61805a832d
This exploration came out of my review of https://github.com/openai/codex/pull/414. `run_in_container.sh` runs Codex in a Docker container like so:bd1c3deed9/codex-cli/scripts/run_in_container.sh (L51-L58)But then runs `init_firewall.sh` to set up the firewall to restrict network access. Previously, we did this by adding `/usr/local/bin/init_firewall.sh` to the container and adding a special rule in `/etc/sudoers.d` so the unprivileged user (`node`) could run the privileged `init_firewall.sh` script to open up the firewall for `api.openai.com`:31d0d7a305/codex-cli/Dockerfile (L51-L56)Though I believe this is unnecessary, as we can use `docker exec --user root` from _outside_ the container to run `/usr/local/bin/init_firewall.sh` as `root` without adding a special case in `/etc/sudoers.d`. This appears to work as expected, as I tested it by doing the following: ``` ./codex-cli/scripts/build_container.sh ./codex-cli/scripts/run_in_container.sh 'what is the output of `curl https://www.openai.com`' ``` This was a bit funny because in some of my runs, Codex wasn't convinced it had network access, so I had to convince it to try the `curl` request:  As you can see, when it ran `curl -s https\://www.openai.com`, it a connection failure, so the network policy appears to be working as intended. Note this PR also removes `sudo` from the `apt-get install` list in the `Dockerfile`.
71 lines
2.1 KiB
Bash
Executable File
71 lines
2.1 KiB
Bash
Executable File
#!/bin/bash
|
|
set -e
|
|
|
|
# Usage:
|
|
# ./run_in_container.sh [--work_dir directory] "COMMAND"
|
|
#
|
|
# Examples:
|
|
# ./run_in_container.sh --work_dir project/code "ls -la"
|
|
# ./run_in_container.sh "echo Hello, world!"
|
|
|
|
# Default the work directory to WORKSPACE_ROOT_DIR if not provided.
|
|
WORK_DIR="${WORKSPACE_ROOT_DIR:-$(pwd)}"
|
|
|
|
# Parse optional flag.
|
|
if [ "$1" = "--work_dir" ]; then
|
|
if [ -z "$2" ]; then
|
|
echo "Error: --work_dir flag provided but no directory specified."
|
|
exit 1
|
|
fi
|
|
WORK_DIR="$2"
|
|
shift 2
|
|
fi
|
|
|
|
WORK_DIR=$(realpath "$WORK_DIR")
|
|
|
|
# Generate a unique container name based on the normalized work directory
|
|
CONTAINER_NAME="codex_$(echo "$WORK_DIR" | sed 's/\//_/g' | sed 's/[^a-zA-Z0-9_-]//g')"
|
|
|
|
# Define cleanup to remove the container on script exit, ensuring no leftover containers
|
|
cleanup() {
|
|
docker rm -f "$CONTAINER_NAME" >/dev/null 2>&1 || true
|
|
}
|
|
# Trap EXIT to invoke cleanup regardless of how the script terminates
|
|
trap cleanup EXIT
|
|
|
|
# Ensure a command is provided.
|
|
if [ "$#" -eq 0 ]; then
|
|
echo "Usage: $0 [--work_dir directory] \"COMMAND\""
|
|
exit 1
|
|
fi
|
|
|
|
# Check if WORK_DIR is set.
|
|
if [ -z "$WORK_DIR" ]; then
|
|
echo "Error: No work directory provided and WORKSPACE_ROOT_DIR is not set."
|
|
exit 1
|
|
fi
|
|
|
|
# Kill any existing container for the working directory using cleanup(), centralizing removal logic.
|
|
cleanup
|
|
|
|
# Run the container with the specified directory mounted at the same path inside the container.
|
|
docker run --name "$CONTAINER_NAME" -d \
|
|
-e OPENAI_API_KEY \
|
|
--cap-add=NET_ADMIN \
|
|
--cap-add=NET_RAW \
|
|
-v "$WORK_DIR:/app$WORK_DIR" \
|
|
codex \
|
|
sleep infinity
|
|
|
|
# Initialize the firewall inside the container with root privileges.
|
|
docker exec --user root "$CONTAINER_NAME" /usr/local/bin/init_firewall.sh
|
|
|
|
# Execute the provided command in the container, ensuring it runs in the work directory.
|
|
# We use a parameterized bash command to safely handle the command and directory.
|
|
|
|
quoted_args=""
|
|
for arg in "$@"; do
|
|
quoted_args+=" $(printf '%q' "$arg")"
|
|
done
|
|
docker exec -it "$CONTAINER_NAME" bash -c "cd \"/app$WORK_DIR\" && codex --full-auto ${quoted_args}"
|