try { await container.remove({ force: true }); } catch {}
process.exit(0);
};
process.once("SIGINT", cleanup);
process.once("SIGTERM", cleanup);
const tokenFlag = token ? "--token $SANDBOX_TOKEN" : "--no-token"; await runPrompt({ baseUrl });
const command = [ await cleanup();
"bash",
"-lc",
[
"apt-get update",
"apt-get install -y curl ca-certificates",
INSTALL_SCRIPT,
`sandbox-agent server ${tokenFlag} --host 0.0.0.0 --port ${port}`,
].join(" && "),
];
const container = await docker.createContainer({
Image: image,
Cmd: command,
Env: token ? [`SANDBOX_TOKEN=${token}`] : [],
ExposedPorts: {
[`${port}/tcp`]: {},
},
HostConfig: {
AutoRemove: true,
PortBindings: {
[`${port}/tcp`]: [{ HostPort: `${hostPort}` }],
},
},
...(containerName ? { name: containerName } : {}),
});
await container.start();
const baseUrl = ensureUrl(`http://127.0.0.1:${hostPort}`);
await waitForHealth({ baseUrl, token });
logInspectorUrl({ baseUrl, token });
const cleanup = async () => {
try {
await container.stop({ t: 5 });
} catch {
// ignore stop errors
}
try {
await container.remove({ force: true });
} catch {
// ignore remove errors
}
};
return {
baseUrl,
token,
cleanup,
};
}
async function main(): Promise<void> {
const { baseUrl, token, cleanup } = await setupDockerSandboxAgent();
const exitHandler = async () => {
await cleanup();
process.exit(0);
};
process.on("SIGINT", () => {
void exitHandler();
});
process.on("SIGTERM", () => {
void exitHandler();
});
await runPrompt({ baseUrl, token });
}
if (process.argv[1] && import.meta.url === pathToFileURL(process.argv[1]).href) {
main().catch((error) => {
console.error(error);
process.exit(1);
});
}

16
examples/docker/tsconfig.json Normal file
View file

@ -0,0 +1,16 @@
{
"compilerOptions": {
"target": "ES2022",
"lib": ["ES2022", "DOM"],
"module": "ESNext",
"moduleResolution": "Bundler",
"allowImportingTsExtensions": true,
"noEmit": true,
"esModuleInterop": true,
"strict": true,
"skipLibCheck": true,
"resolveJsonModule": true
},
"include": ["src/**/*"],
"exclude": ["node_modules", "**/*.test.ts"]
}

3
examples/e2b/package.json
View file

@ -3,7 +3,8 @@
"private": true, "private": true,
"type": "module", "type": "module",
"scripts": { "scripts": {
"start": "tsx src/e2b.ts" "start": "tsx src/e2b.ts",
"typecheck": "tsc --noEmit"
}, },
"dependencies": { "dependencies": {
"@e2b/code-interpreter": "latest", "@e2b/code-interpreter": "latest",

101
examples/e2b/src/e2b.ts
View file

@ -1,89 +1,32 @@
import { Sandbox } from "@e2b/code-interpreter"; import { Sandbox } from "@e2b/code-interpreter";
import { pathToFileURL } from "node:url"; import { logInspectorUrl, runPrompt } from "@sandbox-agent/example-shared";
import {
ensureUrl,
logInspectorUrl,
runPrompt,
waitForHealth,
} from "@sandbox-agent/example-shared";
const INSTALL_SCRIPT = "curl -fsSL https://releases.rivet.dev/sandbox-agent/latest/install.sh | sh"; if (!process.env.E2B_API_KEY || (!process.env.OPENAI_API_KEY && !process.env.ANTHROPIC_API_KEY)) {
const DEFAULT_PORT = 2468; throw new Error("E2B_API_KEY and (OPENAI_API_KEY or ANTHROPIC_API_KEY) required");
type CommandRunner = (command: string, options?: Record<string, unknown>) => Promise<unknown>;
function resolveCommandRunner(sandbox: Sandbox): CommandRunner {
if (sandbox.commands?.run) {
return sandbox.commands.run.bind(sandbox.commands);
}
if (sandbox.commands?.exec) {
return sandbox.commands.exec.bind(sandbox.commands);
}
throw new Error("E2B SDK does not expose commands.run or commands.exec");
} }
export async function setupE2BSandboxAgent(): Promise<{ const sandbox = await Sandbox.create({ allowInternetAccess: true });
baseUrl: string;
token: string;
cleanup: () => Promise<void>;
}> {
const token = process.env.SANDBOX_TOKEN || "";
const port = Number.parseInt(process.env.SANDBOX_PORT || "", 10) || DEFAULT_PORT;
const sandbox = await Sandbox.create({ const run = (cmd: string) => sandbox.commands.run(cmd);
allowInternetAccess: true,
envs: token ? { SANDBOX_TOKEN: token } : undefined,
});
const runCommand = resolveCommandRunner(sandbox); console.log("Installing sandbox-agent...");
await run("curl -fsSL https://releases.rivet.dev/sandbox-agent/latest/install.sh | sh");
await run("sandbox-agent install-agent claude");
await run("sandbox-agent install-agent codex");
await runCommand(`bash -lc "${INSTALL_SCRIPT}"`); console.log("Starting server...");
const tokenFlag = token ? "--token $SANDBOX_TOKEN" : "--no-token"; await sandbox.commands.run("sandbox-agent server --no-token --host 0.0.0.0 --port 3000", { background: true });
await runCommand(`bash -lc "sandbox-agent server ${tokenFlag} --host 0.0.0.0 --port ${port}"`, {
background: true,
envs: token ? { SANDBOX_TOKEN: token } : undefined,
});
const baseUrl = ensureUrl(sandbox.getHost(port)); const baseUrl = `https://${sandbox.getHost(3000)}`;
await waitForHealth({ baseUrl, token }); logInspectorUrl({ baseUrl });
logInspectorUrl({ baseUrl, token });
const cleanup = async () => { const cleanup = async () => {
try { console.log("Cleaning up...");
await sandbox.kill(); await sandbox.kill();
} catch { process.exit(0);
// ignore cleanup errors };
} process.once("SIGINT", cleanup);
}; process.once("SIGTERM", cleanup);
return { await runPrompt({ baseUrl });
baseUrl, await cleanup();
token,
cleanup,
};
}
async function main(): Promise<void> {
const { baseUrl, token, cleanup } = await setupE2BSandboxAgent();
const exitHandler = async () => {
await cleanup();
process.exit(0);
};
process.on("SIGINT", () => {
void exitHandler();
});
process.on("SIGTERM", () => {
void exitHandler();
});
await runPrompt({ baseUrl, token });
}
if (process.argv[1] && import.meta.url === pathToFileURL(process.argv[1]).href) {
main().catch((error) => {
console.error(error);
process.exit(1);
});
}

16
examples/e2b/tsconfig.json Normal file
View file

@ -0,0 +1,16 @@
{
"compilerOptions": {
"target": "ES2022",
"lib": ["ES2022", "DOM"],
"module": "ESNext",
"moduleResolution": "Bundler",
"allowImportingTsExtensions": true,
"noEmit": true,
"esModuleInterop": true,
"strict": true,
"skipLibCheck": true,
"resolveJsonModule": true
},
"include": ["src/**/*"],
"exclude": ["node_modules", "**/*.test.ts"]
}

40
examples/shared/src/sandbox-agent-client.ts
View file

@ -1,4 +1,4 @@
import { createInterface } from "node:readline"; import { createInterface } from "node:readline/promises";
import { randomUUID } from "node:crypto"; import { randomUUID } from "node:crypto";
import { setTimeout as delay } from "node:timers/promises"; import { setTimeout as delay } from "node:timers/promises";
@ -277,25 +277,13 @@ export async function runPrompt({
agentId?: string; agentId?: string;
}): Promise<void> { }): Promise<void> {
const sessionId = await createSession({ baseUrl, token, extraHeaders, agentId }); const sessionId = await createSession({ baseUrl, token, extraHeaders, agentId });
console.log(`Session ${sessionId} ready. Press Ctrl+C to quit.`);
console.log(`Session ${sessionId} ready. Type /exit to quit.`); const rl = createInterface({ input: process.stdin, output: process.stdout });
const rl = createInterface({ while (true) {
input: process.stdin, const line = await rl.question("> ");
output: process.stdout, if (!line.trim()) continue;
prompt: "> ",
});
const handleLine = async (line: string) => {
const trimmed = line.trim();
if (!trimmed) {
rl.prompt();
return;
}
if (trimmed === "/exit") {
rl.close();
return;
}
try { try {
await sendMessageStream({ await sendMessageStream({
@ -303,24 +291,12 @@ export async function runPrompt({
token, token,
extraHeaders, extraHeaders,
sessionId, sessionId,
message: trimmed, message: line.trim(),
onText: (text) => process.stdout.write(text), onText: (text) => process.stdout.write(text),
}); });
process.stdout.write("\n"); process.stdout.write("\n");
} catch (error) { } catch (error) {
console.error(error instanceof Error ? error.message : error); console.error(error instanceof Error ? error.message : error);
} }
}
rl.prompt();
};
rl.on("line", (line) => {
void handleLine(line);
});
rl.on("close", () => {
process.exit(0);
});
rl.prompt();
} }

3
examples/vercel/package.json
View file

@ -3,7 +3,8 @@
"private": true, "private": true,
"type": "module", "type": "module",
"scripts": { "scripts": {
"start": "tsx src/vercel-sandbox.ts" "start": "tsx src/vercel-sandbox.ts",
"typecheck": "tsc --noEmit"
}, },
"dependencies": { "dependencies": {
"@vercel/sandbox": "latest", "@vercel/sandbox": "latest",

141
examples/vercel/src/vercel-sandbox.ts
View file

@ -1,105 +1,46 @@
import { Sandbox } from "@vercel/sandbox"; import { Sandbox } from "@vercel/sandbox";
import { pathToFileURL } from "node:url"; import { logInspectorUrl, runPrompt, waitForHealth } from "@sandbox-agent/example-shared";
import {
ensureUrl,
logInspectorUrl,
runPrompt,
waitForHealth,
} from "@sandbox-agent/example-shared";
const INSTALL_SCRIPT = "curl -fsSL https://releases.rivet.dev/sandbox-agent/latest/install.sh | sh"; if (!process.env.OPENAI_API_KEY && !process.env.ANTHROPIC_API_KEY) {
const DEFAULT_PORT = 2468; throw new Error("OPENAI_API_KEY or ANTHROPIC_API_KEY required");
}
type VercelSandboxOptions = { const PORT = 3000;
runtime: string;
ports: number[]; const sandbox = await Sandbox.create({
token?: string; runtime: process.env.VERCEL_RUNTIME || "node24",
teamId?: string; ports: [PORT],
projectId?: string; ...(process.env.VERCEL_TOKEN && process.env.VERCEL_TEAM_ID && process.env.VERCEL_PROJECT_ID
? { token: process.env.VERCEL_TOKEN, teamId: process.env.VERCEL_TEAM_ID, projectId: process.env.VERCEL_PROJECT_ID }
: {}),
});
const run = (cmd: string) => sandbox.runCommand({ cmd: "bash", args: ["-lc", cmd], sudo: true });
console.log("Installing sandbox-agent...");
await run("curl -fsSL https://releases.rivet.dev/sandbox-agent/latest/install.sh | sh");
await run("sandbox-agent install-agent claude");
await run("sandbox-agent install-agent codex");
console.log("Starting server...");
await sandbox.runCommand({
cmd: "bash",
args: ["-lc", `sandbox-agent server --no-token --host 0.0.0.0 --port ${PORT}`],
sudo: true,
detached: true,
});
const baseUrl = `https://${sandbox.domain(PORT)}`;
await waitForHealth({ baseUrl });
logInspectorUrl({ baseUrl });
const cleanup = async () => {
console.log("Cleaning up...");
await sandbox.stop();
process.exit(0);
}; };
process.once("SIGINT", cleanup);
process.once("SIGTERM", cleanup);
export async function setupVercelSandboxAgent(): Promise<{ await runPrompt({ baseUrl });
baseUrl: string; await cleanup();
token: string;
cleanup: () => Promise<void>;
}> {
const token = process.env.SANDBOX_TOKEN || "";
const port = Number.parseInt(process.env.SANDBOX_PORT || "", 10) || DEFAULT_PORT;
const runtime = process.env.VERCEL_RUNTIME || "node24";
const createOptions: VercelSandboxOptions = {
runtime,
ports: [port],
};
const accessToken = process.env.VERCEL_TOKEN;
const teamId = process.env.VERCEL_TEAM_ID;
const projectId = process.env.VERCEL_PROJECT_ID;
if (accessToken && teamId && projectId) {
createOptions.token = accessToken;
createOptions.teamId = teamId;
createOptions.projectId = projectId;
}
const sandbox = await Sandbox.create(createOptions);
await sandbox.runCommand({
cmd: "bash",
args: ["-lc", INSTALL_SCRIPT],
sudo: true,
});
const tokenFlag = token ? "--token $SANDBOX_TOKEN" : "--no-token";
await sandbox.runCommand({
cmd: "bash",
args: [
"-lc",
`SANDBOX_TOKEN=${token} sandbox-agent server ${tokenFlag} --host 0.0.0.0 --port ${port}`,
],
sudo: true,
detached: true,
});
const baseUrl = ensureUrl(sandbox.domain(port));
await waitForHealth({ baseUrl, token });
logInspectorUrl({ baseUrl, token });
const cleanup = async () => {
try {
await sandbox.stop();
} catch {
// ignore cleanup errors
}
};
return {
baseUrl,
token,
cleanup,
};
}
async function main(): Promise<void> {
const { baseUrl, token, cleanup } = await setupVercelSandboxAgent();
const exitHandler = async () => {
await cleanup();
process.exit(0);
};
process.on("SIGINT", () => {
void exitHandler();
});
process.on("SIGTERM", () => {
void exitHandler();
});
await runPrompt({ baseUrl, token });
}
if (process.argv[1] && import.meta.url === pathToFileURL(process.argv[1]).href) {
main().catch((error) => {
console.error(error);
process.exit(1);
});
}

16
examples/vercel/tsconfig.json Normal file
View file

@ -0,0 +1,16 @@
{
"compilerOptions": {
"target": "ES2022",
"lib": ["ES2022", "DOM"],
"module": "ESNext",
"moduleResolution": "Bundler",
"allowImportingTsExtensions": true,
"noEmit": true,
"esModuleInterop": true,
"strict": true,
"skipLibCheck": true,
"resolveJsonModule": true
},
"include": ["src/**/*"],
"exclude": ["node_modules", "**/*.test.ts"]
}

14
todo.md
View file

@ -1,14 +0,0 @@
# Todo
- [x] Replace server --mock flag with built-in mock agent and update UI approvals layout.
- [x] Add telemetry module with opt-out flag and sandbox provider detection.
- [x] Add turn-stream message endpoint with SSE response and tests.
- [x] Update CLI + TypeScript SDK/OpenAPI for turn streaming.
- [x] Add inspector UI mode for turn stream and wire send flow.
- [x] Refresh docs for new endpoint and UI mode.
- [x] Add Docker/Vercel/Daytona/E2B examples with basic prompt scripts and tests.
- [x] Add unified AgentServerManager for shared agent servers (Codex/OpenCode).
- [x] Expose server status details in agent list API (uptime/restarts/last error/base URL).
- [x] Add local agent install CLI command and document optional preinstall step.
- [x] Move API CLI commands under the api subcommand.
- [ ] Regenerate TypeScript SDK from updated OpenAPI (blocked: Node/pnpm not available in env).