Running Claude Code in a container gives you a sandboxed environment where it can’t touch your host filesystem, install random packages globally, or break your local setup.
Quick Start
docker run -it --rm \
-e ANTHROPIC_API_KEY=$ANTHROPIC_API_KEY \
-v $(pwd):/workspace \
-w /workspace \
node:20 bash -c "npm install -g @anthropic-ai/claude-code && claude"Dockerfile for a Reusable Image
FROM node:20-slim
RUN npm install -g @anthropic-ai/claude-code
RUN apt-get update && apt-get install -y git jq curl && rm -rf /var/lib/apt/lists/*
WORKDIR /workspace
ENTRYPOINT ["claude"]Build and run:
docker build -t claude-code .
docker run -it --rm \
-e ANTHROPIC_API_KEY=$ANTHROPIC_API_KEY \
-v $(pwd):/workspace \
claude-codeWhen to Use Containers
- Untrusted repos: reviewing code you didn’t write
- CI/CD pipelines: reproducible environments across runs
- Team standardization: everyone uses the same toolchain
- Risky operations: let Claude run destructive commands safely
Mount Your Config
Pass your CLAUDE.md and settings into the container:
docker run -it --rm \
-e ANTHROPIC_API_KEY=$ANTHROPIC_API_KEY \
-v $(pwd):/workspace \
-v ~/.claude:/root/.claude:ro \
claude-codeThe :ro flag mounts your config as read-only so Claude can’t modify your global settings.