-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
55 lines (41 loc) · 2.09 KB
/
Copy pathDockerfile
File metadata and controls
55 lines (41 loc) · 2.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
FROM python:3.12-slim-bookworm
LABEL org.opencontainers.image.source="https://github.com/EternisAI/agent-sandbox"
RUN apt-get update && apt-get install -y --no-install-recommends \
bash \
curl \
git \
jq \
sudo \
ca-certificates \
gnupg \
unzip \
&& rm -rf /var/lib/apt/lists/* \
&& [ -f /usr/bin/bash ] || ln -s /bin/bash /usr/bin/bash
# Pin to a specific Node minor (per project rule: pin all tool versions).
# Keep in sync with .github/workflows/test.yml `node-version` so tests run on
# the same runtime as the production sandbox container. The wildcard pins
# the minor; patches within 24.7 still float — accept that for one minor's
# worth of patch drift in exchange for not having to chase nodesource's
# exact apt version strings on every CI rebuild.
RUN curl -fsSL https://deb.nodesource.com/setup_24.x | bash - \
&& apt-get install -y "nodejs=24.7.*" \
&& rm -rf /var/lib/apt/lists/*
RUN corepack enable && corepack prepare pnpm@10.6.5 --activate
RUN pip install --no-cache-dir uv==0.6.12 massive==2.4.0 fredapi==0.5.2 sec-api==1.0.35 pymupdf4llm==1.27.2.2 finnhub-python==2.4.20
RUN npm install -g opencode-ai@1.15.5 @openrouter/ai-sdk-provider@2.9.0
RUN useradd -m -s /bin/bash sandbox \
&& echo "sandbox ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
RUN mkdir -p /sandbox/.agents /sandbox/workspaces /data/opencode /data/workspaces /home/sandbox/.config/opencode \
&& chown -R sandbox:sandbox /sandbox /data /home/sandbox/.config/opencode
USER sandbox
WORKDIR /sandbox
RUN git config --global user.email "agent@axion.ai" \
&& git config --global user.name "Axion Agent" \
&& git init /sandbox/workspaces
COPY --chown=sandbox:sandbox skills/ /home/sandbox/.agents/skills/
COPY --chown=sandbox:sandbox plugins/ /home/sandbox/.config/opencode/plugins/
COPY --chown=sandbox:sandbox agent/ /home/sandbox/.config/opencode/agent/
COPY --chown=sandbox:sandbox entrypoint.sh /sandbox/entrypoint.sh
RUN chmod +x /sandbox/entrypoint.sh && find /home/sandbox/.agents/skills -name "*.sh" -o -name "*.py" | xargs chmod +x
EXPOSE 4096
ENTRYPOINT ["/sandbox/entrypoint.sh"]