11 Commits

Author SHA1 Message Date
Dark-Alex-17 3df590f276 fix: sbx isn't copying base files in their respective directories
CI / All (ubuntu-latest) (push) Failing after 25s
CI / All (macos-latest) (push) Has been cancelled
CI / All (windows-latest) (push) Has been cancelled
2026-07-01 18:44:07 -06:00
Dark-Alex-17 91300c16fe fix: Update deprecated sbx kit config 2026-07-01 17:52:04 -06:00
Dark-Alex-17 52356ead6c fix: Properly chown the coyote config recursively and password file in the sbx
CI / All (ubuntu-latest) (push) Failing after 25s
CI / All (macos-latest) (push) Has been cancelled
CI / All (windows-latest) (push) Has been cancelled
2026-07-01 17:12:42 -06:00
Dark-Alex-17 ad9fc524d4 feat: Pin specific usql version to sbx kit 2026-07-01 17:11:27 -06:00
Dark-Alex-17 af50909a89 feat: recursively take ownership over the copied in coyote config for the sbx 2026-07-01 16:54:57 -06:00
Dark-Alex-17 318d9ba1cd feat: explicitly specify the COYOTE_CONFIG_DIR in the sbx kit 2026-07-01 16:54:42 -06:00
Dark-Alex-17 45d709f28e Merge branch 'main' of github.com:Dark-Alex-17/coyote
CI / All (ubuntu-latest) (push) Failing after 25s
CI / All (macos-latest) (push) Has been cancelled
CI / All (windows-latest) (push) Has been cancelled
2026-06-30 14:55:08 -06:00
Dark-Alex-17 9cd074cb9b build: fixed coyote install scripts 2026-06-30 14:54:59 -06:00
Dark-Alex-17 93eec45473 docs: fixed coyote install script URLs 2026-06-30 14:43:00 -06:00
Dark-Alex-17 e585e0b049 feat: --tail-logs can track log rollovers and incoporates a sleep timer to minimize idle CPU cycles
CI / All (ubuntu-latest) (push) Failing after 25s
CI / All (macos-latest) (push) Has been cancelled
CI / All (windows-latest) (push) Has been cancelled
2026-06-25 14:01:38 -06:00
Dark-Alex-17 13bfaf9aca feat: Added support for log rolling so log files don't just blow up over time 2026-06-25 13:57:15 -06:00
8 changed files with 176 additions and 111 deletions
+1 -1
View File
@@ -49,7 +49,7 @@ textwrap = "0.16.0"
ansi_colours = "1.2.2"
eventsource-stream = "0.2.3"
log = "0.4.28"
log4rs = { version = "1.4.0", features = ["file_appender"] }
log4rs = { version = "1.4.0", features = ["file_appender", "rolling_file_appender", "compound_policy", "fixed_window_roller", "size_trigger"] }
shell-words = "1.1.0"
sha2 = "0.10.8"
unicode-width = "0.2.0"
+2 -2
View File
@@ -98,7 +98,7 @@ You can use the following command to run a bash script that downloads and instal
OS (Linux/MacOS) and architecture (x86_64/arm64):
```shell
curl -fsSL https://raw.githubusercontent.com/Dark-Alex-17/coyote/main/install_coyote.sh | bash
curl -fsSL https://raw.githubusercontent.com/Dark-Alex-17/coyote/refs/heads/main/scripts/install_coyote.sh | bash
```
#### Windows/Linux/MacOS (`PowerShell`)
@@ -106,7 +106,7 @@ You can use the following command to run a PowerShell script that downloads and
for your OS (Windows/Linux/MacOS) and architecture (x86_64/arm64):
```powershell
powershell -NoProfile -ExecutionPolicy Bypass -Command "iwr -useb https://raw.githubusercontent.com/Dark-Alex-17/coyote/main/scripts/install_coyote.ps1 | iex"
powershell -NoProfile -ExecutionPolicy Bypass -Command "iwr -useb https://raw.githubusercontent.com/Dark-Alex-17/coyote/refs/heads/main/scripts/install_coyote.ps1 | iex"
```
### Manual
+61 -56
View File
@@ -5,20 +5,19 @@
# sbx cp $HOME/.config/coyote/ testing:/home/agent/.config/
# sbx cp $HOME/.coyote_password testing:/home/agent/
# sbx run testing --kit ./sbx-kit/
schemaVersion: "1"
kind: agent
schemaVersion: '1'
kind: sandbox
name: coyote
displayName: Coyote
description: >
An all-in-one, batteries-included LLM CLI tool featuring Shell Assistant,
CLI & REPL mode, RAG, AI tools & agents, MCP servers, skills, and macros.
agent:
image: "docker/sandbox-templates:shell-docker"
sandbox:
image: 'docker/sandbox-templates:shell-docker'
aiFilename: COYOTE.md
# persistence: persistent
entrypoint:
run: ["bash", "-lc", "exec /home/agent/.cargo/bin/coyote"]
run: ['bash', '-lc', 'exec /home/agent/.cargo/bin/coyote']
network:
# Proxy-managed LLM providers: the proxy substitutes `proxy-managed` for
@@ -51,96 +50,96 @@ network:
serviceAuth:
openai:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
anthropic:
headerName: x-api-key
valueFormat: "%s"
valueFormat: '%s'
gemini:
headerName: x-goog-api-key
valueFormat: "%s"
valueFormat: '%s'
cohere:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
groq:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
openrouter:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
ai21:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
cloudflare:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
deepinfra:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
deepseek:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
mistral:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
perplexity:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
voyageai:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
xai:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
jina:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
ernie:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
hunyuan:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
minimax:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
moonshot:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
qianwen:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
zhipuai:
headerName: Authorization
valueFormat: "Bearer %s"
valueFormat: 'Bearer %s'
allowedDomains:
# Coyote release + self-update + model-registry sync
- "github.com:443"
- "api.github.com:443"
- "raw.githubusercontent.com:443"
- "objects.githubusercontent.com:443"
- "*.githubusercontent.com:443"
- 'github.com:443'
- 'api.github.com:443'
- 'raw.githubusercontent.com:443'
- 'objects.githubusercontent.com:443'
- '*.githubusercontent.com:443'
# Coyote install paths (cargo install + uv + rustup + Python tool deps at runtime)
- "crates.io:443"
- "static.crates.io:443"
- "pypi.org:443"
- "files.pythonhosted.org:443"
- "astral.sh:443"
- "sh.rustup.rs:443"
- "static.rust-lang.org:443"
- 'crates.io:443'
- 'static.crates.io:443'
- 'pypi.org:443'
- 'files.pythonhosted.org:443'
- 'astral.sh:443'
- 'sh.rustup.rs:443'
- 'static.rust-lang.org:443'
# LLM model OAuth + API endpoints
- "claude.ai:443"
- "console.anthropic.com:443"
- "accounts.google.com:443"
- 'claude.ai:443'
- 'console.anthropic.com:443'
- 'accounts.google.com:443'
# *.googleapis.com covers oauth2 + userinfo + VertexAI regional endpoints
# (*-aiplatform.googleapis.com). Do not narrow without re-checking VertexAI.
- "*.googleapis.com:443"
- '*.googleapis.com:443'
# Bedrock and GitHub Models use signed / GitHub-PAT auth that the proxy
# cannot rewrite. Domains are allow-listed; credentials must be injected
# separately (see README "Extending").
- "*.amazonaws.com:443"
- "models.inference.ai.azure.com:443"
- '*.amazonaws.com:443'
- 'models.inference.ai.azure.com:443'
credentials:
sources:
@@ -211,8 +210,9 @@ credentials:
environment:
variables:
IS_SANDBOX: "1"
IS_SANDBOX: '1'
COYOTE_LOG_LEVEL: INFO
COYOTE_CONFIG_DIR: /home/agent/.config/coyote
proxyManaged:
- OPENAI_API_KEY
- ANTHROPIC_API_KEY
@@ -250,14 +250,14 @@ commands:
libssl-dev \
pandoc \
bzip2
user: "1000"
user: '1000'
description: Install system prerequisites (including pandoc for fetch_url_via_curl)
- command: "curl -LsSf https://astral.sh/uv/install.sh | sh"
user: "1000"
- command: 'curl -LsSf https://astral.sh/uv/install.sh | sh'
user: '1000'
description: Install uv (required for Python-based custom tools)
- command: |
set -euo pipefail
USQL_VERSION=$(curl -sSL https://api.github.com/repos/xo/usql/releases/latest | jq -r .tag_name | sed 's/^v//')
USQL_VERSION=0.21.4
ARCH=$(uname -m)
case "$ARCH" in
x86_64) USQL_ARCH=amd64 ;;
@@ -266,10 +266,10 @@ commands:
esac
TMPDIR=$(mktemp -d)
trap 'rm -rf "$TMPDIR"' EXIT
curl -sSL "https://github.com/xo/usql/releases/download/v${USQL_VERSION}/usql_static-${USQL_VERSION}-linux-${USQL_ARCH}.tar.bz2" -o "$TMPDIR/usql.tar.bz2"
curl -fsSL --retry 3 "https://github.com/xo/usql/releases/download/v${USQL_VERSION}/usql_static-${USQL_VERSION}-linux-${USQL_ARCH}.tar.bz2" -o "$TMPDIR/usql.tar.bz2"
tar -xjf "$TMPDIR/usql.tar.bz2" -C "$TMPDIR"
sudo install -m 0755 "$TMPDIR/usql_static" /usr/local/bin/usql
user: "1000"
user: '1000'
description: Install the usql universal SQL CLI (used by the built-in sql agent and execute_sql_code tool)
- command: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | \
@@ -279,16 +279,21 @@ commands:
--target x86_64-unknown-linux-musl
. "$HOME/.cargo/env"
cargo install --locked coyote-ai
user: "1000"
user: '1000'
description: Install Coyote AI CLI via Rust's Cargo
startup:
- command: ["sh", "-c", "test -f \"$HOME/.config/coyote/config.yaml\" || coyote --info >/dev/null 2>&1 || true"]
user: "1000"
- command:
[
'sh',
'-c',
'test -f "$HOME/.config/coyote/config.yaml" || coyote --info >/dev/null 2>&1 || true',
]
user: '1000'
background: false
description: Bootstrap Coyote config directory on first sandbox start
memory: |
agentContext: |
## Sandbox environment
You are running inside a Docker sandbox launched via `sbx run coyote`. The
+3 -3
View File
@@ -39,7 +39,7 @@ switch ([System.Runtime.InteropServices.RuntimeInformation]::OSArchitecture) {
if (-not $BinDir) {
if ($isWin) { $BinDir = Join-Path $env:LOCALAPPDATA 'coyote\bin' }
else { $home = $env:HOME; if (-not $home) { $home = (Get-Item -Path ~).FullName }; $BinDir = Join-Path $home '.local/bin' }
else { $userHome = $env:HOME; if (-not $userHome) { $userHome = (Get-Item -Path ~).FullName }; $BinDir = Join-Path $userHome '.local/bin' }
}
New-Item -ItemType Directory -Force -Path $BinDir | Out-Null
@@ -95,13 +95,13 @@ if ($asset.name -match '\.zip$') {
[System.IO.Compression.ZipFile]::ExtractToDirectory($archive, $extractDir)
} elseif ($asset.name -match '\.tar\.gz$' -or $asset.name -match '\.tgz$') {
$tar = Get-Command tar -ErrorAction SilentlyContinue
if ($tar) { & $tar.FullName -xzf $archive -C $extractDir }
if ($tar) { & $tar.Source -xzf $archive -C $extractDir }
else { Fail "Asset is tar archive but 'tar' is not available." }
} else {
try { Add-Type -AssemblyName System.IO.Compression.FileSystem; [System.IO.Compression.ZipFile]::ExtractToDirectory($archive, $extractDir) }
catch {
$tar = Get-Command tar -ErrorAction SilentlyContinue
if ($tar) { & $tar.FullName -xf $archive -C $extractDir } else { Fail "Unknown archive format; neither zip nor tar workable." }
if ($tar) { & $tar.Source -xf $archive -C $extractDir } else { Fail "Unknown archive format; neither zip nor tar workable." }
}
}
Regular → Executable
+13 -22
View File
@@ -133,30 +133,21 @@ else
echo "Error: unsupported OS for this installer: $OS" >&2; exit 1
fi
DL_URLS=$(grep -oE '"browser_download_url":[[:space:]]*"[^"]+"' "$JSON" \
| sed -E 's/.*"browser_download_url":[[:space:]]*"//; s/"$//' \
|| true)
ASSET_NAME=""; ASSET_URL=""
for candidate in "${ASSET_CANDIDATES[@]}"; do
NAME=$(grep -oE '"name":\s*"[^"]+"' "$JSON" | sed 's/"name":\s*"//; s/"$//' | grep -Fx "$candidate" || true)
if [[ -n "$NAME" ]]; then
ASSET_NAME="$NAME"
ASSET_URL=$(awk -v pat="$NAME" '
BEGIN{ FS=":"; want=0 }
/"name"/ {
line=$0;
gsub(/^\s+|\s+$/,"",line);
gsub(/"name"\s*:\s*"|"/ ,"", line);
want = (line==pat) ? 1 : 0;
next
}
want==1 && /"browser_download_url"/ {
u=$0;
gsub(/^\s+|\s+$/,"",u);
gsub(/.*"browser_download_url"\s*:\s*"|".*/ ,"", u);
print u;
exit
}
' "$JSON")
if [[ -n "$ASSET_URL" ]]; then break; fi
fi
while IFS= read -r url; do
[[ -z "$url" ]] && continue
if [[ "$url" == */"$candidate" ]]; then
ASSET_NAME="$candidate"
ASSET_URL="$url"
break
fi
done <<< "$DL_URLS"
[[ -n "$ASSET_URL" ]] && break
done
if [[ -z "$ASSET_URL" ]]; then
+19 -3
View File
@@ -39,7 +39,10 @@ use client::ClientConfig;
use inquire::{Select, Text, set_global_render_config};
use log::{LevelFilter, warn};
use log4rs::append::console::ConsoleAppender;
use log4rs::append::file::FileAppender;
use log4rs::append::rolling_file::RollingFileAppender;
use log4rs::append::rolling_file::policy::compound::CompoundPolicy;
use log4rs::append::rolling_file::policy::compound::roll::fixed_window::FixedWindowRoller;
use log4rs::append::rolling_file::policy::compound::trigger::size::SizeTrigger;
use log4rs::config::{Appender, Logger, Root};
use log4rs::encode::pattern::PatternEncoder;
use oauth::OAuthProvider;
@@ -585,7 +588,20 @@ fn setup_logger() -> Result<Option<PathBuf>> {
}
Some(path) => {
ensure_parent_exists(&path)?;
let file_appender = FileAppender::builder().encoder(encoder.clone()).build(path);
let archive_pattern = path
.with_extension("archived.{}.log")
.to_string_lossy()
.into_owned();
let trigger = SizeTrigger::new(10 * 1024 * 1024);
let roller = FixedWindowRoller::builder()
.build(&archive_pattern, 5)
.unwrap();
let policy = CompoundPolicy::new(Box::new(trigger), Box::new(roller));
let file_appender = RollingFileAppender::builder()
.encoder(encoder.clone())
.build(path, Box::new(policy));
match file_appender {
Ok(appender) => {
@@ -608,7 +624,7 @@ fn setup_logger() -> Result<Option<PathBuf>> {
fn init_file_logger(
log_level: LevelFilter,
log_filter: Option<String>,
file_appender: FileAppender,
file_appender: RollingFileAppender,
) -> log4rs::Config {
let root_log_level = if log_filter.is_some() {
LevelFilter::Off
+44 -16
View File
@@ -69,7 +69,7 @@ pub fn launch(name: Option<String>, fresh: bool, no_mixins: bool) -> Result<()>
}
}
exec_run(&name, &kit_path)
exec_run(&name)
}
fn ensure_sbx_installed() -> Result<()> {
@@ -316,6 +316,7 @@ fn sandbox_exists(name: &str) -> Result<bool> {
fn create_sandbox(name: &str, kit_path: &Path, mixins: &[DiscoveredMixin]) -> Result<()> {
info!("Creating sandbox '{name}'");
let args = build_create_args(name, kit_path, mixins)?;
debug!("sbx {}", args.join(" "));
let status = Command::new(SBX_BINARY)
.args(&args)
.stdin(Stdio::inherit())
@@ -342,6 +343,8 @@ fn build_create_args(
let mut args = vec![
"create".to_string(),
"--name".to_string(),
name.to_string(),
"--kit".to_string(),
kit_str.to_string(),
];
@@ -357,8 +360,6 @@ fn build_create_args(
}
args.push(SANDBOX_AGENT.to_string());
args.push("--name".to_string());
args.push(name.to_string());
args.push(".".to_string());
Ok(args)
@@ -369,10 +370,17 @@ fn copy_host_files(name: &str) -> Result<()> {
let home_dir = dirs::home_dir().context("Could not determine home directory")?;
if config_dir.exists() {
ensure_sandbox_dir(name, "/home/agent/.config")?;
let src = format!("{}/", config_dir.display());
let dest = format!("{name}:/home/agent/.config/");
sbx_cp(&src, &dest)?;
let sandbox_config_dir = "/home/agent/.config/coyote";
ensure_sandbox_dir(name, sandbox_config_dir)?;
let dest = format!("{name}:{sandbox_config_dir}/");
for entry in fs::read_dir(&config_dir)
.with_context(|| format!("Failed to read {}", config_dir.display()))?
{
let entry = entry?;
let path = entry.path();
sbx_cp(&path.display().to_string(), &dest)?;
}
chown_agent_recursive(name, sandbox_config_dir)?;
} else {
debug!(
"Skipping config copy: {} does not exist",
@@ -390,6 +398,7 @@ fn copy_host_files(name: &str) -> Result<()> {
}
let dest = format!("{name}:{dest_path}");
sbx_cp(&password_file.display().to_string(), &dest)?;
chown_agent_recursive(name, &dest_path)?;
}
Some(password_file) => {
debug!(
@@ -501,12 +510,10 @@ fn sbx_cp(src: &str, dest: &str) -> Result<()> {
Ok(())
}
fn exec_run(name: &str, kit_path: &Path) -> Result<()> {
let kit_str = kit_path
.to_str()
.ok_or_else(|| anyhow!("Kit path is not valid UTF-8: {}", kit_path.display()))?;
fn exec_run(name: &str) -> Result<()> {
debug!("sbx run --name {name}");
let status = Command::new(SBX_BINARY)
.args(["run", name, "--kit", kit_str])
.args(["run", "--name", name])
.stdin(Stdio::inherit())
.stdout(Stdio::inherit())
.stderr(Stdio::inherit())
@@ -520,6 +527,27 @@ fn exec_run(name: &str, kit_path: &Path) -> Result<()> {
Ok(())
}
fn chown_agent_recursive(sandbox: &str, path: &str) -> Result<()> {
let path_q = shell_words::quote(path);
let cmd = format!("sudo chown -R agent:agent {path_q}");
debug!("sbx exec {sandbox}: {cmd}");
let status = Command::new(SBX_BINARY)
.args(["exec", sandbox, "sh", "-c", &cmd])
.stdin(Stdio::inherit())
.stdout(Stdio::inherit())
.stderr(Stdio::inherit())
.status()
.context("Failed to spawn `sbx exec` to chown copied files")?;
if !status.success() {
bail!("Chowning '{path}' in sandbox failed: sbx exec exited with {status}");
}
Ok(())
}
#[cfg(test)]
mod tests {
use super::*;
@@ -621,6 +649,8 @@ mod tests {
args,
vec![
"create".to_string(),
"--name".to_string(),
"my-box".to_string(),
"--kit".to_string(),
"/cache/sbx-kit".to_string(),
"--kit".to_string(),
@@ -628,8 +658,6 @@ mod tests {
"--kit".to_string(),
dir_b.display().to_string(),
"coyote".to_string(),
"--name".to_string(),
"my-box".to_string(),
".".to_string(),
]
);
@@ -646,11 +674,11 @@ mod tests {
args,
vec![
"create".to_string(),
"--name".to_string(),
"box".to_string(),
"--kit".to_string(),
"/cache/sbx-kit".to_string(),
"coyote".to_string(),
"--name".to_string(),
"box".to_string(),
".".to_string(),
]
);
+33 -8
View File
@@ -1,9 +1,11 @@
use crate::config::paths;
use colored::Colorize;
use fancy_regex::Regex;
use std::fs::File;
use std::fs::{self, File};
use std::io::{BufRead, BufReader, Seek, SeekFrom};
use std::process;
use std::time::Duration;
use tokio::time::sleep;
pub async fn tail_logs(no_color: bool) {
let re = Regex::new(r"^(?P<timestamp>\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}\.\d{3})\s+<(?P<opid>[^\s>]+)>\s+\[(?P<level>[A-Z]+)\]\s+(?P<logger>[^:]+):(?P<line>\d+)\s+-\s+(?P<message>.*)$").unwrap();
@@ -16,20 +18,43 @@ pub async fn tail_logs(no_color: bool) {
process::exit(1);
};
let mut lines = reader.lines();
let mut line_buf = String::new();
loop {
if let Some(Ok(line)) = lines.next() {
if no_color {
println!("{line}");
} else {
let colored_line = colorize_log_line(&line, &re);
println!("{colored_line}");
match reader.read_line(&mut line_buf) {
Ok(0) => {
if file_was_rotated(&file_path, &mut reader) {
let file = File::open(&file_path).expect("Cannot open file");
reader = BufReader::new(file);
}
sleep(Duration::from_millis(100)).await;
}
Ok(_) => {
let line = line_buf.trim_end();
if no_color {
println!("{line}");
} else {
let colored_line = colorize_log_line(line, &re);
println!("{colored_line}");
}
line_buf.clear();
}
Err(_) => {
line_buf.clear();
sleep(Duration::from_millis(100)).await;
}
}
}
}
fn file_was_rotated(path: &std::path::Path, reader: &mut BufReader<File>) -> bool {
let current_pos = reader.stream_position().unwrap_or(0);
match fs::metadata(path) {
Ok(metadata) => metadata.len() < current_pos,
Err(_) => true,
}
}
fn colorize_log_line(line: &str, re: &Regex) -> String {
if let Some(caps) = re.captures(line).expect("Failed to capture log line") {
let level = &caps["level"];