docker
Sandboxing Claude Code in a Long-Lived Container in MacOS
A wide allowlist is only safe when the blast radius is small. Running Claude Code inside a per-session Colima container with a git worktree and an iptables egress allowlist keeps rm, bash, and gh pr create from ever touching host macOS.
ReadDeploy Docker Image using Github Actions to Google cloud Run
Deploy docker images automatically from github to cloud run using github actions. Cloud run is serveless similar to lambda so you are only charged when container is serving request. Major different between aws lamdha or google function and cloud run is cloud run can deploy docker images, which is life saver as majority of projects are already dockerize.
Read