# Sandboxes Friction Log

## 2026-02-08 - uncommitted

### What I Was Working On

Implementing provider adapters (`worktree`, `daytona`) under the backend package.

### Friction / Issue

Provider interface intentionally keeps `DestroySandboxRequest` minimal (`workspaceId`, `sandboxId`), but local git worktree cleanup may need repo context.

### Attempted Fix / Workaround

1. Kept provider API stable and provider-agnostic.
2. Implemented safe best-effort destroy in `worktree` provider and avoided hard failures when repo context is unavailable.
3. Preserved status updates in task runtime/events so kill/archive state remains consistent.

### Outcome

- Provider abstraction remains consistent across local/remote backends.
- Follow-up item: enrich destroy flow with provider-owned metadata lookup so `worktree` cleanup can be fully deterministic without extra request fields.

## 2026-02-12 - uncommitted

### What I Was Working On

Upgrading the Daytona provider to bootstrap `sandbox-agent 0.2.0` and install the codex agent at sandbox initialization time.

### Friction / Issue

Daytona sandbox network/DNS restrictions can block agent binary download from GitHub (`codex` install step fails with DNS resolution errors), even when Daytona API access succeeds.

### Attempted Fix / Workaround

1. Added bootstrap steps to install missing base tools (`curl`) in minimal `ubuntu:24.04` sandboxes.
2. Switched sandbox-agent installation to strict `bash -lc` flows with `set -euo pipefail` and explicit health checks.
3. Verified that bootstrap reaches running sandbox-agent endpoint, then observed intermittent/blocked codex install due upstream DNS/network limits in sandbox runtime.

### Outcome

- Daytona provider lifecycle and sandbox-agent server bootstrap are functional.
- Codex agent installation remains environment-dependent when outbound GitHub access is blocked by sandbox networking policy.

## 2026-02-13 - uncommitted

### What I Was Working On

Removing the local `worktree` provider entirely and migrating the product workflow to sandboxes-only with repo remotes (backend-owned local clones + daytona sandbox workdirs).

### Friction / Issue

The previous end-to-end flow implicitly depended on local filesystem paths (`repoPath`, `worktreePath`) being passed through contracts and used directly by actors for git operations and PR creation.

### Attempted Fix / Workaround

1. Introduced explicit repo remote records (`WorkspaceActor.addRepo`) and validated remotes with `git ls-remote`.
2. Made `ProjectActor` assert a backend-owned local clone exists on wake and fetch remote branch state from that clone.
3. Updated PR creation to avoid requiring a checked-out branch by using `gh pr create --head <branch>`.
4. Updated `DaytonaProvider.createSandbox` to clone the repo and checkout the branch into a deterministic workdir and return it as `cwd` for sandbox-agent sessions.

### Outcome

- Worktree support is removed; UI/CLI no longer accept local repo paths.
- Repo state is tracked via remote + backend-owned clones, and agent sessions can start in a repo directory inside the sandbox.