Skip to content

Claude Code .claude.json from HOME mounted correctly#8

Merged
koudis merged 2 commits into
mainfrom
claude_code_config_sync
Jul 3, 2026
Merged

Claude Code .claude.json from HOME mounted correctly#8
koudis merged 2 commits into
mainfrom
claude_code_config_sync

Conversation

@koudis

@koudis koudis commented Jul 1, 2026

Copy link
Copy Markdown
Owner

Summary by CodeRabbit

  • New Features
    • Claude configuration is now mounted directly into the container when present, preserving onboarding and app settings.
    • File mounts for this config are read-only, so they can be viewed inside the container but not modified.
  • Bug Fixes
    • Improved handling of missing config files to avoid creating unnecessary paths or files.
    • Container startup now treats read-only mounts safely, preventing unintended credential-store changes.

@coderabbitai

coderabbitai Bot commented Jul 1, 2026

Copy link
Copy Markdown

Review Change Stack

Warning

Review limit reached

@koudis, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 48 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 1d0fd301-5232-4305-b35e-7f238f81451f

📥 Commits

Reviewing files that changed from the base of the PR and between a296c9f and 7e4b17d.

📒 Files selected for processing (2)
  • internal/agents/claude/claude.go
  • internal/docker/integration_test.go
📝 Walkthrough

Walkthrough

This PR replaces the Claude Code onboarding-state symlink/CredentialPreparer mechanism with a read-only bind-mount of the host's ~/.claude.json, implemented via a new AdditionalMounts method. The requirements spec, root command mount-handling logic, and tests are updated accordingly.

Changes

Bind-mount based onboarding state

Layer / File(s) Summary
Requirements spec update
.kiro/specs/bootstrap-ai-coding/agents/requirements-claude-code.md
CC-8 rewritten from symlink+CredentialPreparer synchronization to AdditionalMounter-based read-only bind-mount; CC-3 note updated accordingly.
AdditionalMounts implementation replacing symlink/PrepareCredentials
internal/agents/claude/claude.go
Removes symlink build step and PrepareCredentials; adds AdditionalMounts(homeDir) returning a read-only bind-mount of host ~/.claude.json when present.
Selective credential directory creation
internal/cmd/root.go
Additional-mount loop now conditionally creates credential directories based on HostPath existence and mount read-only status.
Unit and integration tests
internal/agents/claude/claude_test.go, internal/agents/claude/integration_test.go, internal/docker/integration_test.go
Updates install test assertions, adds AdditionalMounts and property-based tests, extends shared integration state, and adds a Docker integration test verifying read-only mounts are readable but not writable.

Estimated code review effort: 3 (Moderate) | ~25 minutes

Sequence Diagram(s)

sequenceDiagram
  participant RunStart as runStart
  participant Claude as claudeAgent
  participant FS as HostFilesystem
  participant Docker as DockerContainer

  RunStart->>Claude: AdditionalMounts(homeDir)
  Claude->>FS: check ~/.claude.json exists
  FS-->>Claude: exists or absent
  Claude-->>RunStart: []docker.Mount (0 or 1, ReadOnly)
  RunStart->>Docker: mount host file into homeDir/.claude.json
Loading

Possibly related PRs

  • koudis/bootstrap-ai-coding#7: Introduced the requirements-claude-code.md CC-8 requirement and mount approach that this PR directly rewrites, both using the AdditionalMounter bind-mount mechanism instead of symlink+CredentialPreparer.
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately reflects the main change: mounting Claude Code's .claude.json from HOME.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch claude_code_config_sync

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🧹 Nitpick comments (1)
internal/agents/claude/claude_test.go (1)

316-321: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Make this assertion deterministic by pinning HOME in the test.

Install() now reads the host ~/.claude/CLAUDE.md, so this unit test has to allow both 2 and 3 added lines. Setting HOME to a temp dir here would keep the assertion precise and independent of the machine running the test.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@internal/agents/claude/claude_test.go` around lines 316 - 321, The assertion
in the Install() test is non-deterministic because it depends on the host
~/.claude/CLAUDE.md lookup. Pin HOME to a temp directory in this test so
Install() cannot see a machine-specific Claude memory file, then restore the
environment afterward; this lets the existing line-count check stay precise and
only validate the expected RUN steps in claude_test.go.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@internal/agents/claude/claude.go`:
- Around line 107-114: The mount selection in claude.go only checks
os.Stat(src), so a directory named ~/.claude.json can still be returned as a
file mount and later be treated incorrectly by runStart. Update the logic around
the os.Stat(src) check in the mount-building path to require that src is a
regular file (not just existing), and return nil for any non-file target before
constructing the docker.Mount with ContainerPath set to ~/.claude.json.

In `@internal/docker/integration_test.go`:
- Around line 1322-1332: Register the cleanup right after CreateContainer
succeeds in the integration test so the container is always removed even if
StartContainer fails. Move the t.Cleanup block in the test that uses
docker.CreateContainer, docker.StartContainer, and docker.RemoveContainer to
immediately follow the create assertion, before the start assertion, so the
cleanup is installed on all failure paths.

---

Nitpick comments:
In `@internal/agents/claude/claude_test.go`:
- Around line 316-321: The assertion in the Install() test is non-deterministic
because it depends on the host ~/.claude/CLAUDE.md lookup. Pin HOME to a temp
directory in this test so Install() cannot see a machine-specific Claude memory
file, then restore the environment afterward; this lets the existing line-count
check stay precise and only validate the expected RUN steps in claude_test.go.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 83c1d9cd-5b8b-49c0-9fd0-907a92cd1e60

📥 Commits

Reviewing files that changed from the base of the PR and between bf76286 and a296c9f.

📒 Files selected for processing (6)
  • .kiro/specs/bootstrap-ai-coding/agents/requirements-claude-code.md
  • internal/agents/claude/claude.go
  • internal/agents/claude/claude_test.go
  • internal/agents/claude/integration_test.go
  • internal/cmd/root.go
  • internal/docker/integration_test.go

Comment thread internal/agents/claude/claude.go Outdated
Comment thread internal/docker/integration_test.go
@koudis koudis merged commit c5a0843 into main Jul 3, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant