fix(sandbox): harden image packaging integrity checks

[aviralgarg05]

Summary

This PR fixes a --sandbox startup regression where published sandbox images could contain an invalid/corrupted @google/gemini-cli-core/package.json, causing Gemini CLI to crash with ERR_INVALID_PACKAGE_CONFIG (issue #19085).

The fix hardens sandbox image packaging and release verification so corrupted package metadata is caught before publish and blocked from release.

Details

• Updated /Users/aviralgarg/Everything/gemini-cli/Dockerfile:

  • installs @google/gemini-cli-core first, then @google/gemini-cli (sequential global installs instead of one combined install)
  • adds explicit in-image JSON integrity checks for:
    • /usr/local/share/npm-global/lib/node_modules/@google/gemini-cli/package.json
    • /usr/local/share/npm-global/lib/node_modules/@google/gemini-cli-core/package.json
  • adds a CLI sanity check (gemini --version) during image build

• Updated /Users/aviralgarg/Everything/gemini-cli/.github/actions/push-sandbox/action.yml:

  • adds a post-build verify step before publish that:
    • parses both installed package manifests inside the built image
    • runs /usr/local/share/npm-global/bin/gemini --version
  • prevents publishing a broken sandbox image even if build appears successful

Design intent:

• Fail fast at image build time if package install output is invalid.
• Add a release-gate verification step so CI blocks broken images from being pushed.

Related Issues

Fixes #19085

How to Validate

1. Build workspace packages:

npm run build --workspaces

Expected: all workspace builds succeed.

2. Build sandbox image:

npm run build:sandbox -- --image google/gemini-cli-sandbox:local-test --output-file final_image_uri.txt

Expected: image builds successfully and writes final_image_uri.txt.

3. Run in-container integrity checks:

docker run --rm --entrypoint sh "$(cat final_image_uri.txt)" -lc '
  set -e
  node -e "const fs=require(\"node:fs\"); JSON.parse(fs.readFileSync(\"/usr/local/share/npm-global/lib/node_modules/@google/gemini-cli/package.json\",\"utf8\")); JSON.parse(fs.readFileSync(\"/usr/local/share/npm-global/lib/node_modules/@google/gemini-cli-core/package.json\",\"utf8\"));"
  /usr/local/share/npm-global/bin/gemini --version >/dev/null
'

Expected: exits 0 with no JSON parse errors and CLI version command succeeds.

4. Run repository checks:

npm run lint:all
npm run test:scripts

Expected: both commands pass.

5. Edge-case check (manual):

• Corrupt either installed package manifest inside a test container and rerun step 3.
  Expected: JSON parse command fails non-zero, demonstrating the release gate blocks publish.

Pre-Merge Checklist

• Updated relevant documentation and README (if needed)
• Added/updated tests (if needed)
• Noted breaking changes (if any)
• Validated on required platforms/methods:
  • MacOS
    • npm run
    • npx
    • Docker
    • Podman
    • Seatbelt
  • Windows
    • npm run
    • npx
    • Docker
  • Linux
    • npm run
    • npx
    • Docker

[gemini-code-assist]

Summary of Changes

Hello @aviralgarg05, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the robustness of the sandbox image packaging and release pipeline. By integrating multiple layers of integrity checks, both during the Docker image build and as a pre-publish verification step in the CI/CD workflow, it prevents the release of corrupted sandbox images. This directly addresses a critical startup regression, ensuring that published images are always valid and functional.

Highlights

• Integrity Checks in Dockerfile: Introduced explicit in-image JSON integrity checks for @google/gemini-cli/package.json and @google/gemini-cli-core/package.json directly within the Dockerfile build process. This ensures that package metadata is valid immediately after installation.
• CLI Sanity Check in Dockerfile: Added a gemini --version command to the Dockerfile to verify the CLI is functional and executable as part of the image build, failing fast if the command does not execute successfully.
• Sequential Package Installation: Modified the Dockerfile to install @google/gemini-cli-core before @google/gemini-cli using separate npm install -g commands, addressing potential dependency or installation order issues.
• Post-Build Verification Step: Implemented a new verify step in the .github/actions/push-sandbox/action.yml workflow. This step runs after the Docker image is built but before it's published, performing the same in-container JSON integrity and CLI sanity checks to act as a release gate.
• Fix for Sandbox Startup Regression: Resolved issue Sandbox crashes on version 0.28.2 but works in version 0.28.1 (Windows 11) #19085, which caused sandbox images to crash due to corrupted package.json files, by hardening packaging and release verification processes.

Changelog

• .github/actions/push-sandbox/action.yml
  • Added a new verify step to perform in-container integrity checks on the built Docker image before it is published.
  • The verify step includes parsing package.json files and running gemini --version inside the image.
• Dockerfile
  • Changed the npm install command to install @google/gemini-cli-core and @google/gemini-cli sequentially.
  • Introduced node -e "..." commands to parse package.json files for both CLI packages immediately after installation to check for JSON integrity.
  • Added a gemini --version > /dev/null command to validate the CLI's functionality during the image build.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request effectively addresses the sandbox image corruption issue (issue #19085) by implementing robust integrity checks during the build process and as a release gate in the CI pipeline. The changes include sequential global installs in the Dockerfile to prevent potential corruption, followed by explicit JSON parsing of the package manifests for both the CLI and core packages. A functional sanity check using gemini --version is also performed. These measures ensure that any corrupted or invalid package configurations are identified before the image is published. The implementation follows existing patterns and maintains the security and reliability of the sandbox environment.