Setting Up the Crafting System — Org Admin Guide
Welcome to Crafting Sandbox. This guide walks through the recommended steps for getting the Crafting system ready for developers in your organization.
Step 1: Start with a Codebase
The first step is to get a running sandbox with your source code. This requires having access to your source repositories set up in Crafting. Depending on how Crafting is deployed in your organization, this typically means one of:
- Registering your SSH public key with GitHub or another version control provider, so the workspace can authenticate using the Managed SSH Keypair.
- Activating the GitHub App for your org, which enables seamless repository access without per-user SSH key registration.
Once access is configured, create a sandbox by clicking the Create Sandbox button in the Web Console, fill in the git URL of the source repository, and click Create.
At this stage, it is most effective to collaborate directly with the Crafting team. Crafting will take the lead on curating the first Template and demonstrating the developer experience, so you can onboard the first few developers with a proven setup.
Connect a Kubernetes Cluster
If Kubernetes Development Experience is desired, connect a Kubernetes cluster to the Crafting system.
Step 2: Keep Iterating
Once the initial environment is working, continue iterating with the Crafting team to:
- Add more capabilities to the existing use case (e.g. additional dependency services, endpoints, workspace automation)
- Enable additional use cases (e.g. Kubernetes Development Experience, External Resources)
- Onboard more developers to the system
Key areas to configure during this phase:
- Templates: Define and refine Templates that capture the ideal sandbox definition for each use case.
- Snapshots: Create base snapshots and dependency snapshots to speed up sandbox creation.
- Sandbox Pool: Set up a Sandbox Pool for frequently used templates to ensure instant sandbox availability for developers.
- Secrets: Configure org-level secrets so that shared credentials are available in all sandboxes without requiring individual setup.
- Auto Suspension: Review and configure auto suspension policies to manage resource costs.
Step 3: Handover and Ongoing Support
When the system is set up in a good state, the Crafting team will hand over operations to the org admins. You will have full control over:
- Managing org members and their roles
- Managing service accounts for automation pipelines
- Configuring node pools and resource allocation (Enterprise Edition, self-hosted)
- Monitoring the System Admin Dashboard for system-wide health and resource usage
Crafting remains available for further questions and requests at any time. Do not hesitate to reach out for help with new use cases or advanced configurations.
Preparing for Developer Onboarding
Once the system is in good shape, prepare the org for developers:
Invite Developers: Visit Team/Members to add developers as members. If a Domain is set with your organization's email domain, users are automatically registered upon their first login.
Review and Adjust Org Settings: Visit Team/Settings to tune the following:
- Default Sandbox Sharing Mode: Can be changed to
Privatefor stricter security. - Domain Signin Mode: Controls whether new domain-matched users start as disabled (requiring admin approval) or become active immediately.
- Member Access: Recommended to set to
Restrictedto prevent accidental modification of centrally managed objects. - Options for Resource Cost Control: Tune sandbox auto suspension and auto deletion policies to manage resource usage.
- Custom Onboard Message: Org admins can set a message shown to new members; when set to
Mandatory, new members must acknowledge reading it before proceeding. - Default Favorite Templates: Templates displayed under the
Templatemenu for all members, making it easy for developers to find the right starting point. - Base Images: Curated images usable as workspaces'
base_snapshot. One image can be designated as the default.
Key Configuration Areas for Org Admins
The following table summarizes the primary areas of responsibility for an org admin:
| Area | Description | Reference |
|---|---|---|
| Templates | Define reusable sandbox definitions | Template |
| Snapshots | Capture and share pre-built filesystem state | Snapshot |
| Sandbox Pool | Pre-warm sandboxes for instant availability | Sandbox Pool |
| Secrets | Manage org-level credentials and keys | Secret |
| GitHub App | Connect GitHub for seamless code access | GitHub App |
| LLM Config | Configure LLM providers for AI features | LLM Config |
| Auto Suspension | Configure idle suspension policies | Auto Suspension |
| Node Pools | Configure compute resources (Enterprise) | Node Pool |
| System Admin | System-wide observability and alerting | System Admin Dashboard |
| Connected Infra | Connect Kubernetes clusters | Connected Infra |
| Endpoint Aliases | Manage stable DNS names for webhooks | Endpoint Alias |
See Also
- Developer Onboard Guide — share this with your developers
- Template — understanding template structure
- Workspace Automation — automating sandbox setup
- Sandbox Sharing Mode — default sharing policy for new sandboxes