Problem
AWF's ARC/DinD auto-detection only enables --docker-host-path-prefix /tmp/gh-aw when DOCKER_HOST matches ^(redacted) On ARC deployments where the runner pod bind-mounts a sibling daemon pod's docker socket as (redacted) the regex never fires, so the path prefix is never applied. Agent container bind-mounts reference runner-FS paths the daemon cannot resolve, and runs fail immediately on prompt-file read.
Context
Upstream issue: github/gh-aw#33777
Same root condition as #30840/#30838/#28888 — split runner/daemon filesystems — but DOCKER_HOST is a unix socket (not TCP) because the socket is bind-mounted from the daemon pod into the runner pod.
Root Cause
src/option-parsers.ts resolveDockerHostPathPrefix() only matches `^(redacted) to detect DinD. Unix-socket paths from sibling pods also indicate a split filesystem but are not detected.
Proposed Solution
- In
resolveDockerHostPathPrefix(), also trigger path-prefix logic when DOCKER_HOST is a unix socket and that socket path differs from the default /var/run/docker.sock (or provide a heuristic: check if the socket is under a known DinD mount path).
- Alternatively, document an explicit env var (
AWF_DIND=1) users can set to force the prefix without relying on DOCKER_HOST shape.
- Update
--docker-host-path-prefix auto-detection docs to cover unix-socket DinD topology.
Generated by Firewall Issue Dispatcher · sonnet46 1.6M · ◷
Problem
AWF's ARC/DinD auto-detection only enables
--docker-host-path-prefix /tmp/gh-awwhenDOCKER_HOSTmatches^(redacted) On ARC deployments where the runner pod bind-mounts a sibling daemon pod's docker socket as(redacted) the regex never fires, so the path prefix is never applied. Agent container bind-mounts reference runner-FS paths the daemon cannot resolve, and runs fail immediately on prompt-file read.Context
Upstream issue: github/gh-aw#33777
Same root condition as #30840/#30838/#28888 — split runner/daemon filesystems — but
DOCKER_HOSTis a unix socket (not TCP) because the socket is bind-mounted from the daemon pod into the runner pod.Root Cause
src/option-parsers.tsresolveDockerHostPathPrefix()only matches `^(redacted) to detect DinD. Unix-socket paths from sibling pods also indicate a split filesystem but are not detected.Proposed Solution
resolveDockerHostPathPrefix(), also trigger path-prefix logic whenDOCKER_HOSTis a unix socket and that socket path differs from the default/var/run/docker.sock(or provide a heuristic: check if the socket is under a known DinD mount path).AWF_DIND=1) users can set to force the prefix without relying onDOCKER_HOSTshape.--docker-host-path-prefixauto-detection docs to cover unix-socket DinD topology.