docs: add shell environment customization to kit examples#25374
Open
dvdksn wants to merge 2 commits into
Open
Conversation
✅ Deploy Preview for docsdocker ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
dvdksn
force-pushed
the
worktree-kit-shell-env-example
branch
from
7b61ef4 to
b2bd1d6
Compare
Show how to source a tool's init script as part of a kit so its command lands on PATH in every shell, using nvm as a worked example. nvm installs cleanly in a default sandbox (reachable egress, no extra packages), so the snippet works as copy-pasted. Append to /etc/sandbox-persistent.sh — the sandbox's established persistent environment file, sourced for both interactive and non-interactive shells — to match the convention documented in the FAQ for custom environment variables, and cross-link it. Also document install-command gotchas that apply to any download-based kit: deny-by-default egress can silently block downloads, curl | bash masks those failures (exits 0), install steps run under sh not bash, and some tools need base packages such as zip/unzip. Add nvm to the Vale vocabulary. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The Docker.Exclamation rule flags any word followed by an exclamation point in bare prose, which trips on product names that legitimately end in '!' such as SDKMAN!. Link text and code are already exempt via IgnoredScopes, but bare-prose mentions were not. Add an exceptions list, matched against the word preceding the '!', so genuine exclamations are still caught while listed product names pass. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
dvdksn
force-pushed
the
worktree-kit-shell-env-example
branch
from
4156cfa to
77a349b
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The kit examples page covered tool installation and credential injection but never showed how to customize the shell environment — sourcing a tool's init script so its command lands on
PATHin every shell. This adds a "Customize the shell environment" section, documents install-command gotchas that apply to any download-based kit, and fixes a Vale rule that tripped on product names ending in!.Two commits:
docs: add shell environment customization to kit examples
/etc/sandbox-persistent.sh— the sandbox's persistent environment file, sourced for both interactive and non-interactive shells — matching the FAQ convention for custom env vars, and cross-links it.curl … | bashmasks those failures (exits0, sandbox reports success while nothing installed); install steps run undersh, not bash; some tools need base packages such aszip/unzip.get.sdkman.ioegress + missingzip/unzip). Those failure modes are now documented as general install-command guidance, with sdkman as the illustration.vale: exempt product names ending in '!' from Docker.Exclamation
Docker.Exclamationflags any word followed by!in bare prose, tripping on product names like SDKMAN!. Link text and code were already exempt viaIgnoredScopes, but bare prose was not. Added anexceptionslist (matched against the word before the!) so genuine exclamations are still caught.Learnings
/etc/sandbox-persistent.shis the canonical persistence point for shell env in sandboxes — sourced before every bash invocation (interactive and non-interactive), so it reaches agents started with bothsbx runandsbx exec. A~/.bashrcedit only covers interactive shells.curl … | bashin an install command masks download failures: the pipe's exit status is bash's, and bash exits0on empty input, so a domain blocked by the deny-by-default egress policy still produces a "✓ Created" sandbox with nothing installed. Download-then-run (-o file && bash file) surfaces the failure.sh(dash), not bash — bash builtins likesourcefail withsh: source: not foundunless piped tobashor wrapped inbash -c.NPM_CONFIG_PREFIXis set (the base image sets it for its system Node);unset NPM_CONFIG_PREFIXbefore sourcingnvm.sh.exceptionsfor anexistencerule withnonword: trueare matched against the word preceding the non-word token, not the full match — so a product name ending in!is listed without the!(SDKMAN, notSDKMAN!). Go's RE2 engine also has no lookahead, so token regexes can't use(?=…).Generated by Claude Code