OpenHands icon indicating copy to clipboard operation
OpenHands copied to clipboard
verified publisher icon All-Hands-AI

Get RUN_AS_DEVIN working with app sandbox

Open xingyaoww opened this issue 1 year ago • 3 comments

The reason why RUN_AS_DEVIN was not working properly is that SANDBOX_USER_ID is not properly setted up. os.getpid() from the app container will return UID=0, which creates the issue of https://github.com/OpenDevin/OpenDevin/issues/936.

This PR fix:

  • Allowing RUN_AS_DEVIN with app container. The caveat is that the user need to pass-in their UID when starting the app container. I have updated the readme accordingly
docker run \
    -e LLM_API_KEY \
    -e WORKSPACE_MOUNT_PATH=$WORKSPACE_BASE \
    -v $WORKSPACE_BASE:/opt/workspace_base \
    -e SANDBOX_USER_ID=$(id -u) \
    -v /var/run/docker.sock:/var/run/docker.sock \
    -p 4000:3000 \
    --add-host host.docker.internal=host-gateway \
    ghcr.io/opendevin/opendevin:latest
  • Make SANDBOX_USER_ID consistent: the app will run with a user with UID of SANDBOX_USER_ID, which won't cause a permission issue in writing to workspace; the sandbox will run with a UID of SANDBOX_USER_ID as well.

xingyaoww avatar Apr 28 '24 08:04 xingyaoww

Seems integration tests have captured a bug?https://github.com/OpenDevin/OpenDevin/actions/runs/8866160837/job/24343257827?pr=1426#step:6:66:

chmod: changing permissions of 'hello.sh': Operation not permitted

li-boxuan avatar Apr 28 '24 08:04 li-boxuan

Good catch! Seems like a mounting issue, already pushed a fix see if we can pass that https://github.com/moby/moby/issues/2259#issuecomment-51535443

xingyaoww avatar Apr 28 '24 08:04 xingyaoww

Codecov Report

Attention: Patch coverage is 66.66667% with 2 lines in your changes are missing coverage. Please review.

:exclamation: No coverage uploaded for pull request base (main@31c1a2d). Click here to learn what that means.

:exclamation: Current head b4d74c6 differs from pull request most recent head ec8e5ca. Consider uploading reports for the commit ec8e5ca to get more accurate results

Files Patch % Lines
opendevin/sandbox/docker/ssh_box.py 66.66% 2 Missing :warning:

:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1426   +/-   ##
=======================================
  Coverage        ?   58.46%           
=======================================
  Files           ?       82           
  Lines           ?     3431           
  Branches        ?        0           
=======================================
  Hits            ?     2006           
  Misses          ?     1425           
  Partials        ?        0

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

codecov-commenter avatar Apr 30 '24 04:04 codecov-commenter

Thanks for doing this!

rbren avatar Apr 30 '24 16:04 rbren