Skip to content

fix(shell): restart browser sidecar reliably via healthcheck + DinD isolation #140

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
skulidropek wants to merge 9 commits into
base: main
Choose a base branch
from
+1,714 −127
Open

fix(shell): restart browser sidecar reliably via healthcheck + DinD isolation #140

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
924b7fa
fix(shell): restart browser sidecar reliably via healthcheck + DinD i…
skulidropek Mar 15, 2026
9dda672
feat(api): add auth/state/scrap/sessions/mcp-playwright endpoints
skulidropek Mar 16, 2026
c9531d0
feat(app): add api-client HTTP module
skulidropek Mar 16, 2026
d91380a
feat(app): rewrite CLI program to use unified REST API
skulidropek Mar 16, 2026
c0cef75
fix(api): change auth status routes from GET to POST
skulidropek Mar 16, 2026
a7d99b6
feat(ssh): enable password auth out of the box
skulidropek Mar 16, 2026
ccb578e
feat(ssh): embed password in sshCommand via sshpass
skulidropek Mar 16, 2026
48e563e
Merge remote-tracking branch 'origin/main' into issue-137
skulidropek Mar 16, 2026
35fd964
sync
skulidropek Mar 16, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,14 +15,17 @@ RUN useradd -m -s /bin/bash dev
# sshd runtime dir
RUN mkdir -p /run/sshd

# Harden sshd: disable password auth and root login
# sshd: password auth enabled so users can connect without key setup
RUN printf "%s\n" \
"PasswordAuthentication no" \
"PasswordAuthentication yes" \
"PermitRootLogin no" \
"PubkeyAuthentication yes" \
"AllowUsers dev" \
> /etc/ssh/sshd_config.d/dev.conf

# Default password = username (works out of the box; key auth still accepted if authorized_keys provided)
RUN echo "dev:dev" | chpasswd
Comment on lines +18 to +27
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | 🏗️ Heavy lift

Security risk: SSH exposed with hardcoded weak credentials.

Lines 20 and 27 enable SSH password authentication with a hardcoded password (dev:dev). Combined with line 35 exposing port 22, this creates a container that can be accessed by anyone who knows or guesses the credentials.

Security implications:

  • Static analysis (Checkov CKV2_DOCKER_17) correctly flagged line 27 as a security concern.
  • If this container's SSH port is accessible on a network, it's vulnerable to brute-force or credential-stuffing attacks.
  • The password is visible in the Dockerfile, so anyone with repo access knows the credentials.

Recommendation:

  1. If this is dev-only and never exposed: Add a prominent comment explaining the security model and warning against network exposure.
  2. If this can be exposed: Switch to key-only auth by default, or generate a random password at runtime and require users to retrieve it via docker logs.
  3. Add SSH hardening: Consider fail2ban, rate limiting, or at minimum a strong password policy.
  4. Document the tradeoff: PR description mentions "reliably" bringing up the stack but doesn't discuss the security implications of password auth.
🧰 Tools
🪛 Checkov (3.2.528)

[medium] 27-27: Ensure that 'chpasswd' is not used to set or remove passwords

(CKV2_DOCKER_17)

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Dockerfile` around lines 18 - 27, Remove the hardcoded password and
password-based SSH auth in the Dockerfile: stop echoing "dev:dev" into chpasswd
and avoid enabling PasswordAuthentication in /etc/ssh/sshd_config.d/dev.conf;
instead configure PubkeyAuthentication-only by default (keep PermitRootLogin no
and AllowUsers dev), or implement a runtime-generated random password printed
via docker logs if you truly need password access for dev; also add a clear
comment near the sshd_config creation (sshd_config.d/dev.conf) stating
"dev-only, do not expose to network" if this remains for local development and
consider recommending additional hardening (e.g., fail2ban) in the PR
description.


# Workspace in dev home
RUN mkdir -p /home/dev/app && chown -R dev:dev /home/dev

Expand Down
17 changes: 16 additions & 1 deletion docker-compose.api.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,14 @@
services:
dind:
image: docker:27-dind
container_name: docker-git-dind
privileged: true
environment:
DOCKER_TLS_CERTDIR: ""
volumes:
- docker-git-dind-storage:/var/lib/docker
restart: unless-stopped
Comment on lines +2 to +10
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | 🏗️ Heavy lift

Don't replace the host socket with an unauthenticated privileged Docker daemon.

This removes /var/run/docker.sock, but it still gives the API container root-equivalent control over Docker through a plaintext tcp://dind:2375 daemon while dind is running privileged. That's still an unsafe control-plane boundary for production use. Prefer a private Unix socket share or TLS-enabled DinD, and avoid privileged: true unless you've exhausted safer options.

As per coding guidelines, "Reject PRs with unsafe Docker/GitHub Actions configuration such as privileged containers, broad host mounts, unbounded Docker socket access, unsafe pull_request_target, or unnecessary write permissions".

Also applies to: 22-22

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docker-compose.api.yml` around lines 2 - 10, The docker-compose service
"dind" currently runs privileged and exposes an unauthenticated daemon
(tcp://dind:2375) which grants root-equivalent control; replace this with a
safer pattern: stop using privileged: true and the plain DinD TCP socket, and
instead either (a) mount the host Docker socket into the API container as a
private Unix socket share, or (b) enable and require TLS for DinD by properly
setting DOCKER_TLS_CERTDIR and provisioning certificates so the API connects
over TLS only; update the "dind" service configuration and any API consumer code
to use the chosen secure socket method and remove plaintext tcp access.


api:
build:
context: .
Expand All @@ -9,9 +19,14 @@ services:
DOCKER_GIT_PROJECTS_ROOT: ${DOCKER_GIT_PROJECTS_ROOT:-/home/dev/.docker-git}
DOCKER_GIT_FEDERATION_PUBLIC_ORIGIN: ${DOCKER_GIT_FEDERATION_PUBLIC_ORIGIN:-}
DOCKER_GIT_FEDERATION_ACTOR: ${DOCKER_GIT_FEDERATION_ACTOR:-docker-git}
DOCKER_HOST: tcp://dind:2375
ports:
- "${DOCKER_GIT_API_BIND_HOST:-127.0.0.1}:${DOCKER_GIT_API_PORT:-3334}:${DOCKER_GIT_API_PORT:-3334}"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ${DOCKER_GIT_PROJECTS_ROOT_HOST:-/home/dev/.docker-git}:${DOCKER_GIT_PROJECTS_ROOT:-/home/dev/.docker-git}
depends_on:
- dind
restart: unless-stopped

volumes:
docker-git-dind-storage:
115 changes: 115 additions & 0 deletions packages/api/src/api/contracts.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -227,3 +227,118 @@ export type ApiEvent = {
readonly at: string
readonly payload: unknown
}

// Auth
export type AuthStatusResponse = { readonly message: string }

export type AuthGithubLoginRequest = {
readonly label?: string | null | undefined
readonly token?: string | null | undefined
readonly scopes?: string | null | undefined
readonly envGlobalPath: string
}

export type AuthGithubStatusRequest = {
readonly envGlobalPath: string
}

export type AuthGithubLogoutRequest = {
readonly label?: string | null | undefined
readonly envGlobalPath: string
}

export type AuthCodexLoginRequest = {
readonly label?: string | null | undefined
readonly codexAuthPath: string
}

export type AuthCodexStatusRequest = {
readonly label?: string | null | undefined
readonly codexAuthPath: string
}

export type AuthCodexLogoutRequest = {
readonly label?: string | null | undefined
readonly codexAuthPath: string
}

export type AuthClaudeLoginRequest = {
readonly label?: string | null | undefined
readonly claudeAuthPath: string
}

export type AuthClaudeStatusRequest = {
readonly label?: string | null | undefined
readonly claudeAuthPath: string
}

export type AuthClaudeLogoutRequest = {
readonly label?: string | null | undefined
readonly claudeAuthPath: string
}

// State
export type StateInitRequest = {
readonly repoUrl: string
readonly repoRef?: string | undefined
}

export type StateCommitRequest = {
readonly message: string
}

export type StateSyncRequest = {
readonly message?: string | null | undefined
}

export type StatePathResponse = { readonly path: string }

export type StateOutputResponse = { readonly output: string }

// Scrap
export type ScrapExportRequest = {
readonly projectDir: string
readonly archivePath?: string | undefined
}

export type ScrapImportRequest = {
readonly projectDir: string
readonly archivePath: string
readonly wipe?: boolean | undefined
}

// Sessions
export type SessionsListRequest = {
readonly projectDir: string
readonly includeDefault?: boolean | undefined
}

export type SessionsKillRequest = {
readonly projectDir: string
readonly pid: number
}

export type SessionsLogsRequest = {
readonly projectDir: string
readonly pid: number
readonly lines?: number | undefined
}

export type SessionsOutput = { readonly output: string }

// MCP Playwright
export type McpPlaywrightUpRequest = {
readonly projectDir: string
readonly runUp?: boolean | undefined
}

// Apply (project config)
export type ApplyRequest = {
readonly runUp?: boolean | undefined
readonly gitTokenLabel?: string | undefined
readonly codexTokenLabel?: string | undefined
readonly claudeTokenLabel?: string | undefined
readonly cpuLimit?: string | undefined
readonly ramLimit?: string | undefined
readonly enableMcpPlaywright?: boolean | undefined
}
101 changes: 101 additions & 0 deletions packages/api/src/api/schema.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,3 +86,104 @@ export const AgentLogLineSchema = Schema.Struct({
export type CreateProjectRequestInput = Schema.Schema.Type<typeof CreateProjectRequestSchema>
export type CreateAgentRequestInput = Schema.Schema.Type<typeof CreateAgentRequestSchema>
export type CreateFollowRequestInput = Schema.Schema.Type<typeof CreateFollowRequestSchema>

export const AuthGithubLoginRequestSchema = Schema.Struct({
label: Schema.optional(Schema.NullOr(Schema.String)),
token: Schema.optional(Schema.NullOr(Schema.String)),
scopes: Schema.optional(Schema.NullOr(Schema.String)),
envGlobalPath: Schema.String
})

export const AuthGithubStatusRequestSchema = Schema.Struct({
envGlobalPath: Schema.String
})

export const AuthGithubLogoutRequestSchema = Schema.Struct({
label: Schema.optional(Schema.NullOr(Schema.String)),
envGlobalPath: Schema.String
})

export const AuthCodexLoginRequestSchema = Schema.Struct({
label: Schema.optional(Schema.NullOr(Schema.String)),
codexAuthPath: Schema.String
})

export const AuthCodexStatusRequestSchema = Schema.Struct({
label: Schema.optional(Schema.NullOr(Schema.String)),
codexAuthPath: Schema.String
})

export const AuthCodexLogoutRequestSchema = Schema.Struct({
label: Schema.optional(Schema.NullOr(Schema.String)),
codexAuthPath: Schema.String
})

export const AuthClaudeLoginRequestSchema = Schema.Struct({
label: Schema.optional(Schema.NullOr(Schema.String)),
claudeAuthPath: Schema.String
})

export const AuthClaudeStatusRequestSchema = Schema.Struct({
label: Schema.optional(Schema.NullOr(Schema.String)),
claudeAuthPath: Schema.String
})

export const AuthClaudeLogoutRequestSchema = Schema.Struct({
label: Schema.optional(Schema.NullOr(Schema.String)),
claudeAuthPath: Schema.String
})

export const StateInitRequestSchema = Schema.Struct({
repoUrl: Schema.String,
repoRef: OptionalString
})

export const StateCommitRequestSchema = Schema.Struct({
message: Schema.String
})

export const StateSyncRequestSchema = Schema.Struct({
message: Schema.optional(Schema.NullOr(Schema.String))
})

export const ScrapExportRequestSchema = Schema.Struct({
projectDir: Schema.String,
archivePath: OptionalString
})

export const ScrapImportRequestSchema = Schema.Struct({
projectDir: Schema.String,
archivePath: Schema.String,
wipe: OptionalBoolean
})

export const SessionsListRequestSchema = Schema.Struct({
projectDir: Schema.String,
includeDefault: OptionalBoolean
})

export const SessionsKillRequestSchema = Schema.Struct({
projectDir: Schema.String,
pid: Schema.Number
})

export const SessionsLogsRequestSchema = Schema.Struct({
projectDir: Schema.String,
pid: Schema.Number,
lines: Schema.optional(Schema.Number)
})

export const McpPlaywrightUpRequestSchema = Schema.Struct({
projectDir: Schema.String,
runUp: OptionalBoolean
})

export const ApplyRequestSchema = Schema.Struct({
runUp: OptionalBoolean,
gitTokenLabel: OptionalString,
codexTokenLabel: OptionalString,
claudeTokenLabel: OptionalString,
cpuLimit: OptionalString,
ramLimit: OptionalString,
enableMcpPlaywright: OptionalBoolean
})
Loading
Loading