feat(sandbox): index provider env by type and auto-configure Claude Code#311
Open
feat(sandbox): index provider env by type and auto-configure Claude Code#311
Conversation
Restructure GetSandboxProviderEnvironmentResponse to index credential env vars by provider type instead of a flat map. This lets the sandbox supervisor know which provider types are attached and act on them. When the anthropic provider type is present, the supervisor writes ~/.claude.json with hasCompletedOnboarding: true before spawning the entrypoint, eliminating the need to manually create and upload Claude Code config files.
…preserve existing .claude.json
drew
force-pushed
the
feat/provider-env-by-type-claude-autoconfig
branch
from
0a0886e to
c09fd4f
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
GetSandboxProviderEnvironmentResponseto index credential env vars by provider type (map<string, ProviderEnvironmentEntry>) instead of a flatmap<string, string>anthropicprovider type is present, the sandbox supervisor writes~/.claude.jsonwith{"hasCompletedOnboarding": true}before spawning the entrypointopenshell sandbox upload .claude.jsonstep —--provider anthropicnow just works with Claude CodeMotivation
Using Claude Code inside an OpenShell sandbox previously required manually creating and uploading a
.claude.jsonconfig file. With this change, if a user hasANTHROPIC_API_KEYset and passes--provider anthropicto a sandbox, Claude Code starts without interactive onboarding.Changes
Proto (
proto/openshell.proto)ProviderEnvironmentEntrymessage containingmap<string, string> environmentGetSandboxProviderEnvironmentResponse.environmentreplaced withmap<string, ProviderEnvironmentEntry> providerskeyed by provider typeServer (
crates/openshell-server/src/grpc.rs)resolve_provider_environmentnow returnsProviderEnvByType— aHashMap<String, HashMap<String, String>>keyed by provider typeSandbox client (
crates/openshell-sandbox/src/grpc_client.rs)ProviderEnvironmentstruct withby_type: HashMap<String, HashMap<String, String>>flatten()— merges all type entries into a single env map for child process injectionhas_provider_type(&str)— checks if a specific provider type is presentprovider_types()— lists all attached provider typesSandbox supervisor (
crates/openshell-sandbox/src/lib.rs)has_provider_type("anthropic")to decide config writingwrite_provider_configs()function writes~/.claude.jsonto the sandbox user's home directory/etc/passwdat runtime (works with standard and BYOC images)Tests
resolve_provider_environmenttests updated for the new indexed return typeresolve_provider_env_same_type_merges— verifies two providers of the same type merge correctlydefault()which is an emptyprovidersmap)Testing
mise run pre-commitpasses (lint, format, all 698 tests green)openshell sandbox create --provider anthropic -- claude -p "hello"should work without manual config upload