CBox sandbox git metadata path isolation

ID	M1-INFRA-014
Status	done
Priority	p1
Milestone	m1-ft-analytics-analyst-pilot
Owner	head-of-engineering

Problem

When cbox creates a Docker container for a git-worktree-based sandbox, the worktree .git file contains a host-absolute gitdir reference (e.g., gitdir: /Users/dave/project/.git/worktrees/foo). The previous approach mounted the main .git directory at the same host absolute path inside the container — functional, but it leaked the host filesystem namespace into the sandbox. Operations such as git fetch, git rebase, and git push could break when git attempted to resolve host-only paths.

Context

Possible Solutions

Plan

Implementation Progress

Solution (container.py)

Mount the main .git dir at the container-internal path /workspace/.repo-git instead of the host absolute path.
Generate a one-line .git file containing gitdir: /workspace/.repo-git/worktrees/<name> and bind-mount it over the host worktree .git file at /workspace/.git:ro.
commondir inside the worktree metadata uses a relative ../.. which resolves correctly from /workspace/.repo-git/worktrees/<name> back to /workspace/.repo-git.

No entrypoint changes or GIT_DIR environment variables are needed.

Mount main .git at /workspace/.repo-git (container-internal).
Generate and overlay a rewritten .git file at /workspace/.git.
Verify no host paths appear as container mount targets.
Add targeted unit tests (test_container_runtime.py).
Document the fix in this task file.
git fetch/rebase/push works inside sandbox containers without manual GIT_DIR overrides.
No host-absolute paths leak into container mount targets.
All cbox tests pass (54/54).
Non-worktree repos are unaffected (no .repo-git mount).

Files changed

File	Change
`libs/cbox/cbox/container.py`	New mount logic + `_write_container_dotgit` helper
`libs/cbox/test_container_runtime.py`	3 new tests for path isolation
This file	Task documentation

None; self-contained fix within container.py.

Review Feedback

[ ] Review cleared