use new jail base command and make subcommand properly hidden

bcpeinhardt · bcpeinhardt · commit c555f2f530fb · 2025-09-12T15:48:21.000Z
diff --git a/cli/jail.go b/cli/jail.go
@@ -6,43 +6,8 @@ import (
 )
 
 func (r *RootCmd) jail() *serpent.Command {
-	var config jailcli.Config
-
-	return &serpent.Command{
-		Use:   "jail -- <command>",
-		Short: "Monitor and restrict HTTP/HTTPS requests from processes",
-		Long: `coder jail creates an isolated network environment for the target process,
-intercepting all HTTP/HTTPS traffic through a transparent proxy that enforces
-user-defined rules.
-
-Examples:
-  # Allow only requests to github.com
-  coder jail --allow "github.com" -- curl https://github.com
-
-  # Monitor all requests to specific domains (allow only those)
-  coder jail --allow "github.com/api/issues/*" --allow "GET,HEAD github.com" -- npm install
-
-  # Block everything by default (implicit)`,
-		Options: serpent.OptionSet{
-			{
-				Name:        "allow",
-				Flag:        "allow",
-				Env:         "JAIL_ALLOW",
-				Description: "Allow rule (can be specified multiple times). Format: 'pattern' or 'METHOD[,METHOD] pattern'.",
-				Value:       serpent.StringArrayOf(&config.AllowStrings),
-			},
-			{
-				Name:        "log-level",
-				Flag:        "log-level",
-				Env:         "JAIL_LOG_LEVEL",
-				Description: "Set log level (error, warn, info, debug).",
-				Default:     "warn",
-				Value:       serpent.StringOf(&config.LogLevel),
-			},
-		},
-		Hidden: true,
-		Handler: func(inv *serpent.Invocation) error {
-			return jailcli.Run(inv.Context(), config, inv.Args)
-		},
-	}
+	cmd := jailcli.BaseCommand() // Package coder/jail/cli exports a "base command" designed to be integrated as a subcommand.
+	cmd.Hidden = true            // We want jail to be a hidden command in coder for now.
+	cmd.Use += " [args...]"      // The base command looks like `jail -- command`. Serpent adds the flags piece, but we need to add the args.
+	return cmd
 }
diff --git a/go.mod b/go.mod
@@ -479,7 +479,7 @@ require (
 	github.com/brianvoe/gofakeit/v7 v7.5.1
 	github.com/coder/agentapi-sdk-go v0.0.0-20250505131810-560d1d88d225
 	github.com/coder/aisdk-go v0.0.9
-	github.com/coder/jail v1.0.1-0.20250911203532-70677f27857e
+	github.com/coder/jail v1.0.1-0.20250912153404-1e687be21fb5
 	github.com/coder/preview v1.0.4
 	github.com/fsnotify/fsnotify v1.9.0
 	github.com/go-git/go-git/v5 v5.16.2
diff --git a/go.sum b/go.sum
@@ -922,10 +922,10 @@ github.com/coder/go-scim/pkg/v2 v2.0.0-20230221055123-1d63c1222136 h1:0RgB61LcNs
 github.com/coder/go-scim/pkg/v2 v2.0.0-20230221055123-1d63c1222136/go.mod h1:VkD1P761nykiq75dz+4iFqIQIZka189tx1BQLOp0Skc=
 github.com/coder/guts v1.5.0 h1:a94apf7xMf5jDdg1bIHzncbRiTn3+BvBZgrFSDbUnyI=
 github.com/coder/guts v1.5.0/go.mod h1:0Sbv5Kp83u1Nl7MIQiV2zmacJ3o02I341bkWkjWXSUQ=
-github.com/coder/jail v1.0.0 h1:HM8Bo5RlBbXeGJ4YIvNI/c0M9P9jE3h6gkWKxkPOTIo=
-github.com/coder/jail v1.0.0/go.mod h1:nWzW7Mlw6ucIIfxBVUaMrV4uwcBJ0vUId6xkm5lZ7j0=
 github.com/coder/jail v1.0.1-0.20250911203532-70677f27857e h1:hvqfdtxBJL3FavB0pb0H3JXmj8uFGRCxreHd5HyztdM=
 github.com/coder/jail v1.0.1-0.20250911203532-70677f27857e/go.mod h1:JrRS7QEvzNFLPjUcgVs9IjewlJmk4Ia9c4CatZfl0A8=
+github.com/coder/jail v1.0.1-0.20250912153404-1e687be21fb5 h1:CmGiqeVtb1tNlLxwlNKAGbGKwOfIBoeyFJCwONYZxf4=
+github.com/coder/jail v1.0.1-0.20250912153404-1e687be21fb5/go.mod h1:JrRS7QEvzNFLPjUcgVs9IjewlJmk4Ia9c4CatZfl0A8=
 github.com/coder/pq v1.10.5-0.20250807075151-6ad9b0a25151 h1:YAxwg3lraGNRwoQ18H7R7n+wsCqNve7Brdvj0F1rDnU=
 github.com/coder/pq v1.10.5-0.20250807075151-6ad9b0a25151/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/coder/pretty v0.0.0-20230908205945-e89ba86370e0 h1:3A0ES21Ke+FxEM8CXx9n47SZOKOpgSE1bbJzlE4qPVs=
