Struct DockerSandbox 

pub struct DockerSandbox { /* private fields */ }

Manages a Docker sandbox container lifecycle

Implementations

impl DockerSandbox

pub fn new(config: SandboxConfig, workspace_path: impl Into<String>) -> Self

pub fn set_proxy(&mut self, port: u16)

Enable the API proxy: the container will use ANTHROPIC_BASE_URL instead of receiving the raw API key.

pub async fn image_exists(image: &str) -> bool

Check if a Docker image exists locally.

pub async fn auto_build_image(image: &str) -> Result<()>

Auto-build the default sandbox image from the embedded Dockerfile. Writes the Dockerfile to a temp dir and runs docker build.

pub async fn is_docker_available() -> bool

Check if Docker is available in PATH

pub async fn is_sandbox_available() -> bool

Check if Docker Desktop >= 4.40 is available (required for Docker Sandbox). Falls back to checking that docker is simply available when version detection fails (useful in CI environments where Docker CE is sufficient).

pub async fn create(&mut self) -> Result<()>

Create the sandbox container (without starting it)

pub async fn copy_workspace(&self, src: &str) -> Result<()>

Copy a host directory into the running sandbox container.

When the config has exclude patterns, we use tar --exclude piped into docker cp to skip large directories like node_modules/ and target/ that would otherwise make the copy prohibitively slow.

Note: macOS tar emits many harmless warnings about extended attributes (LIBARCHIVE.xattr.*) when the receiving Linux tar doesn’t understand them. We suppress these via --no-xattrs and --no-mac-metadata flags and only fail on real errors (e.g. source directory missing).

pub async fn run_command(&self, cmd: &str) -> Result<SandboxOutput>

Run a shell command inside the sandbox and return the output

pub async fn run_command_as_user( &self, cmd: &str, user: &str, ) -> Result<SandboxOutput>

Run a shell command inside the sandbox as a specific user. Used for agent steps that need non-root execution (Claude CLI refuses --dangerously-skip-permissions when running as root).

pub async fn copy_results(&self, dest: &str) -> Result<()>

Copy results from the sandbox back to the host.

First checks whether any files were actually modified inside the container (via git status --porcelain). If nothing changed, the copy is skipped entirely — this is the common case for read-only workflows like code-review.

pub async fn destroy(&mut self) -> Result<()>

Stop and remove the sandbox container (safe to call even if not created)

Trait Implementations

impl Drop for DockerSandbox

Drop impl ensures cleanup even if destroy() was not called explicitly

fn drop(&mut self)

Executes the destructor for this type.