fix(claude): stabilize oauth auth and permission parity

Author: skulidropek

README.md

@@ -115,6 +115,12 @@ This avoids `refresh_token` rotation issues that can happen when copying `auth.j
 Disable sharing (per-project auth):
 - Set `CODEX_SHARE_AUTH=0` in `.orch/env/project.env`.
 
+## Claude Code Defaults
+
+On container start, docker-git syncs Claude Code user settings under `$CLAUDE_CONFIG_DIR/settings.json`:
+- `permissions.defaultMode = "bypassPermissions"` so local disposable containers behave like docker-git Codex containers (no permission prompts).
+- Existing unrelated Claude settings are preserved.
+
 ## Playwright MCP (Chromium Sidecar)
 
 Enable during create/clone:

packages/app/tests/docker-git/entrypoint-auth.test.ts

@@ -39,8 +39,20 @@ describe("renderEntrypoint auth bridge", () => {
       expect(entrypoint).toContain("CLAUDE_CONFIG_DIR=\"${CLAUDE_CONFIG_DIR:-$HOME/.claude}\"")
       expect(entrypoint).toContain("docker_git_ensure_claude_cli()")
       expect(entrypoint).toContain("claude cli.js not found under npm global root; skip shim restore")
+      expect(entrypoint).toContain("CLAUDE_PERMISSION_SETTINGS_FILE=\"$CLAUDE_CONFIG_DIR/settings.json\"")
+      expect(entrypoint).toContain("docker_git_sync_claude_permissions()")
+      expect(entrypoint).toContain(
+        "const currentPermissions = isRecord(settings.permissions) ? settings.permissions : {}"
+      )
+      expect(entrypoint).toContain("defaultMode: \"bypassPermissions\"")
+      expect(entrypoint).toContain("CLAUDE_TOKEN_FILE=\"$CLAUDE_CONFIG_DIR/.oauth-token\"")
       expect(entrypoint).toContain("CLAUDE_CREDENTIALS_FILE=\"$CLAUDE_CONFIG_DIR/.credentials.json\"")
-      expect(entrypoint).toContain("if [[ -s \"$CLAUDE_CREDENTIALS_FILE\" ]]; then")
+      expect(entrypoint).toContain("CLAUDE_NESTED_CREDENTIALS_FILE=\"$CLAUDE_CONFIG_DIR/.claude/.credentials.json\"")
+      expect(entrypoint).toContain("docker_git_prepare_claude_auth_mode()")
+      expect(entrypoint).toContain(
+        "rm -f \"$CLAUDE_CREDENTIALS_FILE\" \"$CLAUDE_NESTED_CREDENTIALS_FILE\" \"$CLAUDE_HOME_DIR/.credentials.json\" || true"
+      )
+      expect(entrypoint).toContain("if [[ ! -s \"$CLAUDE_TOKEN_FILE\" ]]; then")
       expect(entrypoint).toContain("CLAUDE_SETTINGS_FILE=\"${CLAUDE_HOME_JSON:-$CLAUDE_CONFIG_DIR/.claude.json}\"")
       expect(entrypoint).toContain("nextServers.playwright = {")
       expect(entrypoint).toContain("command: \"docker-git-playwright-mcp\"")

packages/lib/src/core/templates-entrypoint/claude.ts

@@ -34,6 +34,17 @@ mkdir -p "$CLAUDE_CONFIG_DIR" || true
 CLAUDE_HOME_DIR="__CLAUDE_HOME_DIR__"
 CLAUDE_HOME_JSON="__CLAUDE_HOME_JSON__"
 mkdir -p "$CLAUDE_HOME_DIR" || true
+CLAUDE_TOKEN_FILE="$CLAUDE_CONFIG_DIR/.oauth-token"
+CLAUDE_CREDENTIALS_FILE="$CLAUDE_CONFIG_DIR/.credentials.json"
+CLAUDE_NESTED_CREDENTIALS_FILE="$CLAUDE_CONFIG_DIR/.claude/.credentials.json"
+
+docker_git_prepare_claude_auth_mode() {
+  if [[ -s "$CLAUDE_TOKEN_FILE" ]]; then
+    rm -f "$CLAUDE_CREDENTIALS_FILE" "$CLAUDE_NESTED_CREDENTIALS_FILE" "$CLAUDE_HOME_DIR/.credentials.json" || true
+  fi
+}
+
+docker_git_prepare_claude_auth_mode
 
 docker_git_link_claude_file() {
   local source_path="$1"
@@ -61,17 +72,13 @@ docker_git_link_claude_home_file() {
 docker_git_link_claude_home_file ".oauth-token"
 docker_git_link_claude_home_file ".config.json"
 docker_git_link_claude_home_file ".claude.json"
-docker_git_link_claude_home_file ".credentials.json"
+if [[ ! -s "$CLAUDE_TOKEN_FILE" ]]; then
+  docker_git_link_claude_home_file ".credentials.json"
+fi
 docker_git_link_claude_file "$CLAUDE_CONFIG_DIR/.claude.json" "$CLAUDE_HOME_JSON"
 
-CLAUDE_TOKEN_FILE="$CLAUDE_CONFIG_DIR/.oauth-token"
-CLAUDE_CREDENTIALS_FILE="$CLAUDE_CONFIG_DIR/.credentials.json"
 docker_git_refresh_claude_oauth_token() {
   local token=""
-  if [[ -s "$CLAUDE_CREDENTIALS_FILE" ]]; then
-    unset CLAUDE_CODE_OAUTH_TOKEN || true
-    return 0
-  fi
   if [[ -f "$CLAUDE_TOKEN_FILE" ]]; then
     token="$(tr -d '\r\n' < "$CLAUDE_TOKEN_FILE")"
   fi
@@ -133,6 +140,53 @@ EOF
 
 docker_git_ensure_claude_cli`
 
+const renderClaudePermissionSettingsConfig = (): string =>
+  String.raw`# Claude Code: keep permission settings in sync with docker-git defaults
+CLAUDE_PERMISSION_SETTINGS_FILE="$CLAUDE_CONFIG_DIR/settings.json"
+docker_git_sync_claude_permissions() {
+  CLAUDE_PERMISSION_SETTINGS_FILE="$CLAUDE_PERMISSION_SETTINGS_FILE" node - <<'NODE'
+const fs = require("node:fs")
+const path = require("node:path")
+
+const settingsPath = process.env.CLAUDE_PERMISSION_SETTINGS_FILE
+if (typeof settingsPath !== "string" || settingsPath.length === 0) {
+  process.exit(0)
+}
+
+const isRecord = (value) => typeof value === "object" && value !== null && !Array.isArray(value)
+
+let settings = {}
+try {
+  const raw = fs.readFileSync(settingsPath, "utf8")
+  const parsed = JSON.parse(raw)
+  settings = isRecord(parsed) ? parsed : {}
+} catch {
+  settings = {}
+}
+
+const currentPermissions = isRecord(settings.permissions) ? settings.permissions : {}
+const nextPermissions = {
+  ...currentPermissions,
+  defaultMode: "bypassPermissions"
+}
+const nextSettings = {
+  ...settings,
+  permissions: nextPermissions
+}
+
+if (JSON.stringify(settings) === JSON.stringify(nextSettings)) {
+  process.exit(0)
+}
+
+fs.mkdirSync(path.dirname(settingsPath), { recursive: true })
+fs.writeFileSync(settingsPath, JSON.stringify(nextSettings, null, 2) + "\n", { mode: 0o600 })
+NODE
+}
+
+docker_git_sync_claude_permissions
+chmod 0600 "$CLAUDE_PERMISSION_SETTINGS_FILE" 2>/dev/null || true
+chown 1000:1000 "$CLAUDE_PERMISSION_SETTINGS_FILE" 2>/dev/null || true`
+
 const renderClaudeMcpPlaywrightConfig = (): string =>
   String.raw`# Claude Code: keep Playwright MCP config in sync with container settings
 CLAUDE_SETTINGS_FILE="${"$"}{CLAUDE_HOME_JSON:-$CLAUDE_CONFIG_DIR/.claude.json}"
@@ -295,11 +349,8 @@ set -euo pipefail
 CLAUDE_REAL_BIN="__CLAUDE_REAL_BIN__"
 CLAUDE_CONFIG_DIR="${"$"}{CLAUDE_CONFIG_DIR:-$HOME/.claude}"
 CLAUDE_TOKEN_FILE="$CLAUDE_CONFIG_DIR/.oauth-token"
-CLAUDE_CREDENTIALS_FILE="$CLAUDE_CONFIG_DIR/.credentials.json"
 
-if [[ -s "$CLAUDE_CREDENTIALS_FILE" ]]; then
-  unset CLAUDE_CODE_OAUTH_TOKEN || true
-elif [[ -f "$CLAUDE_TOKEN_FILE" ]]; then
+if [[ -f "$CLAUDE_TOKEN_FILE" ]]; then
   CLAUDE_CODE_OAUTH_TOKEN="$(tr -d '\r\n' < "$CLAUDE_TOKEN_FILE")"
   export CLAUDE_CODE_OAUTH_TOKEN
 else
@@ -320,10 +371,7 @@ printf "export CLAUDE_CONFIG_DIR=%q\n" "$CLAUDE_CONFIG_DIR" >> "$CLAUDE_PROFILE"
 printf "export CLAUDE_AUTO_SYSTEM_PROMPT=%q\n" "$CLAUDE_AUTO_SYSTEM_PROMPT" >> "$CLAUDE_PROFILE"
 cat <<'EOF' >> "$CLAUDE_PROFILE"
 CLAUDE_TOKEN_FILE="${"$"}{CLAUDE_CONFIG_DIR:-$HOME/.claude}/.oauth-token"
-CLAUDE_CREDENTIALS_FILE="${"$"}{CLAUDE_CONFIG_DIR:-$HOME/.claude}/.credentials.json"
-if [[ -s "$CLAUDE_CREDENTIALS_FILE" ]]; then
-  unset CLAUDE_CODE_OAUTH_TOKEN || true
-elif [[ -f "$CLAUDE_TOKEN_FILE" ]]; then
+if [[ -f "$CLAUDE_TOKEN_FILE" ]]; then
   export CLAUDE_CODE_OAUTH_TOKEN="$(tr -d '\r\n' < "$CLAUDE_TOKEN_FILE")"
 else
   unset CLAUDE_CODE_OAUTH_TOKEN || true
@@ -340,6 +388,7 @@ export const renderEntrypointClaudeConfig = (config: TemplateConfig): string =>
   [
     renderClaudeAuthConfig(config),
     renderClaudeCliInstall(),
+    renderClaudePermissionSettingsConfig(),
     renderClaudeMcpPlaywrightConfig(),
     renderClaudeGlobalPromptSetup(config),
     renderClaudeWrapperSetup(),

packages/lib/src/shell/docker-auth.ts

@@ -1,6 +1,7 @@
 import type * as CommandExecutor from "@effect/platform/CommandExecutor"
 import type { PlatformError } from "@effect/platform/Error"
-import type { Effect } from "effect"
+import { readFileSync } from "node:fs"
+import { Effect } from "effect"
 
 import { runCommandCapture, runCommandExitCode, runCommandWithExitCodes } from "./command-runner.js"
 
@@ -20,6 +21,122 @@ export type DockerAuthSpec = {
   readonly interactive: boolean
 }
 
+type DockerMountBinding = {
+  readonly source: string
+  readonly destination: string
+}
+
+const resolveEnvValue = (key: string): string | null => {
+  const value = process.env[key]?.trim()
+  return value && value.length > 0 ? value : null
+}
+
+const trimTrailingSlash = (value: string): string => value.replace(/[\\/]+$/u, "")
+
+const pathStartsWith = (candidate: string, prefix: string): boolean =>
+  candidate === prefix || candidate.startsWith(`${prefix}/`) || candidate.startsWith(`${prefix}\\`)
+
+const translatePathPrefix = (candidate: string, sourcePrefix: string, targetPrefix: string): string | null =>
+  pathStartsWith(candidate, sourcePrefix)
+    ? `${targetPrefix}${candidate.slice(sourcePrefix.length)}`
+    : null
+
+const resolveContainerProjectsRoot = (): string | null => {
+  const explicit = resolveEnvValue("DOCKER_GIT_PROJECTS_ROOT")
+  if (explicit !== null) {
+    return explicit
+  }
+
+  const home = resolveEnvValue("HOME") ?? resolveEnvValue("USERPROFILE")
+  return home === null ? null : `${trimTrailingSlash(home)}/.docker-git`
+}
+
+const resolveProjectsRootHostOverride = (): string | null => resolveEnvValue("DOCKER_GIT_PROJECTS_ROOT_HOST")
+
+const resolveCurrentContainerId = (): string | null => {
+  const fromEnv = resolveEnvValue("HOSTNAME")
+  if (fromEnv !== null) {
+    return fromEnv
+  }
+
+  try {
+    const fromHostnameFile = readFileSync("/etc/hostname", "utf8").trim()
+    return fromHostnameFile.length > 0 ? fromHostnameFile : null
+  } catch {
+    return null
+  }
+}
+
+const parseDockerInspectMounts = (raw: string): ReadonlyArray<DockerMountBinding> => {
+  try {
+    const parsed = JSON.parse(raw) as unknown
+    if (!Array.isArray(parsed)) {
+      return []
+    }
+    return parsed.flatMap((item) => {
+      if (typeof item !== "object" || item === null) {
+        return []
+      }
+      const source = Reflect.get(item, "Source")
+      const destination = Reflect.get(item, "Destination")
+      return typeof source === "string" && typeof destination === "string"
+        ? [{ source, destination }]
+        : []
+    })
+  } catch {
+    return []
+  }
+}
+
+export const remapDockerBindHostPathFromMounts = (
+  hostPath: string,
+  mounts: ReadonlyArray<DockerMountBinding>
+): string => {
+  const match = mounts
+    .filter((mount) => pathStartsWith(hostPath, mount.destination))
+    .sort((left, right) => right.destination.length - left.destination.length)[0]
+
+  if (match === undefined) {
+    return hostPath
+  }
+
+  return `${match.source}${hostPath.slice(match.destination.length)}`
+}
+
+export const resolveDockerVolumeHostPath = (
+  cwd: string,
+  hostPath: string
+): Effect.Effect<string, never, CommandExecutor.CommandExecutor> =>
+  Effect.gen(function*(_) {
+    const containerProjectsRoot = resolveContainerProjectsRoot()
+    const hostProjectsRoot = resolveProjectsRootHostOverride()
+    if (containerProjectsRoot !== null && hostProjectsRoot !== null) {
+      const remapped = translatePathPrefix(hostPath, containerProjectsRoot, hostProjectsRoot)
+      if (remapped !== null) {
+        return remapped
+      }
+    }
+
+    const containerId = resolveCurrentContainerId()
+    if (containerId === null) {
+      return hostPath
+    }
+
+    const mountsJson = yield* _(
+      runCommandCapture(
+        {
+          cwd,
+          command: "docker",
+          args: ["inspect", containerId, "--format", "{{json .Mounts}}"]
+        },
+        [0],
+        () => new Error("docker inspect current container failed")
+      ).pipe(Effect.orElseSucceed(() => ""))
+    )
+
+    return remapDockerBindHostPathFromMounts(hostPath, parseDockerInspectMounts(mountsJson))
+  })
+
 export const resolveDefaultDockerUser = (): string | null => {
   const getUid = Reflect.get(process, "getuid")
   const getGid = Reflect.get(process, "getgid")
@@ -93,11 +210,20 @@ export const runDockerAuth = <E>(
   okExitCodes: ReadonlyArray<number>,
   onFailure: (exitCode: number) => E
 ): Effect.Effect<void, E | PlatformError, CommandExecutor.CommandExecutor> =>
-  runCommandWithExitCodes(
-    { cwd: spec.cwd, command: "docker", args: buildDockerArgs(spec) },
-    okExitCodes,
-    onFailure
-  )
+  Effect.gen(function*(_) {
+    const hostPath = yield* _(resolveDockerVolumeHostPath(spec.cwd, spec.volume.hostPath))
+    yield* _(
+      runCommandWithExitCodes(
+        {
+          cwd: spec.cwd,
+          command: "docker",
+          args: buildDockerArgs({ ...spec, volume: { ...spec.volume, hostPath } })
+        },
+        okExitCodes,
+        onFailure
+      )
+    )
+  })
 
 // CHANGE: run a docker auth command and capture stdout
 // WHY: obtain tokens from container auth flows
@@ -114,11 +240,20 @@ export const runDockerAuthCapture = <E>(
   okExitCodes: ReadonlyArray<number>,
   onFailure: (exitCode: number) => E
 ): Effect.Effect<string, E | PlatformError, CommandExecutor.CommandExecutor> =>
-  runCommandCapture(
-    { cwd: spec.cwd, command: "docker", args: buildDockerArgs(spec) },
-    okExitCodes,
-    onFailure
-  )
+  Effect.gen(function*(_) {
+    const hostPath = yield* _(resolveDockerVolumeHostPath(spec.cwd, spec.volume.hostPath))
+    return yield* _(
+      runCommandCapture(
+        {
+          cwd: spec.cwd,
+          command: "docker",
+          args: buildDockerArgs({ ...spec, volume: { ...spec.volume, hostPath } })
+        },
+        okExitCodes,
+        onFailure
+      )
+    )
+  })
 
 // CHANGE: run a docker auth command and return the exit code
 // WHY: allow status checks without throwing
@@ -133,4 +268,13 @@ export const runDockerAuthCapture = <E>(
 export const runDockerAuthExitCode = (
   spec: DockerAuthSpec
 ): Effect.Effect<number, PlatformError, CommandExecutor.CommandExecutor> =>
-  runCommandExitCode({ cwd: spec.cwd, command: "docker", args: buildDockerArgs(spec) })
+  Effect.gen(function*(_) {
+    const hostPath = yield* _(resolveDockerVolumeHostPath(spec.cwd, spec.volume.hostPath))
+    return yield* _(
+      runCommandExitCode({
+        cwd: spec.cwd,
+        command: "docker",
+        args: buildDockerArgs({ ...spec, volume: { ...spec.volume, hostPath } })
+      })
+    )
+  })

packages/lib/src/usecases/auth-claude-oauth.ts

@@ -6,7 +6,7 @@ import * as Fiber from "effect/Fiber"
 import type * as Scope from "effect/Scope"
 import * as Stream from "effect/Stream"
 
-import { resolveDefaultDockerUser } from "../shell/docker-auth.js"
+import { resolveDefaultDockerUser, resolveDockerVolumeHostPath } from "../shell/docker-auth.js"
 import { AuthError, CommandFailedError } from "../shell/errors.js"
 
 const oauthTokenEnvKey = "DOCKER_GIT_CLAUDE_OAUTH_TOKEN"
@@ -257,7 +257,8 @@ export const runClaudeOauthLoginWithPrompt = (
   return Effect.scoped(
     Effect.gen(function*(_) {
       const executor = yield* _(CommandExecutor.CommandExecutor)
-      const spec = buildDockerSetupTokenSpec(cwd, accountPath, options.image, options.containerPath)
+      const hostPath = yield* _(resolveDockerVolumeHostPath(cwd, accountPath))
+      const spec = buildDockerSetupTokenSpec(cwd, hostPath, options.image, options.containerPath)
       const proc = yield* _(startDockerProcess(executor, spec))
 
       const tokenBox: { value: string | null } = { value: null }