Sandbox auto-provision: create/adopt Conway sandbox when sandboxId is empty#164
Sandbox auto-provision: create/adopt Conway sandbox when sandboxId is empty#164vladimirwashere wants to merge 3 commits intoConway-Research:mainfrom
Conversation
…s for Conway API When conwayApiKey is configured but sandboxId is empty, the automaton runs everything locally on the host, which fails on macOS (no python, wrong paths, files written to cwd). Add automatic sandbox provisioning at startup: the runtime creates or adopts a Conway sandbox, persists the ID to automaton.json, and syncs non-sensitive state files (constitution, SOUL.md, skills) before entering the agent loop. Also fixes path resolution for the Conway file API, which requires absolute paths but receives ~ and relative paths from the agent. - Add src/conway/paths.ts for sandbox path constants and resolution - Add src/conway/sandbox-provision.ts for ensureSandbox + state sync - Update client.ts writeFile/readFile to resolve paths for sandbox API - Update state-versioning.ts to target sandbox .automaton directory
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
There was a problem hiding this comment.
🔴 commitStateChange uses host HOME path but git repo is initialized at sandbox /root/.automaton
The PR changes initStateRepo to initialize the git repo at the sandbox-absolute path SANDBOX_AUTOMATON_DIR (/root/.automaton), but commitStateChange and all its callers (commitSoulUpdate, commitSkillChange, etc.) still use resolveHome(AUTOMATON_DIR) which constructs the path from the host's process.env.HOME.
Root Cause and Impact
In src/index.ts:283, the git repo is initialized with the sandbox path:
await initStateRepo(conway, SANDBOX_AUTOMATON_DIR); // /root/.automatonBut in src/git/state-versioning.ts:79, commitStateChange resolves the path using the host's HOME:
const dir = resolveHome(AUTOMATON_DIR); // e.g. /home/ubuntu/.automatonSince the PR enforces that the Conway client always uses a sandbox (never local mode), conway.exec() runs commands in the remote sandbox. The path string /home/ubuntu/.automaton (or whatever the host HOME is) is sent to the sandbox as a shell command, but the git repo exists at /root/.automaton in the sandbox. This causes all post-init git operations (commitStateChange, commitSoulUpdate, commitSkillChange, commitConfigChange, getStateHistory) to target a non-existent directory.
Similarly, conway.writeFile(${dir}/.gitignore, gitignore) at src/git/state-versioning.ts:58 inside initStateRepo now correctly writes to /root/.automaton/.gitignore, but subsequent writeFile calls from commit functions would use the wrong path.
Impact: All git commit operations after self-modifications will fail silently or error, breaking the state versioning audit trail.
(Refers to line 79)
Prompt for agents
In src/git/state-versioning.ts, the functions commitStateChange (line 74), and getStateHistory (line 140) use resolveHome(AUTOMATON_DIR) which resolves to the host's HOME-based path. But initStateRepo now accepts a repoPath and the caller in src/index.ts passes SANDBOX_AUTOMATON_DIR (/root/.automaton). The fix should make all git operations use the same sandbox path. Options: (1) Import SANDBOX_AUTOMATON_DIR from src/conway/paths.ts and use it as the default directory in commitStateChange and getStateHistory instead of resolveHome(AUTOMATON_DIR), or (2) Accept an optional dir parameter in commitStateChange and getStateHistory similar to what was done for initStateRepo, and thread it through from callers. Option 1 is simpler and consistent with the PR's intent of always targeting the sandbox.
Was this helpful? React with 👍 or 👎 to provide feedback.
|
@vladimirwashere Please check @devin-ai-integration's review, will merge once resolved |
2 participants
Paths: Add src/conway/paths.ts with SANDBOX_HOME, SANDBOX_AUTOMATON_DIR, and resolveSandboxPath() for sandbox path resolution.
Provisioning: Add src/conway/sandbox-provision.ts with ensureSandbox() and syncStateToSandbox() to create or adopt a Conway sandbox and sync constitution, SOUL.md, and skills.
Client: Update src/conway/client.ts so writeFile/readFile resolve paths via resolveSandboxPath() when using the sandbox API.
Main flow: Update src/index.ts to auto-provision a sandbox when sandboxId is empty and conwayApiKey is set, then sync state and init git in the sandbox.
Git: Update src/git/state-versioning.ts so initStateRepo accepts an optional repoPath for sandbox state.
Tests: Add conway-paths.test.ts, sandbox-provision.test.ts, and state-versioning.test.ts.
Docs: Update ARCHITECTURE.md and DOCUMENTATION.md with sandbox auto-provisioning behavior and usage.