Skip to content

[chore] Add Codex on E2B sandbox#5050

Draft
junaway wants to merge 1 commit into
chore/add-harness-codexfrom
chore/add-codex-e2b
Draft

[chore] Add Codex on E2B sandbox#5050
junaway wants to merge 1 commit into
chore/add-harness-codexfrom
chore/add-codex-e2b

Conversation

@junaway

@junaway junaway commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Context

With Codex working locally and E2B established as a sandbox provider (in the sibling chore/add-sandbox-e2b branch, built for Pi), Codex needed its own E2B-side wiring: auth-file upload, provider options, and MCP relay support.

Changes

Adds Codex E2B asset prep and auth upload in e2b.ts, extends provider.ts and run-plan.ts for the Codex x E2B combination, and carries forward the mcp.ts/workspace.ts/usage.ts E2B plumbing needed for a second harness to reuse the same sandbox provider.

Tests / notes

  • New coverage: sandbox-agent-codex-e2b.test.ts, plus updates to sandbox-agent-e2b-provider.test.ts, sandbox-agent-e2b-run-plan.test.ts, sandbox-agent-workspace.test.ts.
  • Base is chore/add-harness-codex, not big-agents. This branch was developed in parallel with chore/add-sandbox-e2b; expect the E2B plumbing here to converge with that branch's canonical version during the merge pass.
  • Codex-on-E2B runs with tools will hit the loud-refuse gate from chore/add-remote-tools-gate until the relay-client shim lands.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings July 2, 2026 21:42
@dosubot dosubot Bot added the size:XL This PR changes 500-999 lines, ignoring generated files. label Jul 2, 2026
@vercel

vercel Bot commented Jul 2, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
agenta-documentation Ready Ready Preview, Comment Jul 2, 2026 9:42pm

Request Review

@coderabbitai

coderabbitai Bot commented Jul 2, 2026

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 77ea73f5-f076-41be-9b6d-8782d482a5f5

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch chore/add-codex-e2b

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@dosubot dosubot Bot added the Backend label Jul 2, 2026
@jp-agenta jp-agenta marked this pull request as draft July 2, 2026 21:44

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds E2B as a supported remote sandbox backend for the services/runner sandbox-agent engine, with specific wiring for running the Codex harness inside E2B (including credential provisioning) and ensuring remote-tool delivery works via the existing file-relay approach.

Changes:

  • Add E2B sandbox support to run-plan normalization and provider selection (including timeout leak-backstop behavior).
  • Extend sandbox-agent orchestration for “remote sandbox” semantics (workspace prep via sandbox FS API, MCP loopback gating, usage reading, tool relay host selection).
  • Add focused unit tests for E2B run-plan/provider behavior and codex-on-E2B asset/auth provisioning, plus design docs for the workflow.

Reviewed changes

Copilot reviewed 20 out of 21 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
services/runner/src/engines/sandbox_agent/provider.ts Adds sandbox-agent/e2b provider wiring and E2B timeout/env option construction.
services/runner/src/engines/sandbox_agent/run-plan.ts Introduces isE2B + isRemoteSandbox, E2B cwd/relay-dir behavior, and E2B network-policy refusal.
services/runner/src/engines/sandbox_agent/e2b.ts New E2B asset/credential upload helpers for Pi and Codex.
services/runner/src/engines/sandbox_agent/workspace.ts Generalizes remote sandbox workspace materialization via sandbox FS API + adds harnessFiles path traversal guard.
services/runner/src/engines/sandbox_agent/mcp.ts Adds isRemote to gate internal loopback MCP channel for any remote sandbox (Daytona/E2B).
services/runner/src/engines/sandbox_agent/usage.ts Renames isDaytonaisRemote and reads usage via sandbox FS API for remote runs.
services/runner/src/engines/sandbox_agent/pi-assets.ts Switches local-Pi asset prep gate from isDaytona to isRemoteSandbox.
services/runner/src/engines/sandbox_agent.ts Orchestrates E2B asset prep + codex auth upload, remote workspace cleanup gating, MCP/tool relay/usage updates.
services/runner/tests/unit/session-mcp-layering.test.ts Updates MCP layering tests for the new isRemote input.
services/runner/tests/unit/sandbox-agent-workspace.test.ts Updates for isRemoteSandbox and adds E2B FS API + path-traversal test coverage.
services/runner/tests/unit/sandbox-agent-usage.test.ts Updates usage tests for the new isRemote parameter.
services/runner/tests/unit/sandbox-agent-run-plan.test.ts Adds assertions for the new isRemoteSandbox field.
services/runner/tests/unit/sandbox-agent-e2b-run-plan.test.ts New unit tests for E2B-specific plan normalization and network refusal behavior.
services/runner/tests/unit/sandbox-agent-e2b-provider.test.ts New unit tests for E2B provider options + timeout clamping behavior.
services/runner/tests/unit/sandbox-agent-codex-e2b.test.ts New unit tests for Codex auth provisioning into E2B (managed + self-managed modes).
services/runner/package.json Adds @e2b/code-interpreter dependency needed by the E2B provider.
services/runner/pnpm-lock.yaml Lockfile updates for the new E2B dependency chain.
api/oss/src/utils/env.py Adds API-side env wiring for E2B configuration (E2B_API_KEY, E2B_TEMPLATE).
docs/design/agent-workflows/projects/add-codex-e2b/tasks.md New design tasks doc for the Codex-on-E2B effort.
docs/design/agent-workflows/projects/add-codex-e2b/specs.md New design spec doc describing E2B provider options and credential provisioning.
docs/design/agent-workflows/projects/add-codex-e2b/research.md New research notes + merge overlap notes for the sibling E2B branch.
Files not reviewed (1)
  • services/runner/pnpm-lock.yaml: Generated file

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +130 to +134
return {
envs: { ...piExtEnv, ...secrets },
timeoutMs: e2bTimeoutMs(),
autoPause: true,
};
Comment on lines +40 to +42
3. `credentialMode === "env"`: use the resolved key. `credentialMode === "runtime_provided"`:
skip the upload (codex uses its own login, which is NOT uploaded to E2B — no
`shouldUploadOwnLogin` analogue for codex on E2B).
Comment on lines +12 to +14
- `services/agent/src/engines/sandbox_agent/provider.ts` — add `import { e2b } from
"sandbox-agent/e2b"`, `DEFAULT_E2B_TIMEOUT_MS`, `e2bTimeoutMs()`, `buildE2bCreate()`,
and the `sandboxId === "e2b"` branch in `buildSandboxProvider`.
Comment on lines +63 to +67
| `services/agent/src/engines/sandbox_agent/e2b.ts` | Both branches add this file. The sibling branch's version covers Pi only; this version adds `uploadCodexAuthToE2bSandbox`. Merge: combine into one file. |
| `services/agent/src/engines/sandbox_agent/provider.ts` | Both add `buildE2bCreate`, `e2bTimeoutMs`, `DEFAULT_E2B_TIMEOUT_MS`, and the `e2b` branch in `buildSandboxProvider`. The implementations are identical. |
| `services/agent/src/engines/sandbox_agent/run-plan.ts` | Both add `isE2b`, `E2B_NETWORK_UNSUPPORTED_MESSAGE`, `defaultE2bCwd`, `createE2bCwd` dep. Identical. |
| `services/agent/src/engines/sandbox_agent/usage.ts` | Both rename `isDaytona` → `isRemote` in `readRunUsage` and add `isE2b?` to `resolveRunUsage`. Identical. |
| `services/agent/src/engines/sandbox_agent.ts` | Both add `isE2b` branches for workspace cleanup, MCP, piExtEnv, emitSpans, tool-relay, swallowed-error. This branch additionally gates the local codex auth write on `!isE2b` and adds the E2B codex auth upload. |

- `credentialMode === "env"` (managed key): `OPENAI_API_KEY` is in `plan.secrets`; the
daemon env is cleared then the key applied. The auth.json upload uses the resolved key.
- `credentialMode === "runtime_provided"`: the codex CLI uses its own login; no key upload.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Backend size:XL This PR changes 500-999 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants