fix: align sandbox base tool staging

[ColeMurray]

Summary

• Factor repeated Modal image install snippets into provider-local helpers for OpenCode dependency staging and git credential helper setup.
• Normalize Daytona base snapshot tooling with pinned ttyd installation, /app/opencode-deps staging, and /root/.config/opencode seeding.
• Update Vercel bootstrap to use shell helper functions and seed global OpenCode deps, with focused coverage for the generated script.

Verification

• npm test -w @open-inspect/control-plane -- src/sandbox/providers/vercel/bootstrap.test.ts src/sandbox/providers/vercel/base-snapshot.test.ts
• npm run typecheck -w @open-inspect/control-plane
• python -m py_compile packages/modal-infra/src/images/base.py packages/daytona-infra/src/toolchain.py
• npx prettier --check packages/control-plane/src/sandbox/providers/vercel/bootstrap.ts packages/control-plane/src/sandbox/providers/vercel/bootstrap.test.ts

Notes

• pytest/python -m pytest and python -m ruff were unavailable in the shell environment before commit; the commit hook did run ruff check --fix and ruff format for the staged Modal Python file.
• Daytona normalization assumes its Debian-based image accepts the same direct upstream ttyd binary install used by Modal.

---

Created with Open-Inspect

Summary by CodeRabbit

• Tests

  • Added contract-style tests to ensure sandbox bootstrap and image build command generation includes the expected setup steps for OpenCode deps, git credential helper configuration, and ttyd installation.

• Refactor

  • Unified sandbox runtime toolchain setup so dependency staging, credential helper configuration, and ttyd installation are generated consistently across sandbox providers.
  • Restructured Vercel bootstrap script generation to use clearer, reusable command blocks.

• Chores

  • Pinned specific sandbox component versions (including ttyd) to ensure consistent runtime provisioning.

[coderabbitai]

📝 Walkthrough

Walkthrough

A canonical sandbox toolchain contract is introduced in packages/sandbox-runtime that pins OpenCode, code-server, agent-browser, and ttyd versions, and exports three helper functions returning shell command tuples. Modal and Daytona infra providers are refactored to import and wire these generators instead of duplicating inline commands. Vercel bootstrap is refactored to use named shell functions instead of inline commands. Tests validate the contract and Vercel bootstrap output.

Changes

Sandbox Toolchain Contract and Provider Integration

Layer / File(s)	Summary
Canonical sandbox toolchain contract with version constants and command generators packages/sandbox-runtime/src/sandbox_runtime/toolchain.py	Defines pinned versions for OpenCode (1.14.41), code-server (4.109.5), agent-browser (0.21.2), and ttyd (1.7.7) with SHA256 verification; exports opencode_deps_staging_commands(), ttyd_install_commands(), and git_credential_helper_commands() that return shell command tuples for reuse across providers.
Contract validation tests packages/sandbox-runtime/tests/test_toolchain_contract.py	Adds three test functions asserting that toolchain helpers return expected shell sequences: opencode deps staging with directory creation and npm install, git credential helper installation with system configuration, and ttyd binary download with checksum verification.
Modal infra: import and wire contract command generators packages/modal-infra/src/images/base.py	Imports OPENCODE_VERSION and three command generators from sandbox_runtime.toolchain; removes local version constants and inline command lists; wires generators into base image build via run_commands(*) expansion for opencode deps, ttyd install, and git credential helper setup.
Daytona infra: dynamic contract loader, version bump, and wiring packages/daytona-infra/src/toolchain.py	Adds load_toolchain_contract() that dynamically loads the contract at runtime via importlib.util; advances SANDBOX_VERSION to daytona-v3-opencode-deps-ttyd; refactors build_base_image() to invoke loaded contract helpers instead of hardcoded sequences; changes prepared directory from /app to /app/plugins.
Vercel bootstrap: extract shell functions and add tests packages/control-plane/src/sandbox/providers/vercel/bootstrap.ts, packages/control-plane/src/sandbox/providers/vercel/bootstrap.test.ts	Removes inline gitCredentialHelperCommand variable; adds install_git_credential_helper and stage_opencode_deps shell functions to the emitted bootstrap script; updates invocation order; adds Vitest suite asserting the generated script contains expected git credential and OpenCode setup commands.

Sequence Diagram(s)

sequenceDiagram
    participant Provider as Provider (Modal/Daytona)
    participant ToolchainContract as sandbox_runtime.toolchain
    participant CommandGen as Command Generators
    participant ImageBuild as Base Image Build
    Provider->>ToolchainContract: import/load contract
    ToolchainContract->>CommandGen: expose opencode_deps, ttyd, git_credential helpers
    ImageBuild->>CommandGen: invoke opencode_deps_staging_commands()
    CommandGen-->>ImageBuild: return tuple of shell commands
    ImageBuild->>CommandGen: invoke ttyd_install_commands()
    CommandGen-->>ImageBuild: return tuple with download/verify/install
    ImageBuild->>CommandGen: invoke git_credential_helper_commands()
    CommandGen-->>ImageBuild: return tuple with wrapper + git config
    ImageBuild->>ImageBuild: splice all tuples via run_commands(*)

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• ColeMurray/background-agents#790: Implements sandbox initialization logic that consumes the staged OpenCode dependencies centralized by this PR's opencode_deps_staging_commands() contract.

Suggested reviewers

• open-inspect

Poem

🐇 A toolchain contract, shiny and bright,
Shared versions pinned, dependencies tight!
Modal and Daytona now call the same song,
Vercel hops in with shell functions strong.
No more inline chaos, just helpers so keen,
The cleanest sandbox runtime ever seen! 🎉

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 63.64% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix: align sandbox base tool staging' directly describes the main objective of consolidating and normalizing sandbox tool staging across infrastructure providers.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/sandbox-base-tool-staging

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[github-actions]

Terraform Validation Results

Step	Status
Format	✅
Init	✅
Validate	✅

Note: Terraform plan was skipped because secrets are not configured. This is expected for external contributors. See docs/GETTING_STARTED.md for setup instructions.

Pushed by: @ColeMurray, Action: pull_request

[open-inspect]

Summary

Reviewed PR #816, fix: align sandbox base tool staging, by @ColeMurray. The changes factor repeated sandbox image/bootstrap commands into local helpers, align Daytona staging with Modal/Vercel, and add focused Vercel bootstrap coverage.

Files changed: 4, +118/-45.

Critical Issues

None found.

Suggestions

None blocking.

Nitpicks

None.

Positive Feedback

• The helper extraction keeps the generated image/bootstrap command sequences easier to compare across providers without changing their behavior.
• Daytona now gets the same pinned ttyd install and OpenCode dependency staging path as the other sandbox bases.
• The new bootstrap test covers the key generated-script invariants for git credential helper installation and OpenCode dependency staging.

Verification

• npm test -w @open-inspect/control-plane -- src/sandbox/providers/vercel/bootstrap.test.ts src/sandbox/providers/vercel/base-snapshot.test.ts: 2 files passed, 4 tests passed.
• npm run typecheck -w @open-inspect/control-plane: passed.
• python -m py_compile packages/modal-infra/src/images/base.py packages/daytona-infra/src/toolchain.py: passed.

Verdict

Approve.

[open-inspect]

Deep maintainability review complete.

[open-inspect]

[deep review] This is the main structural regression in the PR: the change is trying to align Modal, Daytona, and Vercel base tooling, but it does that by creating provider-local copies of the same shell contract (/app/opencode-deps layout, global config seeding, credential-helper shim, ttyd pinning). That makes the code look cleaner inside each file while preserving the real drift problem across three providers. Can we make the sandbox toolchain contract canonical instead, then have each provider consume it? For example, move the shared install snippets/manifests behind a small sandbox-runtime/toolchain module or checked-in shell assets, and keep provider code responsible only for execution mechanics (sudo/image API differences). Otherwise the next OpenCode/ttyd/credential-helper bump still has to be discovered and kept in sync manually in multiple layers.

[open-inspect]

Addressed in 8ad3e5d.

Finding: applicable for the Python providers. I moved the sandbox toolchain contract into sandbox_runtime.toolchain so Modal imports the canonical versions/install command builders directly, and Daytona loads the same module from the repo checkout passed to its snapshot builder. I did not make Vercel consume that Python module or a checked-in shell asset because bootstrap.ts is imported from Worker-bundled control-plane code and the original constraint was to avoid Node-only fs/runtime dependencies in that path. Vercel remains local execution mechanics, with the contract now covered by assertions in the bootstrap test.

[open-inspect]

[deep review] This test locks in the helper names and exact string fragments rather than the sandbox bootstrap contract. That makes the new provider-local abstraction harder to change without giving much confidence that the generated script remains valid or aligned with Modal/Daytona. Can we test the contract instead: the generated script installs the credential helper with the expected Python entrypoint, writes the OpenCode package manifest with the pinned version, stages /app/opencode-deps, and seeds /root/.config/opencode? Even a small parser/snapshot of the generated commands would be a stronger boundary than asserting function names.

[open-inspect]

Addressed in 8ad3e5d.

Finding: applicable. I rewrote the Vercel bootstrap test to assert the generated sandbox contract instead of helper function names: credential-helper entrypoint and system git config, the pinned OpenCode package manifest, /app/opencode-deps staging, /root/.config/opencode seeding, and sandbox-runtime editable install presence. I also added packages/sandbox-runtime/tests/test_toolchain_contract.py for the new canonical Python contract used by Modal/Daytona.

[github-actions]

Terraform Validation Results

Step	Status
Format	✅
Init	✅
Validate	✅

Note: Terraform plan was skipped because secrets are not configured. This is expected for external contributors. See docs/GETTING_STARTED.md for setup instructions.

Pushed by: @open-inspect[bot], Action: pull_request

[coderabbitai]

🧹 Nitpick comments (2)

packages/daytona-infra/src/toolchain.py (1)

71-71: 📐 Maintainability & Code Quality | 🔵 Trivial

Pin zod version or add explanatory comments.

The unpinned zod install on line 71 is not unique to daytona-infra—it also appears identically in packages/modal-infra/src/images/base.py:112 and packages/control-plane/src/sandbox/providers/vercel/bootstrap.ts:58. Modal-infra documents why the global install is needed ("This ensures tools can import the plugin without needing to run bun add"), but daytona-infra does not. Either add a similar justification comment to daytona-infra, or consolidate the pinned version of zod across all providers to prevent uncontrolled drift during bootstrap.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/daytona-infra/src/toolchain.py` at line 71, The npm install command
installing zod without a pinned version can cause uncontrolled version drift
across providers. In the toolchain.py file where the npm install command is
defined, either add an explanatory comment (similar to the one documented in
modal-infra's base.py that explains why the global install is needed for tools
to import the plugin without running bun add) or update the zod package
specification to include a specific version number that matches the pinned
versions used consistently across other providers like modal-infra and
control-plane.

packages/control-plane/src/sandbox/providers/vercel/bootstrap.test.ts (1)

5-31: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Consider validating that helper functions are invoked.

The test verifies that install_git_credential_helper and stage_opencode_deps function bodies contain expected commands, but doesn't validate that these functions are actually called in the script. Per the context snippet, these are invoked near the end of the generated script, which is critical for the toolchain to be installed.

✅ Suggested addition to validate function invocations

     expect(script).toContain("sudo cp -a /app/opencode-deps/. /root/.config/opencode/");
 
+    // Verify the helper functions are actually called
+    expect(script).toContain("install_git_credential_helper");
+    expect(script).toContain("stage_opencode_deps");
+
     expect(script).toContain(
       "sudo /usr/bin/python3.12 -m pip install --break-system-packages -e packages/sandbox-runtime"
     );

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/control-plane/src/sandbox/providers/vercel/bootstrap.test.ts` around
lines 5 - 31, The test for buildVercelBootstrapScript validates that individual
commands exist in the generated script, but it doesn't verify that the helper
functions install_git_credential_helper and stage_opencode_deps are actually
invoked. Add additional expect statements to the test that check for the actual
function calls being present in the script, ensuring these critical helper
functions are being executed as part of the bootstrap process.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@packages/control-plane/src/sandbox/providers/vercel/bootstrap.test.ts`:
- Around line 5-31: The test for buildVercelBootstrapScript validates that
individual commands exist in the generated script, but it doesn't verify that
the helper functions install_git_credential_helper and stage_opencode_deps are
actually invoked. Add additional expect statements to the test that check for
the actual function calls being present in the script, ensuring these critical
helper functions are being executed as part of the bootstrap process.

In `@packages/daytona-infra/src/toolchain.py`:
- Line 71: The npm install command installing zod without a pinned version can
cause uncontrolled version drift across providers. In the toolchain.py file
where the npm install command is defined, either add an explanatory comment
(similar to the one documented in modal-infra's base.py that explains why the
global install is needed for tools to import the plugin without running bun add)
or update the zod package specification to include a specific version number
that matches the pinned versions used consistently across other providers like
modal-infra and control-plane.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 14eeba72-a1e5-415a-8af2-e777923216eb

📥 Commits

Reviewing files that changed from the base of the PR and between 931c759 and 8ad3e5d.

📒 Files selected for processing (5)

• packages/control-plane/src/sandbox/providers/vercel/bootstrap.test.ts
• packages/daytona-infra/src/toolchain.py
• packages/modal-infra/src/images/base.py
• packages/sandbox-runtime/src/sandbox_runtime/toolchain.py
• packages/sandbox-runtime/tests/test_toolchain_contract.py

🚧 Files skipped from review as they are similar to previous changes (1)

• packages/modal-infra/src/images/base.py