fix: add claude wrapper to skip sandbox startup modals#53
Merged
Conversation
Claude Code shows ~7 interactive first-run prompts (theme, permissions, trust) when launching inside a fresh container. Add a wrapper script at /usr/local/bin/claude that passes --bare --dangerously-skip-permissions so the sandbox starts clean with no modals. Agent configs simplified to just `entrypoint: claude` since the wrapper handles the sandbox-specific flags.
The sandbox container starts Claude Code fresh each time, triggering the full onboarding flow (theme picker, workspace trust, permission mode, etc). Pre-seed ~/.claude.json with hasCompletedOnboarding=true and autoUpdates=false so it starts clean. Also add enableAllProjectMcpServers and disable spinner tips, feedback surveys, and company announcements in settings.json.
make cli and make cli-runner now pass -ldflags with git describe so the binary reports the actual version (e.g. v0.1.2-2-g0b72832) instead of "dev". This also fixes defaultRunnerImage() which uses Version to resolve the correct runner image tag.
- Drop quay.io dev registry, use ghcr.io for everything - Push images on PRs (tagged :sandbox-pr-N, :runner-pr-N) - Remove path filter so every PR builds images - Add ldflags to CI runner binary build for version stamp - Fix double-v prefix in defaultRunnerImage (v0.1.2 not vv0.1.2)
Remove hardcoded image tag from agent configs. The CLI now resolves the sandbox image from the binary version (e.g. :sandbox-v0.1.2 for a tagged release, :sandbox for dev). SANDBOX_IMAGE env still overrides. This means a dev build from a PR branch will pull the matching PR-tagged image automatically.
versionedImage() now only pins to :sandbox-v0.1.2 for clean semver tags. Dev builds (v0.1.2-5-g1113d8d) fall back to :sandbox/:runner floating tags since no matching versioned image exists. Also fix create command printing blank image when agent config omits the image field -- resolve before printing.
create only runs preflight checks for providers that are NOT already registered on the gateway. Previously it checked all providers locally, failing when credentials weren't in the shell env even though the gateway already had them. Also fix test-flow.sh: create test now uses ci profile (no providers) instead of default profile, since create doesn't auto-register.
The base image installs claude at /usr/local/bin/claude. Move it to /usr/local/lib/claude-real before installing the wrapper, so the wrapper can exec the real binary without /root permission issues. Also chmod 755 the wrapper so the sandbox user (uid 1000) can read and execute it.
companyAnnouncements expects an array, not a boolean. The validation error caused Claude Code to skip the ENTIRE settings file, so bypassPermissions was never applied and all startup modals appeared.
Three remaining banners fixed: - Workspace trust: pre-seed hasTrustDialogAccepted in claude.json - API key prompt: move key from agent env to apiKeyHelper in settings so Claude Code does not detect it as a custom env var - Bypass permissions warning: add skipDangerousModePermissionPrompt
- test-flow.sh: remove --full flag (sandbox tests always run), auto-detect CI mode from CI env var (set by GitHub Actions) - kind-lifecycle.sh: same CI auto-detection, remove --full from default args - Makefile: replace 8 test targets with 4 (test, test-local, test-kind, test-remote, test-all) - integration.yml: update to new target names
- Remove :sandbox and :runner floating tags from CI - Dev builds resolve to last release tag (v0.1.2-5-g... → :sandbox-v0.1.2) - Remove hardcoded runner image from gateway.toml and config defaults - Add sha-based tags for main branch pushes - Document image tag scheme in SPEC.md
v0.1.2-5-gabc1234 now resolves to :sandbox-v0.1.2-5-gabc1234, matching make dev-sandbox. No more falling back to the release tag.
Local dev targets (dev-sandbox, dev-runner) now build locally without push. New dev-push target for pushing to registry. Release targets (sandbox, runner) still use buildx for multi-arch.
apiKeyHelper doesn't work with --bare mode. The API key prompt was originally caused by the invalid settings.json (companyAnnouncements error skipped the entire file). Now that settings.json is valid, --dangerously-skip-permissions suppresses the key prompt.
Claude Code stores approved keys by their last 20 chars in customApiKeyResponses.approved. Pre-seed with the proxy placeholder key suffix.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.