hive-mind/Dockerfile.dind at main · link-assistant/hive-mind · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
# Hive Mind Docker-in-Docker image
# Inherits from konard/box-dind so agents can run Docker-based tests inside the
# Hive Mind container while the existing konard/hive-mind image remains unchanged.
#
# Runtime:
#   docker run --rm --privileged konard/hive-mind-dind:latest docker ps
#   docker run --rm --runtime=sysbox-runc konard/hive-mind-dind:latest docker ps
#
# Box image version: pinned to a specific release for stable, reproducible builds.
# To upgrade: update the dind version tag below.
# Box 2.3.1 includes the host-image passthrough allowlist used by the issue #1879 runbook.
# Latest Box releases: https://github.com/link-foundation/box/releases

FROM konard/box-dind:2.3.1
ARG HIVE_MIND_VERSION=latest

# --- Environment variables ---
ENV HOME=/home/box
ENV HIVE_MIND_IMAGE_VARIANT=dind
# Prefer compatibility for nested Docker. overlay2 can fail on common
# overlay-backed hosts; users can override this to overlay2 or fuse-overlayfs.
ENV DIND_STORAGE_DRIVER="vfs"
ENV NVM_DIR="/home/box/.nvm"
ENV PYENV_ROOT="/home/box/.pyenv"
ENV BUN_INSTALL="/home/box/.bun"
ENV DENO_INSTALL="/home/box/.deno"
ENV CARGO_HOME="/home/box/.cargo"
ENV GOROOT="/home/box/.go"
ENV GOPATH="/home/box/.go/path"
ENV SDKMAN_DIR="/home/box/.sdkman"
ENV PERLBREW_ROOT="/home/box/.perl5"
ENV RBENV_ROOT="/home/box/.rbenv"

# Quiet, deterministic Claude Code defaults for autonomous solve runs (issue #1642)
ENV CLAUDE_CODE_DISABLE_AUTO_MEMORY=1 \
    CLAUDE_CODE_DISABLE_CRON=1 \
    CLAUDE_CODE_DISABLE_TERMINAL_TITLE=1 \
    CLAUDE_CODE_DISABLE_CLAUDE_MDS=1 \
    CLAUDE_CODE_DISABLE_FAST_MODE=1 \
    CLAUDE_CODE_DISABLE_FEEDBACK_SURVEY=1 \
    CLAUDE_CODE_DISABLE_MOUSE=1 \
    CLAUDE_CODE_ENABLE_AWAY_SUMMARY=0 \
    CLAUDE_CODE_ENABLE_TASKS=1 \
    CLAUDE_CODE_MAX_TOOL_USE_CONCURRENCY=4 \
    CLAUDE_CODE_RESUME_INTERRUPTED_TURN=1 \
    DISABLE_FEEDBACK_COMMAND=1

ENV OPAM_SWITCH_PREFIX="/home/box/.opam/default"
ENV CAML_LD_LIBRARY_PATH="/home/box/.opam/default/lib/stublibs:/home/box/.opam/default/lib/ocaml/stublibs:/home/box/.opam/default/lib/ocaml"
ENV OCAML_TOPLEVEL_PATH="/home/box/.opam/default/lib/toplevel"

ENV PATH="/home/linuxbrew/.linuxbrew/opt/php@8.3/bin:/home/linuxbrew/.linuxbrew/opt/php@8.3/sbin:/home/linuxbrew/.linuxbrew/bin:/home/box/.pyenv/bin:/home/box/.pyenv/shims:/home/box/.rbenv/bin:/home/box/.rbenv/shims:/home/box/.swift/usr/bin:/home/box/.elan/bin:/home/box/.opam/default/bin:/home/box/.local/bin:/home/box/.cargo/bin:/home/box/.deno/bin:/home/box/.bun/bin:/home/box/.go/bin:/home/box/.go/path/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

USER box
WORKDIR /home/box

RUN NODE_VERSION_DIR=$(ls -d /home/box/.nvm/versions/node/v* 2>/dev/null | head -1) && \
    if [ -n "$NODE_VERSION_DIR" ] && [ -d "$NODE_VERSION_DIR/bin" ]; then \
      ln -sf "$NODE_VERSION_DIR/bin" /home/box/.node-bin; \
    fi

ENV PATH="/home/box/.node-bin:${PATH}"

# The Box full image includes the Rocq/Coq opam switch data. Keep an explicit
# opam binary in ~/.local/bin so verification and interactive use are stable.
RUN mkdir -p /home/box/.local/bin && \
    ARCH="$(uname -m)" && \
    case "$ARCH" in \
      x86_64)  OPAM_ARCH="x86_64" ;; \
      aarch64) OPAM_ARCH="arm64" ;; \
      *)       OPAM_ARCH="$ARCH" ;; \
    esac && \
    OPAM_TAG=$(curl -fsSIL -o /dev/null -w '%{url_effective}' https://github.com/ocaml/opam/releases/latest | sed 's|.*/||') && \
    curl -fsSL "https://github.com/ocaml/opam/releases/download/${OPAM_TAG}/opam-${OPAM_TAG}-${OPAM_ARCH}-linux" -o /home/box/.local/bin/opam && \
    chmod +x /home/box/.local/bin/opam

RUN curl -fsSL https://claude.ai/install.sh -o /tmp/claude-code-install.sh && \
    bash /tmp/claude-code-install.sh && \
    rm /tmp/claude-code-install.sh && \
    claude --version

RUN bun install -g @openai/codex && \
    bun install -g @qwen-code/qwen-code && \
    bun install -g @google/gemini-cli && \
    bun install -g @github/copilot && \
    bun install -g opencode-ai

RUN echo "Installing @link-assistant/hive-mind@${HIVE_MIND_VERSION}" && \
    bun install -g "@link-assistant/hive-mind@${HIVE_MIND_VERSION}" && \
    if [ "${HIVE_MIND_VERSION}" != "latest" ]; then \
      test "$(hive --version)" = "${HIVE_MIND_VERSION}"; \
    fi && \
    bun install -g @link-assistant/claude-profiles && \
    bun install -g @link-assistant/agent && \
    bun install -g start-command && \
    bun install -g gh-setup-git-identity && \
    bun install -g gh-pull-all && \
    bun install -g gh-load-issue && \
    bun install -g gh-load-pull-request && \
    bun install -g gh-upload-log@latest

RUN npm install -g @playwright/mcp@latest --no-fund --force

RUN playwright --version && \
    npx --no-install @playwright/mcp --help | grep -q -- '--headless'

RUN if command -v claude &>/dev/null; then \
      claude mcp add playwright -s user -- npx -y @playwright/mcp@latest --isolated --headless --no-sandbox --timeout-action=600000 --viewport-size 1920x1080; \
    fi

RUN if command -v codex &>/dev/null; then \
      codex mcp add playwright -- npx -y @playwright/mcp@latest --isolated --headless --no-sandbox --timeout-action=600000 --viewport-size 1920x1080; \
    fi

RUN if command -v claude >/dev/null 2>&1; then \
      CLAUDE_MCP_OUTPUT="$(claude mcp list 2>&1)" && \
      echo "$CLAUDE_MCP_OUTPUT" && \
      echo "$CLAUDE_MCP_OUTPUT" | grep -Eiq 'playwright.*(connected|enabled)' && \
      ! echo "$CLAUDE_MCP_OUTPUT" | grep -Eiq 'playwright.*(pending|disabled|failed|error|disconnected|not[-_[:space:]]+connected|unavailable|timed[-_[:space:]]+out|(^|[^[:alnum:]_-])timeout($|[^[:alnum:]_-]))'; \
    fi && \
    if command -v codex >/dev/null 2>&1; then \
      CODEX_MCP_OUTPUT="$(codex mcp list 2>&1)" && \
      echo "$CODEX_MCP_OUTPUT" && \
      echo "$CODEX_MCP_OUTPUT" | grep -Eiq 'playwright.*(connected|enabled)' && \
      ! echo "$CODEX_MCP_OUTPUT" | grep -Eiq 'playwright.*(pending|disabled|failed|error|disconnected|not[-_[:space:]]+connected|unavailable|timed[-_[:space:]]+out|(^|[^[:alnum:]_-])timeout($|[^[:alnum:]_-]))'; \
    fi

RUN mkdir -p /home/box/.claude && \
    if [ "${HIVE_MIND_VERSION}" != "latest" ]; then \
      configure-claude --settings-path /home/box/.claude/settings.json && \
      configure-claude --settings-path /home/box/.claude/settings.json --verify; \
    elif command -v configure-claude >/dev/null 2>&1; then \
      configure-claude --settings-path /home/box/.claude/settings.json && \
      configure-claude --settings-path /home/box/.claude/settings.json --verify; \
    else \
      echo "configure-claude not present in @link-assistant/hive-mind@latest yet (likely a PR build before the bin is published); skipping baseline - solve re-applies it at runtime"; \
    fi