docker

package

v0.2.1 Latest Latest Go to latest Published: Feb 2, 2026 License: MIT Imports: 23 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/AjaxZhan/AgentFense

Links

Open Source Insights

Documentation ¶

Overview ¶

Package docker provides a sandbox runtime implementation using Docker containers. It creates isolated execution environments using Docker with FUSE filesystem for permission enforcement, similar to the bwrap runtime but with stronger isolation.

Index ¶

type Config
- func DefaultConfig() *Config
type DockerRuntime
- func New(config *Config) (*DockerRuntime, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	// DockerHost is the Docker daemon socket address (default: uses DOCKER_HOST env or unix:///var/run/docker.sock)
	DockerHost string

	// DefaultImage is the default Docker image to use (default: "ubuntu:22.04")
	DefaultImage string

	// DefaultTimeout is the default timeout for operations
	DefaultTimeout time.Duration

	// FUSEMountBase is the base directory for FUSE mount points
	FUSEMountBase string

	// NetworkMode is the default network mode for containers ("none", "bridge", "host")
	NetworkMode string

	// EnableNetworking allows network access in sandboxes (maps to "bridge" if true, "none" if false)
	EnableNetworking bool
}

Config holds configuration for the DockerRuntime.

func DefaultConfig ¶

func DefaultConfig() *Config

DefaultConfig returns a Config with sensible defaults.

type DockerRuntime ¶

type DockerRuntime struct {
	// contains filtered or unexported fields
}

DockerRuntime implements runtime.RuntimeWithSession using Docker containers.

func New ¶

func New(config *Config) (*DockerRuntime, error)

New creates a new DockerRuntime with the given configuration.

func (*DockerRuntime) Close ¶

func (r *DockerRuntime) Close() error

Close closes the Docker client and cleans up resources.

func (*DockerRuntime) Create ¶

func (r *DockerRuntime) Create(ctx context.Context, config *rt.SandboxConfig) (*types.Sandbox, error)

Create creates a new sandbox but does not start it.

func (*DockerRuntime) CreateSession ¶

func (r *DockerRuntime) CreateSession(ctx context.Context, sandboxID string, config *types.SessionConfig) (*types.Session, error)

CreateSession creates a new shell session within a sandbox.

func (*DockerRuntime) Destroy ¶

func (r *DockerRuntime) Destroy(ctx context.Context, sandboxID string) error

Destroy destroys a sandbox, releasing all resources.

func (*DockerRuntime) DestroySession ¶

func (r *DockerRuntime) DestroySession(ctx context.Context, sessionID string) error

DestroySession destroys a session and kills all its child processes.

func (*DockerRuntime) Exec ¶

func (r *DockerRuntime) Exec(ctx context.Context, sandboxID string, req *types.ExecRequest) (*types.ExecResult, error)

Exec executes a command in the sandbox and returns the result.

func (*DockerRuntime) ExecStream ¶

func (r *DockerRuntime) ExecStream(ctx context.Context, sandboxID string, req *types.ExecRequest, output chan<- []byte) error

ExecStream executes a command and streams output.

func (*DockerRuntime) Get ¶

func (r *DockerRuntime) Get(ctx context.Context, sandboxID string) (*types.Sandbox, error)

Get retrieves information about a sandbox.

func (*DockerRuntime) GetSession ¶

func (r *DockerRuntime) GetSession(ctx context.Context, sessionID string) (*types.Session, error)

GetSession retrieves information about a session.

func (*DockerRuntime) List ¶

func (r *DockerRuntime) List(ctx context.Context) ([]*types.Sandbox, error)

List returns all sandboxes managed by this runtime.

func (*DockerRuntime) ListSessions ¶

func (r *DockerRuntime) ListSessions(ctx context.Context, sandboxID string) ([]*types.Session, error)

ListSessions returns all sessions for a sandbox.

func (*DockerRuntime) Name ¶

func (r *DockerRuntime) Name() string

Name returns the name of this runtime implementation.

func (*DockerRuntime) SessionExec ¶

func (r *DockerRuntime) SessionExec(ctx context.Context, sessionID string, req *types.SessionExecRequest) (*types.ExecResult, error)

SessionExec executes a command within a session, preserving state.

func (*DockerRuntime) SessionExecStream ¶

func (r *DockerRuntime) SessionExecStream(ctx context.Context, sessionID string, req *types.SessionExecRequest, output chan<- []byte) error

SessionExecStream executes a command within a session and streams output.

func (*DockerRuntime) Start ¶

func (r *DockerRuntime) Start(ctx context.Context, sandboxID string) error

Start starts a previously created sandbox.

func (*DockerRuntime) Stop ¶

func (r *DockerRuntime) Stop(ctx context.Context, sandboxID string) error

Stop stops a running sandbox without destroying it.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL