Claude Code sandbox using docker for python development

claude-sandbox.sh

#!/bin/bash
set -euo pipefail

if [ "$(git rev-parse --is-inside-work-tree)" = false ]; then
    echo "ERROR: Not a git managed directory: $PWD"
    exit 1
fi

BIND_MOUNTS=()

bind_mount() {
    local path="$1"
    local bind_option="${2:-}"
    
    if [ -e "$path" ]; then
        BIND_MOUNTS+=(-v "$path:$path$bind_option")
    fi
}

bind_mount_ro() {
    bind_mount "$1" ":ro"
}

is_defined() {
    # true if variable NAME $1 is defined
    # see https://stackoverflow.com/questions/3601515/how-to-check-if-a-variable-is-set-in-bash
    eval '[ -n "${'$1'+set}" ]'
}

bind_mount $HOME/.claude
bind_mount $HOME/.claude.json
# only the current worktree
# NOTE: git will not work inside if it is not the main worktree
#
project_root=$(git rev-parse --show-toplevel)
bind_mount $project_root
#
# or all worktrees of the git repo:
#
# while read -r _worktree_ path; do
#     bind_mount "$path"
# done < <(git worktree list --porcelain | grep ^worktree)

bind_mount_ro /etc/passwd
bind_mount_ro /etc/group
bind_mount_ro $HOME/.bashrc
bind_mount_ro $HOME/.gitconfig
bind_mount_ro /nix/store
if is_defined PYENV_ROOT; then
    bind_mount_ro ${PYENV_ROOT}
fi

sandbox_image=$(
    docker build --quiet - <<EOF
FROM node:24-bookworm

# force rebuild every week (date +%G%V: is iso-week)
# idea from https://medium.com/@aleksej.gudkov/how-to-disable-cache-in-docker-build-a-complete-guide-372e20507ed9
RUN echo $(date +'year:%G, week:%V')

RUN apt-get update && apt-get install -y git git-lfs ripgrep curl wget dumb-init

RUN npm install -g @anthropic-ai/claude-code@latest

USER nobody

ENV PATH=${project_root}/.venv/bin:/usr/local/bin:/usr/bin:/bin
ENV DISABLE_AUTOUPDATER=1
ENTRYPOINT ["/usr/bin/dumb-init", "--", "/usr/local/bin/claude"]
CMD []
EOF
)

docker run --rm -it "${BIND_MOUNTS[@]}" --user "$(id -u):$(id -g)" -w "$PWD" "$sandbox_image" "$@"