feat(cli): expose --disk-size / --network / --entrypoint flags#620
Open
G4614 wants to merge 2 commits into
Open
feat(cli): expose --disk-size / --network / --entrypoint flags#620G4614 wants to merge 2 commits into
G4614 wants to merge 2 commits into
Conversation
Adds the `--disk-size <GB>` CLI flag for `boxlite run` (and any
subcommand that flattens `ResourceFlags`), wired straight into
`BoxOptions.disk_size_gb`. The field already existed end-to-end
in the runtime (`src/boxlite/src/runtime/options.rs:324` →
`src/boxlite/src/litebox/init/tasks/container_rootfs.rs::create_cow_disk`
sizes the COW overlay to `max(user_size, base_image_size)`) but was
only reachable via the REST API. CLI users had no way to grow the
writable rootfs past the base image, which is fine for one-shot
workloads but immediately ENOSPCs for anything that pulls multiple
images, runs `apt install`, builds wheels, or otherwise writes more
than a few hundred MB inside the box.
The motivating consumer is the agent-workflow dind integration
tests added in a follow-up commit — they need 5-10 GB of in-box
disk for sequential `docker pull`s, named-volume writes, and
container-lifecycle scratch. Without this flag those tests would
silently fail mid-pull and the breakage would look like a flaky
registry, not a missing size declaration.
Two new lib unit tests pin:
- `--disk-size 10` reaches `BoxOptions.disk_size_gb`
verbatim through `ResourceFlags::apply_to`
- omitting the flag leaves `disk_size_gb = None`, preserving
the documented "size to base image" default and guarding
against a refactor that injects a fallback (`unwrap_or(N)`)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Two more runtime knobs that were reachable over REST/SDK but had no CLI
flag, wired the same plumbing-only way as --disk-size:
- `--network <enabled|disabled>` + `--allow-net <HOST>` (repeatable):
builds NetworkConfig{mode, allow_net} → NetworkSpec::try_from, exactly
mirroring the REST build_box_options mapping (single source of truth,
including the disabled+allow_net rejection). `--network disabled` gives
a no-eth0 box; `--allow-net` sets an egress allowlist (implies enabled).
- `--entrypoint <EXEC>`: overrides the image entrypoint as a single-token
argv → BoxOptions.entrypoint, which container_rootfs applies as
config.entrypoint. Mirrors `docker run --entrypoint`.
Both run and create get the flags (NetworkFlags flattened in each;
entrypoint via ProcessFlags for run and a standalone arg for create).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
G4614
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds three
boxlite run/createflags that the runtime and REST API already supported but the CLI never exposed.--disk-size <GB>--network <enabled|disabled>+--allow-net <HOST>(repeatable)--entrypoint <EXEC>Both
runandcreateget all three.Test plan
10 unit tests on the flag →
BoxOptionsplumbing (src/cli/src/cli.rs), each crossing the realapply_toboundary (value comes from the flag struct, not the assertion):--disk-size..._plumbed(Some(10)verbatim),..._default_unset(None)--network/--allow-net..._default_left_untouched,..._disabled,..._allow_net_implies_enabled,..._disabled_with_allow_net_is_rejected,..._invalid_mode_is_rejected--entrypoint..._override(Some(vec!["/bin/bash"])),..._default_none(None)Verification (this host):
cargo nextest run -p boxlite-cli -E 'test(network_flags) or test(entrypoint) or test(resource_flags) or test(disk_size)'— 10 passed.make clibuilds clean;make fmt:check:rust+cargo clippy -p boxlite-cli --bins --testsclean.Before, these knobs were REST/SDK-only; after,
boxlite run/createexpose them with the same validation as the REST path.