feat: mount attachments directory in reviewer container

Discord file attachments are downloaded to data/attachments/ on the
host. Mount this directory read-only in the reviewer container at the
same absolute path so both owner and reviewer can access uploaded
files (WAV, images, etc.) using the same path.
This commit is contained in:
Eyejoker
2026-03-30 18:40:36 +09:00
parent fcd180434d
commit ad34062dbc

View File

@@ -261,6 +261,16 @@ export function buildReviewerMounts(
}); });
} }
// Attachments directory: read-only (Discord file uploads downloaded here)
const attachmentsDir = path.join(DATA_DIR, 'attachments');
if (fs.existsSync(attachmentsDir)) {
mounts.push({
hostPath: attachmentsDir,
containerPath: attachmentsDir,
readonly: true,
});
}
// Group folder: writable (logs, session data) // Group folder: writable (logs, session data)
mounts.push({ mounts.push({
hostPath: groupDir, hostPath: groupDir,
@@ -439,7 +449,10 @@ export async function runReviewerContainer(args: {
const execArgs = ['exec', '-i']; const execArgs = ['exec', '-i'];
const authMode = detectAuthMode(); const authMode = detectAuthMode();
if (authMode === 'api-key') { if (authMode === 'api-key') {
execArgs.push('-e', `ANTHROPIC_API_KEY=${process.env.ANTHROPIC_API_KEY || ''}`); execArgs.push(
'-e',
`ANTHROPIC_API_KEY=${process.env.ANTHROPIC_API_KEY || ''}`,
);
} else { } else {
const oauthToken = const oauthToken =
process.env.CLAUDE_CODE_OAUTH_TOKEN || process.env.CLAUDE_CODE_OAUTH_TOKEN ||
@@ -450,11 +463,9 @@ export async function runReviewerContainer(args: {
execArgs.push(containerName, 'node', '/app/dist/index.js'); execArgs.push(containerName, 'node', '/app/dist/index.js');
return new Promise<AgentOutput>((resolve) => { return new Promise<AgentOutput>((resolve) => {
const proc = spawn( const proc = spawn(CONTAINER_RUNTIME_BIN, execArgs, {
CONTAINER_RUNTIME_BIN, stdio: ['pipe', 'pipe', 'pipe'],
execArgs, });
{ stdio: ['pipe', 'pipe', 'pipe'] },
);
onProcess?.(proc, containerName); onProcess?.(proc, containerName);