dirigence/sandcage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🥇 export from upstream (6de9a7a)

Browse Source
This commit is contained in:
Gabor Körber
2026-05-24 19:23:54 +02:00
parent cc6c912fe2
commit 2fadce5490
1 changed files with 17 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+16 -5
View File
@@ -22,7 +22,7 @@
### Planned Features
- **Support for custom harnesses** — bring your own agent runtime, not just Claude Code and Codex
- **Support for custom harnesses** — bring your own agent runtime beyond the built-in Claude Code, Codex, and Gemini CLI
- **Full encapsulation hardening** — for worker and CI environments, ensuring complete sandboxing of file system, network, and credentials
- **ACP integration** via [`dirigate`](https://github.com/dirigence/dirigate) — Agent Communication Protocol support for structured agent orchestration
@@ -42,7 +42,7 @@ Multiple agents can run side by side. A persistent home directory means config a
<img src="topology.svg" alt="Sandcage topology — host, Docker, container, volume mounts" width="720">
</p>
1. You run `sandcage claude` (or `codex`, or `shell`) from your project directory
1. You run `sandcage claude` (or `codex`, `gemini`, or `shell`) from your project directory
2. Sandcage resolves your workspace to the git root and builds Docker compose arguments
3. Your project, persistent home, and (optionally) SSH keys are mounted into the container
4. The agent runs as the container entrypoint, working in the mounted workspace
@@ -64,7 +64,7 @@ cargo install --git https://github.com/dirigence/sandcage
### Build images and run
```bash
sandcage build # build base and codex images
sandcage build # build container image
sandcage claude # start Claude Code in the current project
```
@@ -76,6 +76,7 @@ That is it. Sandcage resolves your project to its git root, mounts it into the c
sandcage claude -p ~/project # run in a specific project
sandcage claude -- --resume # forward args to the agent
sandcage codex -p ~/project # run Codex instead
sandcage gemini -p ~/project # run Gemini CLI instead
sandcage shell # interactive shell, same environment
sandcage claude --shell # shell in the Claude image (debugging)
sandcage init # detect ecosystem, generate .sandcage.yml
@@ -113,6 +114,16 @@ agent_args:
claude:
- --dangerously-skip-permissions
shell: zsh
# Enable/disable built-in services
services:
gemini:
enabled: false
# Control which services `sandcage build` prepares by default
# default_services:
# - claude
# - shell
```
SSH key access is configured separately via `sandcage setup ssh`, which selects only the keys needed for git and copies them into a dedicated Docker volume.
@@ -123,9 +134,9 @@ Run `sandcage init` to generate a starter config — it detects your project eco
Sandcage uses a single image (`sandcage`) based on Debian bookworm-slim, packed with dev tools: git, openssh-client, ripgrep, fd, jq, curl, zsh, bash, sudo, just, and uv.
AI agents (Claude Code, Codex) are installed on first run into the persistent home directory and auto-update themselves — no agent binaries baked into the image.
AI agents (Claude Code, Codex, Gemini CLI) are installed on first run into the persistent home directory and auto-update themselves — no agent binaries baked into the image.
Build with `sandcage build`. Use `--force` to rebuild unconditionally.
Build with `sandcage build`. Use `--force` to rebuild unconditionally. You can also specify which services to build: `sandcage build claude codex`.
## Cross-Platform