feat: add Cursor CLI installation attempts documentation and enhance Docker setup

- Introduced a new markdown file summarizing various attempts to install the Cursor CLI in Docker, detailing approaches, results, and key learnings. - Updated Dockerfile to ensure proper installation of Cursor CLI for the non-root user, including necessary PATH adjustments for interactive shells. - Enhanced entrypoint script to manage OAuth tokens for both Claude and Cursor CLIs, ensuring correct permissions and directory setups. - Added scripts for extracting OAuth tokens from macOS Keychain and Linux JSON files for seamless integration with Docker. - Updated docker-compose files to support persistent storage for CLI configurations and authentication tokens. These changes improve the development workflow and provide clear guidance on CLI installation and authentication processes.
2026-01-30 06:12:03 +00:00 · 2026-01-05 18:13:14 -05:00
parent 5d675561ba
commit af394183e6
11 changed files with 536 additions and 49 deletions
--- a/scripts/get-claude-token.sh
+++ b/scripts/get-claude-token.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+# Extract Claude OAuth token from macOS Keychain for use in Docker container
+# Usage: ./scripts/get-claude-token.sh
+#        or: export CLAUDE_OAUTH_TOKEN=$(./scripts/get-claude-token.sh)
+
+set -e
+
+# Only works on macOS (uses security command for Keychain access)
+if [[ "$OSTYPE" != "darwin"* ]]; then
+    echo "Error: This script only works on macOS." >&2
+    echo "On Linux, mount ~/.claude directory directly instead." >&2
+    exit 1
+fi
+
+# Check if security command exists
+if ! command -v security &> /dev/null; then
+    echo "Error: 'security' command not found." >&2
+    exit 1
+fi
+
+# Get the current username
+USERNAME=$(whoami)
+
+# Extract credentials from Keychain
+CREDS=$(security find-generic-password -s "Claude Code-credentials" -a "$USERNAME" -w 2>/dev/null)
+
+if [ -z "$CREDS" ]; then
+    echo "Error: No Claude credentials found in Keychain." >&2
+    echo "Make sure you've logged in with 'claude login' first." >&2
+    exit 1
+fi
+
+# Output the full credentials JSON (contains accessToken and refreshToken)
+echo "$CREDS"
--- a/scripts/get-cursor-token.sh
+++ b/scripts/get-cursor-token.sh
@@ -0,0 +1,69 @@
+#!/bin/bash
+# Extract Cursor CLI OAuth token from host machine for use in Docker container
+#
+# IMPORTANT: This extracts the cursor-agent CLI OAuth token, NOT the Cursor IDE token.
+# cursor-agent stores tokens in macOS Keychain (not SQLite like the IDE).
+#
+# Usage: ./scripts/get-cursor-token.sh
+#        or: export CURSOR_AUTH_TOKEN=$(./scripts/get-cursor-token.sh)
+#
+# For Docker: echo "CURSOR_AUTH_TOKEN=$(./scripts/get-cursor-token.sh)" >> .env
+
+set -e
+
+# Determine platform and extract token accordingly
+if [[ "$OSTYPE" == "darwin"* ]]; then
+    # macOS: cursor-agent stores OAuth tokens in Keychain
+    # Service: cursor-access-token, Account: cursor-user
+
+    if ! command -v security &> /dev/null; then
+        echo "Error: 'security' command not found." >&2
+        exit 1
+    fi
+
+    # Extract access token from Keychain
+    TOKEN=$(security find-generic-password -a "cursor-user" -s "cursor-access-token" -w 2>/dev/null)
+
+    if [ -z "$TOKEN" ]; then
+        echo "Error: No Cursor CLI token found in Keychain." >&2
+        echo "Make sure you've logged in with 'cursor-agent login' first." >&2
+        exit 1
+    fi
+
+elif [[ "$OSTYPE" == "linux-gnu"* ]]; then
+    # Linux: cursor-agent stores OAuth tokens in a JSON file
+    # Default location: ~/.config/cursor/auth.json
+    # Or: $XDG_CONFIG_HOME/cursor/auth.json
+
+    if [ -n "$XDG_CONFIG_HOME" ]; then
+        AUTH_FILE="$XDG_CONFIG_HOME/cursor/auth.json"
+    else
+        AUTH_FILE="$HOME/.config/cursor/auth.json"
+    fi
+
+    if [ ! -f "$AUTH_FILE" ]; then
+        echo "Error: Cursor auth file not found at: $AUTH_FILE" >&2
+        echo "Make sure you've logged in with 'cursor-agent login' first." >&2
+        exit 1
+    fi
+
+    # Check if jq is available
+    if ! command -v jq &> /dev/null; then
+        echo "Error: jq is required but not installed." >&2
+        echo "Install it with: apt install jq" >&2
+        exit 1
+    fi
+
+    TOKEN=$(jq -r '.accessToken // empty' "$AUTH_FILE" 2>/dev/null)
+
+    if [ -z "$TOKEN" ]; then
+        echo "Error: No access token found in $AUTH_FILE" >&2
+        exit 1
+    fi
+else
+    echo "Error: Unsupported platform: $OSTYPE" >&2
+    exit 1
+fi
+
+# Output the token
+echo "$TOKEN"