fix(cli): randomize sandbox container names#26014
fix(cli): randomize sandbox container names#26014scidomino merged 3 commits intogoogle-gemini:mainfrom
Conversation
The sequential <image>-N allocator listed existing containers and picked the first unused index, which races when two CLIs start concurrently. Replace it with a 12-hex random suffix using randomBytes(6), shared by the regular and integration-test branches. Drop the ps -a probe, and keep --name, --hostname, and SANDBOX aligned. Fixes google-gemini#12083
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request addresses a race condition in the CLI sandbox container allocation. By switching from a sequential index-based naming system to a randomized suffix approach, the CLI can now safely handle concurrent starts without attempting to reuse or conflict with existing container names. This change simplifies the container initialization process by removing the need to query the Docker daemon for existing containers before launching a new one. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. Footnotes
|
gemini-cli
Bot
added
priority/p3
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request refactors the sandbox container naming logic to use a random 6-byte hex suffix instead of probing for sequential indices, preventing race conditions during concurrent CLI starts. The tests in packages/cli/src/utils/sandbox.test.ts were updated to mock node:crypto and verify the new naming behavior for both standard and integration test environments. I have no feedback to provide.
|
Hi, I would like to work on this issue. I have been contributing to Gemini CLI and would love to take this up. Can I proceed? |
|
Hi, I would like to work on this issue. Can I proceed? |
|
Hey @jacob314 @cocosheng-g whenever you have time, since you were involved in the related issue, would appreciate any feedback on this PR. Happy to iterate on it! |
|
FYI, don't touch the PR or else we have to run the tests all over again. |
|
Yeah, I realized after updating, really appreciate you taking care of it, thanks! |
|
Hey @scidomino , the failing Windows checks don't look related to my changes, could you rerun them, or let me know if you'd like me to make any changes? |
|
Thanks for the review and merge |
3 participants
The sequential![]()
-N allocator listed existing containers and picked the first unused index, which races when two CLIs start concurrently.
Replace it with a 12-hex random suffix using randomBytes(6), shared by the regular and integration-test branches. Drop the ps -a probe, and keep --name, --hostname, and SANDBOX aligned.
Fixes #12083