Skip to content

fix: correct agents dockerfile #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
LeoVS09 merged 3 commits into from
Jun 6, 2026
Merged

fix: correct agents dockerfile #7

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
755a364
docs: add devcontainer logo
LeoVS09 Jun 6, 2026
3eccc29
docs: correct repo name
LeoVS09 Jun 6, 2026
dac84e8
fix: correct agents dockerfile lint
LeoVS09 Jun 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 18 additions & 10 deletions Dockerfile.agents
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -198,18 +198,27 @@ RUN npm install -g \
# something later prepends a different Go to PATH).
#
# Building as root risks mise refusing to operate when the data dir is owned
# by a different user, so we build under vscode and use `sudo install` to
# place the binary system-wide into /usr/local/bin (matches the legacy
# .devcontainer/Dockerfile layout — codemap is available to every user).
# by a different user, so the clone + build run under vscode. We avoid `cd`
# (DL3003) by passing `go build -C <dir>` (Go 1.21+ requires `-C` to be the
# first flag) which builds inside the clone without changing the RUN's working
# directory.
#
# The /tmp/codemap clone is removed inside the same RUN to keep the layer
# small.
# Placing the binary system-wide into /usr/local/bin (matches the legacy
# .devcontainer/Dockerfile layout — codemap is available to every user)
# requires root. Rather than `sudo install` (DL3004 — sudo in RUN is an
# error-severity rule), we split into two RUNs: the vscode build above, then a
# `USER root` step that `install`s the binary and removes the /tmp build dir.
# Tradeoff: the intermediate vscode layer still contains /tmp/codemap, so the
# clone/build artifacts live in an earlier layer even though the final
# filesystem is clean — acceptable here (small Go module, not secret-bearing).
###############################################################################
RUN git clone --depth 1 https://github.com/JordanCoin/codemap.git /tmp/codemap \
&& cd /tmp/codemap \
&& /usr/local/share/mise/shims/go build -o /tmp/codemap/codemap . \
&& sudo install -m 0755 /tmp/codemap/codemap /usr/local/bin/codemap \
&& /usr/local/share/mise/shims/go build -C /tmp/codemap -o /tmp/codemap/codemap .

USER root
RUN install -m 0755 /tmp/codemap/codemap /usr/local/bin/codemap \
&& rm -rf /tmp/codemap
USER vscode

###############################################################################
# gopls — Go language server.
Expand Down Expand Up @@ -301,9 +310,8 @@ USER vscode

RUN set -eux; \
git clone --depth 1 https://github.com/docker/mcp-gateway.git /tmp/mcp-gateway; \
cd /tmp/mcp-gateway; \
HOME=/home/vscode DOCKER_MCP_CLI_PLUGIN_DST=/home/vscode/.docker/cli-plugins/docker-mcp \
make docker-mcp; \
make -C /tmp/mcp-gateway docker-mcp; \
rm -rf /tmp/mcp-gateway

###############################################################################
Expand Down
6 changes: 5 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,10 @@
<p align="center">
<img src="https://raw.githubusercontent.com/microsoft/fluentui-system-icons/78c9587b995299d5bfc007a0077773556ecb0994/assets/Cube/SVG/ic_fluent_cube_32_filled.svg" width="128px" alt="devcontainers organization logo" />
</p>

<div align="center">

<h1>NeoLab Agent Sandbox</h1>
<h1>Agent Sandbox</h1>

Development container for agents and people, that not allow agents to break your system.

Expand Down
Loading