feat(sandbox): add scoped resource catalog#26
Conversation
Expose Sandbox templates and runner instances under account and organization settings so provider credentials stay within their owning scope. Add region and template filters with stale-request protection and responsive catalog tables.
There was a problem hiding this comment.
Code Review
This pull request implements account- and organization-scoped pages for region-filtered sandbox templates and runner instances, adding backend catalog APIs and React frontend sections. The review feedback highlights a potential data race from mutating shared configuration, potential runtime panics due to missing nil checks on SDK-returned slices, and opportunities to improve UI robustness and readability by validating date strings and formatting long single-line components.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
There was a problem hiding this comment.
No additional high-confidence issues found in this review beyond the unresolved review threads already present on the PR.
Verification performed:
git diff --check origin/main...HEADgo test -tags development ./internal/server -count=1go test ./internal/sandboxrunner -count=1
Not run: UI lint/build, because bun is not installed in this environment. A plain go test ./internal/server -count=1 also cannot run without generated production UI assets, so I used the development tag for the server package.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Review CompleteNo issues found in this review. I focused on the new user-scoped sandbox catalog API, account/organization route wiring, credential scope resolution, and the catalog UI data flow. Verified:
Not run:
Submitted a non-blocking PR review: #26 (review) |
There was a problem hiding this comment.
Code Review
This pull request introduces account- and organization-scoped Sandbox catalogs, allowing ordinary users to view region-filtered templates and region/template-filtered runner instances. It adds new backend endpoints (/user/sandbox/templates and /user/sandbox/instances), integrates with the Qiniu Go SDK, and updates the React frontend with new tabs under account settings. The review feedback suggests three key improvements: optimizing the React component state to prevent duplicate parallel API requests and unnecessary re-fetching, defensively copying the configuration snapshot in the backend to avoid potential race conditions from shared state mutation, and refactoring in-place slice filtering for better readability.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
Split template and instance loading so template filters only refresh instance data, and reset scoped state by installation.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Review CompleteNo issues found in this review. Verification run:
Not run: |
There was a problem hiding this comment.
Code Review
This pull request introduces ordinary-user Sandbox resource catalogs, allowing authenticated users to inspect Sandbox templates and runner-created instances scoped to their account or organization. It adds backend endpoints (/user/sandbox/templates and /user/sandbox/instances) with region validation, updates documentation, and implements corresponding React components (SandboxTemplatesSection and SandboxesSection) in the user dashboard. The review feedback highlights two key improvement opportunities: first, avoiding in-place slice mutation (items[:0]) when filtering sandbox instances to prevent potential cache corruption or concurrency issues; second, decoupling template loading errors from the sandbox instances table so that a failure in loading the template filter dropdown does not completely block the display of active instances.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
Keep sandbox instances visible when the template filter fails, and avoid mutating catalog slices while applying template filters.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Review CompleteSubmitted a non-blocking PR review: no issues found. Verified locally:
Not run locally:
|
There was a problem hiding this comment.
Code Review
This pull request introduces ordinary-user Sandbox catalogs to inspect scoped resources, allowing authenticated users to view region-filtered Sandbox templates and runner-created instances at /account/sandbox-templates and /account/sandbox-instances (and their organization equivalents). The backend implements endpoints /user/sandbox/templates and /user/sandbox/instances to fetch this data securely using server-side credentials, while the frontend is updated with React components to display and filter these resources. The review feedback highlights opportunities to improve backend error reporting when initializing the sandbox service, and suggests clearing stale templates and instances in the UI when the region or template filters change to prevent displaying outdated information during loading.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
There was a problem hiding this comment.
No issues found in this review.
Verified locally:
go test -tags development ./internal/server ./internal/sandboxrunnergit diff --check origin/main...HEAD
Not run locally:
cd ui && bun test src/components/sandbox-catalog-sections.test.jsbecausebunis not installed in this environment.npm --prefix ui run lintbecause the localeslintexecutable returnedPermission denied.
Clear region- and template-scoped results before reloading, and log catalog initialization failures without exposing configuration details.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Review CompletePosted a non-blocking PR review with 1 finding. Finding: Verification run:
Notes: |
There was a problem hiding this comment.
Code Review
This pull request introduces ordinary-user Sandbox resource catalogs, allowing authenticated users to inspect Sandbox templates and runner-created instances scoped by region and account/organization. It adds backend APIs (GET /user/sandbox/templates and GET /user/sandbox/instances), corresponding frontend UI components, and updates the documentation. Two main issues were identified in the review: a potential data race in server_sandbox_catalog.go due to direct mutation of a shared configuration snapshot, and a CSS truncation issue in sandbox-catalog-sections.tsx where truncate is applied directly to a table cell instead of a block element.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
There was a problem hiding this comment.
Review findings:
- The new sandbox catalog components currently make the UI lint target fail under the repository's configured React Hooks rules. I left an inline comment on the first occurrence; the same pattern appears in
SandboxesSectionat lines 224 and 231.
Wrap template identifiers in a constrained block so table-cell layout consistently applies text truncation.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Review CompleteNo issues found in this review. I submitted a non-blocking PR review: #26 (review) Verified locally:
Not run locally:
|
There was a problem hiding this comment.
Code Review
This pull request introduces ordinary-user Sandbox catalog features, adding endpoints to list Sandbox templates and runner-created instances, along with corresponding UI tabs, region selectors, and filtering. The review feedback highlights a potential data race when modifying a potentially shared configuration struct directly, duplicate region definitions in the frontend that should be consolidated, and readability issues due to excessively long lines in internal/sandboxrunner/runner.go.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
Keep sandbox region labels and endpoints in one overseas-first definition, and format catalog mappings for maintainability.
|
/gemini review |
|
@fennoai review |
There was a problem hiding this comment.
No issues found in this review. I focused on the scoped sandbox catalog API, account/organization credential scope resolution, route wiring, and the new catalog UI data flow.
Verification run:
go test -tags development ./internal/server ./internal/sandboxrunner -count=1git diff --check origin/main...HEAD
Not run locally:
task ui-lint/task build, becausetask,bun, and localui/node_modulesare unavailable in this sandbox; direct npm script attempts also failed on missing/non-executable JS tooling.
Review CompleteNo issues found in this review. Verified:
Not completed: UI npm scripts did not run in this environment because Submitted a non-blocking PR review: #26 (review) |
There was a problem hiding this comment.
Code Review
This pull request introduces ordinary-user Sandbox resource catalogs, allowing authenticated users to inspect Sandbox templates and runner-created instances scoped to their account or organization. On the backend, it adds a Catalog interface to internal/sandboxrunner, implements template and instance listing on E2BService, and registers new endpoints /user/sandbox/templates and /user/sandbox/instances in the server. On the frontend, it updates the React UI with new 'Sandbox Templates' and 'Sandbox Instances' tabs under account settings, including region selectors, filtering, and robust loading states. Extensive documentation, rules, and tests have also been added to support these changes. There are no review comments, so no additional feedback is provided.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
There was a problem hiding this comment.
No issues found in this review.
Verified with git diff --check and go test -tags development ./... -count=1. I could not run the UI npm scripts in this environment because the package executables were unavailable/not executable (tsc/eslint failed before running).
Summary
Why
Sandbox service credentials belong to users and organizations rather than the global runnerd admin scope. Resource browsing now follows that ownership model and prevents an administrator's personal credentials from being presented as global control-plane data.
Validation
task testtask ui-lint