4 Commits

Author SHA1 Message Date
Dark-Alex-17 52356ead6c fix: Properly chown the coyote config recursively and password file in the sbx
CI / All (ubuntu-latest) (push) Failing after 25s
CI / All (macos-latest) (push) Has been cancelled
CI / All (windows-latest) (push) Has been cancelled
2026-07-01 17:12:42 -06:00
Dark-Alex-17 ad9fc524d4 feat: Pin specific usql version to sbx kit 2026-07-01 17:11:27 -06:00
Dark-Alex-17 af50909a89 feat: recursively take ownership over the copied in coyote config for the sbx 2026-07-01 16:54:57 -06:00
Dark-Alex-17 318d9ba1cd feat: explicitly specify the COYOTE_CONFIG_DIR in the sbx kit 2026-07-01 16:54:42 -06:00
2 changed files with 84 additions and 56 deletions
+58 -53
View File
@@ -5,7 +5,7 @@
# sbx cp $HOME/.config/coyote/ testing:/home/agent/.config/ # sbx cp $HOME/.config/coyote/ testing:/home/agent/.config/
# sbx cp $HOME/.coyote_password testing:/home/agent/ # sbx cp $HOME/.coyote_password testing:/home/agent/
# sbx run testing --kit ./sbx-kit/ # sbx run testing --kit ./sbx-kit/
schemaVersion: "1" schemaVersion: '1'
kind: agent kind: agent
name: coyote name: coyote
displayName: Coyote displayName: Coyote
@@ -14,11 +14,10 @@ description: >
CLI & REPL mode, RAG, AI tools & agents, MCP servers, skills, and macros. CLI & REPL mode, RAG, AI tools & agents, MCP servers, skills, and macros.
agent: agent:
image: "docker/sandbox-templates:shell-docker" image: 'docker/sandbox-templates:shell-docker'
aiFilename: COYOTE.md aiFilename: COYOTE.md
# persistence: persistent
entrypoint: entrypoint:
run: ["bash", "-lc", "exec /home/agent/.cargo/bin/coyote"] run: ['bash', '-lc', 'exec /home/agent/.cargo/bin/coyote']
network: network:
# Proxy-managed LLM providers: the proxy substitutes `proxy-managed` for # Proxy-managed LLM providers: the proxy substitutes `proxy-managed` for
@@ -51,96 +50,96 @@ network:
serviceAuth: serviceAuth:
openai: openai:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
anthropic: anthropic:
headerName: x-api-key headerName: x-api-key
valueFormat: "%s" valueFormat: '%s'
gemini: gemini:
headerName: x-goog-api-key headerName: x-goog-api-key
valueFormat: "%s" valueFormat: '%s'
cohere: cohere:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
groq: groq:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
openrouter: openrouter:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
ai21: ai21:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
cloudflare: cloudflare:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
deepinfra: deepinfra:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
deepseek: deepseek:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
mistral: mistral:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
perplexity: perplexity:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
voyageai: voyageai:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
xai: xai:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
jina: jina:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
ernie: ernie:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
hunyuan: hunyuan:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
minimax: minimax:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
moonshot: moonshot:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
qianwen: qianwen:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
zhipuai: zhipuai:
headerName: Authorization headerName: Authorization
valueFormat: "Bearer %s" valueFormat: 'Bearer %s'
allowedDomains: allowedDomains:
# Coyote release + self-update + model-registry sync # Coyote release + self-update + model-registry sync
- "github.com:443" - 'github.com:443'
- "api.github.com:443" - 'api.github.com:443'
- "raw.githubusercontent.com:443" - 'raw.githubusercontent.com:443'
- "objects.githubusercontent.com:443" - 'objects.githubusercontent.com:443'
- "*.githubusercontent.com:443" - '*.githubusercontent.com:443'
# Coyote install paths (cargo install + uv + rustup + Python tool deps at runtime) # Coyote install paths (cargo install + uv + rustup + Python tool deps at runtime)
- "crates.io:443" - 'crates.io:443'
- "static.crates.io:443" - 'static.crates.io:443'
- "pypi.org:443" - 'pypi.org:443'
- "files.pythonhosted.org:443" - 'files.pythonhosted.org:443'
- "astral.sh:443" - 'astral.sh:443'
- "sh.rustup.rs:443" - 'sh.rustup.rs:443'
- "static.rust-lang.org:443" - 'static.rust-lang.org:443'
# LLM model OAuth + API endpoints # LLM model OAuth + API endpoints
- "claude.ai:443" - 'claude.ai:443'
- "console.anthropic.com:443" - 'console.anthropic.com:443'
- "accounts.google.com:443" - 'accounts.google.com:443'
# *.googleapis.com covers oauth2 + userinfo + VertexAI regional endpoints # *.googleapis.com covers oauth2 + userinfo + VertexAI regional endpoints
# (*-aiplatform.googleapis.com). Do not narrow without re-checking VertexAI. # (*-aiplatform.googleapis.com). Do not narrow without re-checking VertexAI.
- "*.googleapis.com:443" - '*.googleapis.com:443'
# Bedrock and GitHub Models use signed / GitHub-PAT auth that the proxy # Bedrock and GitHub Models use signed / GitHub-PAT auth that the proxy
# cannot rewrite. Domains are allow-listed; credentials must be injected # cannot rewrite. Domains are allow-listed; credentials must be injected
# separately (see README "Extending"). # separately (see README "Extending").
- "*.amazonaws.com:443" - '*.amazonaws.com:443'
- "models.inference.ai.azure.com:443" - 'models.inference.ai.azure.com:443'
credentials: credentials:
sources: sources:
@@ -211,8 +210,9 @@ credentials:
environment: environment:
variables: variables:
IS_SANDBOX: "1" IS_SANDBOX: '1'
COYOTE_LOG_LEVEL: INFO COYOTE_LOG_LEVEL: INFO
COYOTE_CONFIG_DIR: /home/agent/.config/coyote
proxyManaged: proxyManaged:
- OPENAI_API_KEY - OPENAI_API_KEY
- ANTHROPIC_API_KEY - ANTHROPIC_API_KEY
@@ -250,14 +250,14 @@ commands:
libssl-dev \ libssl-dev \
pandoc \ pandoc \
bzip2 bzip2
user: "1000" user: '1000'
description: Install system prerequisites (including pandoc for fetch_url_via_curl) description: Install system prerequisites (including pandoc for fetch_url_via_curl)
- command: "curl -LsSf https://astral.sh/uv/install.sh | sh" - command: 'curl -LsSf https://astral.sh/uv/install.sh | sh'
user: "1000" user: '1000'
description: Install uv (required for Python-based custom tools) description: Install uv (required for Python-based custom tools)
- command: | - command: |
set -euo pipefail set -euo pipefail
USQL_VERSION=$(curl -sSL https://api.github.com/repos/xo/usql/releases/latest | jq -r .tag_name | sed 's/^v//') USQL_VERSION=0.21.4
ARCH=$(uname -m) ARCH=$(uname -m)
case "$ARCH" in case "$ARCH" in
x86_64) USQL_ARCH=amd64 ;; x86_64) USQL_ARCH=amd64 ;;
@@ -266,10 +266,10 @@ commands:
esac esac
TMPDIR=$(mktemp -d) TMPDIR=$(mktemp -d)
trap 'rm -rf "$TMPDIR"' EXIT trap 'rm -rf "$TMPDIR"' EXIT
curl -sSL "https://github.com/xo/usql/releases/download/v${USQL_VERSION}/usql_static-${USQL_VERSION}-linux-${USQL_ARCH}.tar.bz2" -o "$TMPDIR/usql.tar.bz2" curl -fsSL --retry 3 "https://github.com/xo/usql/releases/download/v${USQL_VERSION}/usql_static-${USQL_VERSION}-linux-${USQL_ARCH}.tar.bz2" -o "$TMPDIR/usql.tar.bz2"
tar -xjf "$TMPDIR/usql.tar.bz2" -C "$TMPDIR" tar -xjf "$TMPDIR/usql.tar.bz2" -C "$TMPDIR"
sudo install -m 0755 "$TMPDIR/usql_static" /usr/local/bin/usql sudo install -m 0755 "$TMPDIR/usql_static" /usr/local/bin/usql
user: "1000" user: '1000'
description: Install the usql universal SQL CLI (used by the built-in sql agent and execute_sql_code tool) description: Install the usql universal SQL CLI (used by the built-in sql agent and execute_sql_code tool)
- command: | - command: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | \ curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | \
@@ -279,12 +279,17 @@ commands:
--target x86_64-unknown-linux-musl --target x86_64-unknown-linux-musl
. "$HOME/.cargo/env" . "$HOME/.cargo/env"
cargo install --locked coyote-ai cargo install --locked coyote-ai
user: "1000" user: '1000'
description: Install Coyote AI CLI via Rust's Cargo description: Install Coyote AI CLI via Rust's Cargo
startup: startup:
- command: ["sh", "-c", "test -f \"$HOME/.config/coyote/config.yaml\" || coyote --info >/dev/null 2>&1 || true"] - command:
user: "1000" [
'sh',
'-c',
'test -f "$HOME/.config/coyote/config.yaml" || coyote --info >/dev/null 2>&1 || true',
]
user: '1000'
background: false background: false
description: Bootstrap Coyote config directory on first sandbox start description: Bootstrap Coyote config directory on first sandbox start
+26 -3
View File
@@ -356,9 +356,9 @@ fn build_create_args(
args.push(mixin_str); args.push(mixin_str);
} }
args.push(SANDBOX_AGENT.to_string());
args.push("--name".to_string()); args.push("--name".to_string());
args.push(name.to_string()); args.push(name.to_string());
args.push(SANDBOX_AGENT.to_string());
args.push(".".to_string()); args.push(".".to_string());
Ok(args) Ok(args)
@@ -373,6 +373,7 @@ fn copy_host_files(name: &str) -> Result<()> {
let src = format!("{}/", config_dir.display()); let src = format!("{}/", config_dir.display());
let dest = format!("{name}:/home/agent/.config/"); let dest = format!("{name}:/home/agent/.config/");
sbx_cp(&src, &dest)?; sbx_cp(&src, &dest)?;
chown_agent_recursive(name, "/home/agent/.config")?;
} else { } else {
debug!( debug!(
"Skipping config copy: {} does not exist", "Skipping config copy: {} does not exist",
@@ -390,6 +391,7 @@ fn copy_host_files(name: &str) -> Result<()> {
} }
let dest = format!("{name}:{dest_path}"); let dest = format!("{name}:{dest_path}");
sbx_cp(&password_file.display().to_string(), &dest)?; sbx_cp(&password_file.display().to_string(), &dest)?;
chown_agent_recursive(name, &dest_path)?;
} }
Some(password_file) => { Some(password_file) => {
debug!( debug!(
@@ -520,6 +522,27 @@ fn exec_run(name: &str, kit_path: &Path) -> Result<()> {
Ok(()) Ok(())
} }
fn chown_agent_recursive(sandbox: &str, path: &str) -> Result<()> {
let path_q = shell_words::quote(path);
let cmd = format!("sudo chown -R agent:agent {path_q}");
debug!("sbx exec {sandbox}: {cmd}");
let status = Command::new(SBX_BINARY)
.args(["exec", sandbox, "sh", "-c", &cmd])
.stdin(Stdio::inherit())
.stdout(Stdio::inherit())
.stderr(Stdio::inherit())
.status()
.context("Failed to spawn `sbx exec` to chown copied files")?;
if !status.success() {
bail!("Chowning '{path}' in sandbox failed: sbx exec exited with {status}");
}
Ok(())
}
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::*; use super::*;
@@ -627,9 +650,9 @@ mod tests {
dir_a.display().to_string(), dir_a.display().to_string(),
"--kit".to_string(), "--kit".to_string(),
dir_b.display().to_string(), dir_b.display().to_string(),
"coyote".to_string(),
"--name".to_string(), "--name".to_string(),
"my-box".to_string(), "my-box".to_string(),
"coyote".to_string(),
".".to_string(), ".".to_string(),
] ]
); );
@@ -648,9 +671,9 @@ mod tests {
"create".to_string(), "create".to_string(),
"--kit".to_string(), "--kit".to_string(),
"/cache/sbx-kit".to_string(), "/cache/sbx-kit".to_string(),
"coyote".to_string(),
"--name".to_string(), "--name".to_string(),
"box".to_string(), "box".to_string(),
"coyote".to_string(),
".".to_string(), ".".to_string(),
] ]
); );