Merge pull request #380 from depot/billy/refactor/improved-remote-claude-code

refactor: use new SessionService and SandboxService for remote Claude operations

Author: billyb2

pkg/api/rpc.go

@@ -48,11 +48,27 @@ func NewAgentClient() agentv1connect.AgentServiceClient {
 	return agentv1connect.NewAgentServiceClient(getHTTPClient(getBaseURL()), getBaseURL(), WithUserAgent())
 }
 
+func NewSessionClient() agentv1connect.SessionServiceClient {
+	return agentv1connect.NewSessionServiceClient(getHTTPClient(getBaseURL()), getBaseURL(), WithUserAgent())
+}
+
+func NewSandboxClient() agentv1connect.SandboxServiceClient {
+	return agentv1connect.NewSandboxServiceClient(getHTTPClient(getBaseURL()), getBaseURL(), WithUserAgent())
+}
+
 func WithAuthentication[T any](req *connect.Request[T], token string) *connect.Request[T] {
 	req.Header().Add("Authorization", "Bearer "+token)
 	return req
 }
 
+func WithAuthenticationAndOrg[T any](req *connect.Request[T], token, orgID string) *connect.Request[T] {
+	req.Header().Add("Authorization", "Bearer "+token)
+	if orgID != "" {
+		req.Header().Add("x-depot-org", orgID)
+	}
+	return req
+}
+
 // getHTTPClient returns an HTTP client configured for the given base URL.
 // If the URL uses HTTP (not HTTPS), it configures h2c support for HTTP/2 over cleartext.
 func getHTTPClient(baseURL string) *http.Client {

pkg/cmd/claude/claude.go

@@ -32,7 +32,6 @@ func NewCmdClaude() *cobra.Command {
 		orgID           string
 		token           string
 		resumeSessionID string
-		sandboxID       string
 		output          string
 		local           bool
 		repository      *string
@@ -105,6 +104,18 @@ Subcommands:
 			}
 			ctx := cmd.Context()
 
+			// Check if we're running inside a sandbox
+			sandboxID := os.Getenv("DEPOT_SANDBOX_ID")
+			if sandboxID != "" {
+				// Force local mode when running inside a sandbox
+				local = true
+				defer func() {
+					if err := shutdownSandbox(ctx, sandboxID); err != nil {
+						fmt.Fprintf(os.Stderr, "Warning: failed to shutdown sandbox: %v\n", err)
+					}
+				}()
+			}
+
 			claudeArgs := []string{}
 			for i := 0; i < len(args); i++ {
 				arg := args[i]
@@ -156,20 +167,11 @@ Subcommands:
 					} else {
 						return fmt.Errorf("--resume flag requires a session ID")
 					}
-				case "--sandbox-id":
-					if i+1 < len(args) && !strings.HasPrefix(args[i+1], "-") {
-						sandboxID = args[i+1]
-						i++
-					} else {
-						return fmt.Errorf("--sandbox-id flag requires a sandbox ID")
-					}
 				default:
 					if strings.HasPrefix(arg, "--session-id=") {
 						sessionID = strings.TrimPrefix(arg, "--session-id=")
 					} else if strings.HasPrefix(arg, "--resume=") {
 						resumeSessionID = strings.TrimPrefix(arg, "--resume=")
-					} else if strings.HasPrefix(arg, "--sandbox-id=") {
-						sandboxID = strings.TrimPrefix(arg, "--sandbox-id=")
 					} else if strings.HasPrefix(arg, "--org=") {
 						orgID = strings.TrimPrefix(arg, "--org=")
 					} else if strings.HasPrefix(arg, "--token=") {
@@ -233,6 +235,11 @@ Subcommands:
 			}
 
 			if !local {
+				// Check if we're already in a sandbox - prevent recursive remote sessions
+				if sandboxID != "" {
+					return fmt.Errorf("cannot start a remote session from within a sandbox")
+				}
+
 				// Default repository to current git remote only if --repository flag was specified with empty value
 				var repoValue string
 				if repository != nil {
@@ -255,12 +262,10 @@ Subcommands:
 					Branch:          branch,
 					GitSecret:       gitSecret,
 					ResumeSessionID: resumeSessionID,
-					RemoteSessionID: sandboxID,
 					Wait:            wait,
 					Stdin:           os.Stdin,
 					Stdout:          os.Stdout,
 					Stderr:          os.Stderr,
-					AgentType:       "claude",
 				}
 				return RunAgentRemote(ctx, agentOpts)
 			} else {
@@ -284,24 +289,20 @@ Subcommands:
 }
 
 // returns the session file UUID that claude should resume from
-func resumeSession(ctx context.Context, client agentv1connect.ClaudeServiceClient, token, sessionID, sessionDir, cwd, orgID string, retryCount int, retryDelay time.Duration) (string, error) {
-	var resp *connect.Response[agentv1.DownloadClaudeSessionResponse]
+func resumeSession(ctx context.Context, client agentv1connect.SessionServiceClient, token, sessionID, sessionDir, cwd, orgID string, retryCount int, retryDelay time.Duration) (string, error) {
+	var resp *connect.Response[agentv1.DownloadSessionResponse]
 	var lastErr error
 
 	for i := range retryCount {
 		if i > 0 {
 			time.Sleep(retryDelay)
 		}
 
-		req := &agentv1.DownloadClaudeSessionRequest{
-			SessionId:      sessionID,
-			OrganizationId: new(string),
-		}
-		if orgID != "" {
-			req.OrganizationId = &orgID
+		req := &agentv1.DownloadSessionRequest{
+			SessionId: sessionID,
 		}
 
-		resp, lastErr = client.DownloadClaudeSession(ctx, api.WithAuthentication(connect.NewRequest(req), token))
+		resp, lastErr = client.DownloadSession(ctx, api.WithAuthenticationAndOrg(connect.NewRequest(req), token, orgID))
 		if lastErr == nil {
 			break
 		}
@@ -319,7 +320,8 @@ func resumeSession(ctx context.Context, client agentv1connect.ClaudeServiceClien
 
 	reader := bytes.NewReader(resp.Msg.SessionData)
 
-	sessionFilePath := filepath.Join(projectDir, fmt.Sprintf("%s.jsonl", resp.Msg.ClaudeSessionId))
+	claudeSessionID := resp.Msg.ToolSessionId
+	sessionFilePath := filepath.Join(projectDir, fmt.Sprintf("%s.jsonl", claudeSessionID))
 	out, err := os.Create(sessionFilePath)
 	if err != nil {
 		return "", fmt.Errorf("failed to create session file: %w", err)
@@ -330,10 +332,10 @@ func resumeSession(ctx context.Context, client agentv1connect.ClaudeServiceClien
 		return "", fmt.Errorf("failed to write session file: %w", err)
 	}
 
-	return resp.Msg.ClaudeSessionId, nil
+	return claudeSessionID, nil
 }
 
-func saveSession(ctx context.Context, client agentv1connect.ClaudeServiceClient, token, sessionID, sessionFilePath string, retryCount int, retryDelay time.Duration, orgID string) error {
+func saveSession(ctx context.Context, client agentv1connect.SessionServiceClient, token, sessionID, sessionFilePath string, retryCount int, retryDelay time.Duration, orgID string) error {
 	data, err := os.ReadFile(sessionFilePath)
 	if err != nil {
 		return fmt.Errorf("failed to read session file: %w", err)
@@ -349,21 +351,18 @@ func saveSession(ctx context.Context, client agentv1connect.ClaudeServiceClient,
 
 		claudeSessionID := filepath.Base(strings.TrimSuffix(sessionFilePath, ".jsonl"))
 
-		req := &agentv1.UploadClaudeSessionRequest{
-			SessionData:     data,
-			SessionId:       sessionID,
-			OrganizationId:  new(string),
-			Summary:         new(string),
-			ClaudeSessionId: claudeSessionID,
+		req := &agentv1.UploadSessionRequest{
+			SessionData:   data,
+			SessionId:     sessionID,
+			Summary:       new(string),
+			ToolSessionId: claudeSessionID,
+			AgentType:     agentv1.AgentType_AGENT_TYPE_CLAUDE_CODE,
 		}
 		if summary != "" {
 			req.Summary = &summary
 		}
-		if orgID != "" {
-			req.OrganizationId = &orgID
-		}
 
-		_, err := client.UploadClaudeSession(ctx, api.WithAuthentication(connect.NewRequest(req), token))
+		_, err := client.UploadSession(ctx, api.WithAuthenticationAndOrg(connect.NewRequest(req), token, orgID))
 		if err != nil {
 			lastErr = err
 			continue
@@ -422,7 +421,7 @@ func convertPathToProjectName(path string) string {
 }
 
 // continuouslySaveSessionFile monitors the project directory for new or changed session files and automatically saves them
-func continuouslySaveSessionFile(ctx context.Context, projectDir string, client agentv1connect.ClaudeServiceClient, token, sessionID, orgID string) error {
+func continuouslySaveSessionFile(ctx context.Context, projectDir string, client agentv1connect.SessionServiceClient, token, sessionID, orgID string) error {
 	if err := os.MkdirAll(projectDir, 0755); err != nil {
 		return fmt.Errorf("failed to create project directory: %w", err)
 	}
@@ -526,7 +525,7 @@ func RunClaudeSession(ctx context.Context, opts *ClaudeSessionOptions) error {
 		opts.OrgID = os.Getenv("DEPOT_ORG_ID")
 	}
 
-	client := api.NewClaudeClient()
+	client := api.NewSessionClient()
 
 	// early auth check to prevent starting Claude if saving or resuming will fail
 	if err := verifyAuthentication(ctx, client, token, opts.OrgID); err != nil {
@@ -647,16 +646,29 @@ func extractSummaryFromSession(data []byte) string {
 
 // verifyAuthentication performs an early auth check by calling the list-sessions API
 // this prevents starting Claude if authentication or organization access will fail
-func verifyAuthentication(ctx context.Context, client agentv1connect.ClaudeServiceClient, token, orgID string) error {
-	req := &agentv1.ListClaudeSessionsRequest{}
-	if orgID != "" {
-		req.OrganizationId = &orgID
-	}
+func verifyAuthentication(ctx context.Context, client agentv1connect.SessionServiceClient, token, orgID string) error {
+	req := &agentv1.ListSessionsRequest{}
 
-	_, err := client.ListClaudeSessions(ctx, api.WithAuthentication(connect.NewRequest(req), token))
+	_, err := client.ListSessions(ctx, api.WithAuthenticationAndOrg(connect.NewRequest(req), token, orgID))
 	if err != nil {
 		return fmt.Errorf("authentication failed: %w", err)
 	}
 
 	return nil
 }
+
+// shutdownSandbox calls the Shutdown API to gracefully terminate and snapshot the sandbox
+func shutdownSandbox(ctx context.Context, sandboxID string) error {
+	client := api.NewSandboxClient()
+
+	req := &agentv1.ShutdownRequest{
+		SandboxId: sandboxID,
+	}
+
+	_, err := client.Shutdown(ctx, connect.NewRequest(req))
+	if err != nil {
+		return fmt.Errorf("failed to shutdown sandbox: %w", err)
+	}
+
+	return nil
+}

pkg/cmd/claude/listsessions.go

@@ -61,11 +61,11 @@ In interactive mode, pressing Enter on a session will start Claude with that ses
 				orgID = os.Getenv("DEPOT_ORG_ID")
 			}
 
-			client := api.NewClaudeClient()
+			client := api.NewSessionClient()
 
 			isInteractive := output == "" && helpers.IsTerminal()
 
-			var allSessions []*agentv1.ClaudeSession
+			var allSessions []*agentv1.Session
 			currentPageToken := pageToken
 			maxPages := 5
 			pagesLoaded := 0
@@ -74,15 +74,15 @@ In interactive mode, pressing Enter on a session will start Claude with that ses
 				reqCtx, cancel := context.WithTimeout(ctx, 30*time.Second)
 				defer cancel()
 
-				req := &agentv1.ListClaudeSessionsRequest{}
-				if orgID != "" {
-					req.OrganizationId = &orgID
+				agentType := agentv1.AgentType_AGENT_TYPE_CLAUDE_CODE
+				req := &agentv1.ListSessionsRequest{
+					AgentType: &agentType,
 				}
 				if currentPageToken != "" {
 					req.PageToken = &currentPageToken
 				}
 
-				resp, err := client.ListClaudeSessions(reqCtx, api.WithAuthentication(connect.NewRequest(req), token))
+				resp, err := client.ListSessions(reqCtx, api.WithAuthenticationAndOrg(connect.NewRequest(req), token, orgID))
 				if err != nil {
 					return fmt.Errorf("failed to list sessions: %w", err)
 				}
@@ -166,7 +166,7 @@ In interactive mode, pressing Enter on a session will start Claude with that ses
 	return cmd
 }
 
-func chooseSession(sessions []*agentv1.ClaudeSession) (*agentv1.ClaudeSession, error) {
+func chooseSession(sessions []*agentv1.Session) (*agentv1.Session, error) {
 	if len(sessions) == 0 {
 		fmt.Println("No Claude sessions found")
 		return nil, nil
@@ -211,7 +211,7 @@ func chooseSession(sessions []*agentv1.ClaudeSession) (*agentv1.ClaudeSession, e
 }
 
 type sessionItem struct {
-	session *agentv1.ClaudeSession
+	session *agentv1.Session
 	summary string
 }
 
@@ -246,8 +246,8 @@ func (i sessionItem) FilterValue() string {
 
 type sessionListModel struct {
 	list     list.Model
-	sessions []*agentv1.ClaudeSession
-	choice   *agentv1.ClaudeSession
+	sessions []*agentv1.Session
+	choice   *agentv1.Session
 	ctrlC    bool
 }
 
@@ -283,7 +283,7 @@ func (m sessionListModel) View() string {
 	return docStyle.Render(m.list.View())
 }
 
-func sessionWriteJSON(sessions []*agentv1.ClaudeSession) error {
+func sessionWriteJSON(sessions []*agentv1.Session) error {
 	type sessionJSON struct {
 		SessionID string    `json:"session_id"`
 		Summary   string    `json:"summary,omitempty"`
@@ -313,7 +313,7 @@ func sessionWriteJSON(sessions []*agentv1.ClaudeSession) error {
 	return encoder.Encode(jsonSessions)
 }
 
-func sessionWriteCSV(sessions []*agentv1.ClaudeSession) error {
+func sessionWriteCSV(sessions []*agentv1.Session) error {
 	w := csv.NewWriter(os.Stdout)
 	if err := w.Write([]string{"SESSION_ID", "SUMMARY", "UPDATED_AT", "CREATED_AT"}); err != nil {
 		return err