Dockerfile

# --- STAGE 1: Base Runtime ---
FROM docker.io/library/node:20-slim AS base

ARG CLI_VERSION_ARG
ENV CLI_VERSION=$CLI_VERSION_ARG

RUN apt-get update && apt-get install -y --no-install-recommends \
  python3 \
  curl \
  dnsutils \
  less \
  jq \
  ca-certificates \
  && apt-get clean \
  && rm -rf /var/lib/apt/lists/*

# --- STAGE 2: Maintainer (Parent of Sandbox) ---
FROM base AS maintainer

# Install "Maintainer Bloat" - tools needed for development and offloading
RUN apt-get update && apt-get install -y --no-install-recommends \
  make \
  g++ \
  gh \
  git \
  unzip \
  rsync \
  ripgrep \
  procps \
  psmisc \
  lsof \
  socat \
  build-essential \
  libsecret-1-dev \
  libkrb5-dev \
  && apt-get clean \
  && rm -rf /var/lib/apt/lists/*

# Install global dev tools
RUN npm install -g tsx vitest

# Set up npm global package folder
RUN mkdir -p /usr/local/share/npm-global \
  && chown -R node:node /usr/local/share/npm-global
ENV NPM_CONFIG_PREFIX=/usr/local/share/npm-global
ENV PATH=$PATH:/usr/local/share/npm-global/bin

# --- STAGE 3: Sandbox (Final CLI Image) ---
FROM maintainer AS sandbox

ARG SANDBOX_NAME="gemini-cli-sandbox"
ENV SANDBOX="$SANDBOX_NAME"

# Switch to non-root user node
USER node

# Install gemini-cli and clean up
COPY packages/cli/dist/google-gemini-cli-*.tgz /tmp/gemini-cli.tgz
COPY packages/core/dist/google-gemini-cli-core-*.tgz /tmp/gemini-core.tgz
RUN npm install -g /tmp/gemini-core.tgz \
  && npm install -g /tmp/gemini-cli.tgz \
  && node -e "const fs=require('node:fs'); JSON.parse(fs.readFileSync('/usr/local/share/npm-global/lib/node_modules/@google/gemini-cli/package.json','utf8')); JSON.parse(fs.readFileSync('/usr/local/share/npm-global/lib/node_modules/@google/gemini-cli-core/package.json','utf8'));" \
  && gemini --version > /dev/null \
  && npm cache clean --force \
  && rm -f /tmp/gemini-{cli,core}.tgz

# Default entrypoint
CMD ["gemini"]
feat(build): implement multi-stage maintainer parent image and dual-tag cloud build 2026-03-15 09:16:01 -07:00			`# --- STAGE 1: Base Runtime ---`
			`FROM docker.io/library/node:20-slim AS base`
Minimal container setup. Install docker (or podman), build container with scripts/build_container.sh, then start with scripts/start_container.sh. Exit with ^C for now. (#61) 2025-04-20 08:22:17 -07:00
fix version release for Dockerfile build (#1080) 2025-06-16 01:13:39 -05:00			`ARG CLI_VERSION_ARG`
			`ENV CLI_VERSION=$CLI_VERSION_ARG`
fix(sandbox): use CMD for default entrypoint (#601) 2025-05-29 22:16:39 +00:00
Minimal container setup. Install docker (or podman), build container with scripts/build_container.sh, then start with scripts/start_container.sh. Exit with ^C for now. (#61) 2025-04-20 08:22:17 -07:00			`RUN apt-get update && apt-get install -y --no-install-recommends \`
Fix Build Failure - Build fails in sandbox due to missing build toolchain (#831) 2025-06-08 01:04:20 -04:00			`python3 \`
Minimal container setup. Install docker (or podman), build container with scripts/build_container.sh, then start with scripts/start_container.sh. Exit with ^C for now. (#61) 2025-04-20 08:22:17 -07:00			`curl \`
			`dnsutils \`
			`less \`
			`jq \`
feat(build): implement multi-stage maintainer parent image and dual-tag cloud build 2026-03-15 09:16:01 -07:00			`ca-certificates \`
			`&& apt-get clean \`
			`&& rm -rf /var/lib/apt/lists/*`

			`# --- STAGE 2: Maintainer (Parent of Sandbox) ---`
			`FROM base AS maintainer`

			`# Install "Maintainer Bloat" - tools needed for development and offloading`
			`RUN apt-get update && apt-get install -y --no-install-recommends \`
			`make \`
			`g++ \`
Minimal container setup. Install docker (or podman), build container with scripts/build_container.sh, then start with scripts/start_container.sh. Exit with ^C for now. (#61) 2025-04-20 08:22:17 -07:00			`gh \`
			`git \`
			`unzip \`
			`rsync \`
			`ripgrep \`
			`procps \`
			`psmisc \`
			`lsof \`
enable servers in sandbox to listen on localhost (127.0.0.1) instead of 0.0.0.0, ensuring servers can be container/host-agnostic (#207) * enable servers in sandbox to listen on localhost (127.0.0.1) instead of 0.0.0.0, ensuring servers can be container/host-agnostic * Merge remote-tracking branch 'origin/main' into sandbox_localhost_works 2025-04-28 18:40:24 -07:00			`socat \`
feat(build): implement multi-stage maintainer parent image and dual-tag cloud build 2026-03-15 09:16:01 -07:00			`build-essential \`
			`libsecret-1-dev \`
			`libkrb5-dev \`
Minimal container setup. Install docker (or podman), build container with scripts/build_container.sh, then start with scripts/start_container.sh. Exit with ^C for now. (#61) 2025-04-20 08:22:17 -07:00			`&& apt-get clean \`
			`&& rm -rf /var/lib/apt/lists/*`

feat(build): implement multi-stage maintainer parent image and dual-tag cloud build 2026-03-15 09:16:01 -07:00			`# Install global dev tools`
			`RUN npm install -g tsx vitest`

			`# Set up npm global package folder`
Minimal container setup. Install docker (or podman), build container with scripts/build_container.sh, then start with scripts/start_container.sh. Exit with ^C for now. (#61) 2025-04-20 08:22:17 -07:00			`RUN mkdir -p /usr/local/share/npm-global \`
			`&& chown -R node:node /usr/local/share/npm-global`
			`ENV NPM_CONFIG_PREFIX=/usr/local/share/npm-global`
			`ENV PATH=$PATH:/usr/local/share/npm-global/bin`

feat(build): implement multi-stage maintainer parent image and dual-tag cloud build 2026-03-15 09:16:01 -07:00			`# --- STAGE 3: Sandbox (Final CLI Image) ---`
			`FROM maintainer AS sandbox`

			`ARG SANDBOX_NAME="gemini-cli-sandbox"`
			`ENV SANDBOX="$SANDBOX_NAME"`

			`# Switch to non-root user node`
Minimal container setup. Install docker (or podman), build container with scripts/build_container.sh, then start with scripts/start_container.sh. Exit with ^C for now. (#61) 2025-04-20 08:22:17 -07:00			`USER node`

feat(build): implement multi-stage maintainer parent image and dual-tag cloud build 2026-03-15 09:16:01 -07:00			`# Install gemini-cli and clean up`
fix(ci): e2e workflow aligned with release (#9296) 2025-09-25 11:26:07 -07:00			`COPY packages/cli/dist/google-gemini-cli-*.tgz /tmp/gemini-cli.tgz`
			`COPY packages/core/dist/google-gemini-cli-core-*.tgz /tmp/gemini-core.tgz`
fix(sandbox): harden image packaging integrity checks (#19552) 2026-02-24 02:32:42 +05:30			`RUN npm install -g /tmp/gemini-core.tgz \`
			`&& npm install -g /tmp/gemini-cli.tgz \`
			`&& node -e "const fs=require('node:fs'); JSON.parse(fs.readFileSync('/usr/local/share/npm-global/lib/node_modules/@google/gemini-cli/package.json','utf8')); JSON.parse(fs.readFileSync('/usr/local/share/npm-global/lib/node_modules/@google/gemini-cli-core/package.json','utf8'));" \`
			`&& gemini --version > /dev/null \`
Minimal container setup. Install docker (or podman), build container with scripts/build_container.sh, then start with scripts/start_container.sh. Exit with ^C for now. (#61) 2025-04-20 08:22:17 -07:00			`&& npm cache clean --force \`
fix(ci): e2e workflow aligned with release (#9296) 2025-09-25 11:26:07 -07:00			`&& rm -f /tmp/gemini-{cli,core}.tgz`
feat: publish root Dockerfile to our image registry (#599) 2025-05-29 21:01:44 +00:00
feat(build): implement multi-stage maintainer parent image and dual-tag cloud build 2026-03-15 09:16:01 -07:00			`# Default entrypoint`
feat(cli): add glob as a direct dependency (#1065) 2025-06-15 00:50:26 -07:00			`CMD ["gemini"]`