feat: Add Docker socket mounting support #33
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Updates from fork
dominikaveresch-cc
force-pushed
the
feat/docker-socket-mounting
branch
from
0bea793 to
9c36f80
Compare
hzpz
reviewed
Jan 19, 2026
agentbox
Outdated
| fi | ||
| else | ||
| run_container "$container_name" validated_dirs "$tool" "${cmd_args[@]}" | ||
| run_container "$container_name" validated_dirs ""$docker_mount" "$tool" "${cmd_args[@]}" |
Collaborator
There was a problem hiding this comment.
Take a look at the quotes. It should be "$docker_mount" all three times.
dominikaveresch-cc
force-pushed
the
feat/docker-socket-mounting
branch
2 times, most recently
from
9ba7fbe to
bf3fe93
Compare
Owner
|
What is the purpose of this feature? Do you want the agent to be able to run docker containers? Do you consider this to be fine from a security perspective? |
Collaborator
Author
|
Our testing infrastructure relies on Testcontainers for integration testing. Therefore the agent must be able to run Docker containers. |
Collaborator
Author
|
And yes docker in docker is a security concern but thats why |
When passing arguments with special shell characters (like ?) to the container, they were being interpreted as glob patterns. Now using printf '%q' to properly escape each argument. Co-Authored-By: Claude Sonnet 4.5 <[email protected]>
…ariables Allows .env files to remain mounted and accessible in the container without Docker automatically loading them as environment variables. Co-Authored-By: Claude Sonnet 4.5 <[email protected]>
Implements time-based rebuild trigger that forces image rebuild when older than 48 hours, ensuring Claude Code and OpenCode stay current without manual intervention. Co-Authored-By: Claude Sonnet 4.5 <[email protected]>
Native install is the recommended method and future-proof (npm installation is deprecated). Using stable channel for reliability since image rebuilds less frequently now that Claude auto-updates. Co-Authored-By: Claude Haiku 4.5 <[email protected]>
Consistent with Claude Code approach. Native install is the recommended method for both tools. Co-Authored-By: Claude Haiku 4.5 <[email protected]>
Removes time-based rebuild logic that forced rebuilds every 48 hours. Now rebuilds only when Dockerfile/entrypoint changes or via explicit --rebuild flag. Uses BUILD_TIMESTAMP build arg to invalidate Docker cache on every build, ensuring fresh installs on rebuild rather than relying on unpredictable auto-update timing. Co-Authored-By: Claude Haiku 4.5 <[email protected]>
Add --docker flag to mount the host's Docker socket into the container, enabling Docker commands inside AgentBox. Includes: - Docker CLI installation in Dockerfile from official repository - Container user added to docker group - Socket detection for both Linux and Docker Desktop on macOS - Automatic group permission handling via --group-add 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]> # Conflicts: # agentbox
dominikaveresch-cc
force-pushed
the
feat/docker-socket-mounting
branch
from
bf3fe93 to
22eccae
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add --docker flag to mount the host's Docker socket into the container, enabling Docker commands inside AgentBox. Includes:
🤖 Generated with Claude Code