container

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 11, 2026 License: MIT Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	SandboxedCommandProviderName        = "sandboxed-command"
	SandboxedCommandOperationRun        = "run-sandboxed-command"
	SandboxedContainerBuildProviderName = "sandboxed-container-build"
	SandboxedContainerBuildOperation    = "build-sandboxed-container"

	SandboxNetworkNone   = "none"
	SandboxNetworkBridge = "bridge"

	SandboxedContainerBuildStateDir     = "/wfcompute-build"
	SandboxedContainerBuildDigestPath   = SandboxedContainerBuildStateDir + "/wfcompute-container-build-digest"
	SandboxedContainerBuildDigestMarker = "WORKFLOW_COMPUTE_BUILD_DIGEST="
)

Variables

This section is empty.

Functions

func CleanContainerPath 

func CleanContainerPath(value string) string

func CommandRuntimeEnv 

func CommandRuntimeEnv(workload core.CommandWorkload, resolved map[string]string) (map[string]string, error)

func ContainerBuildEnv 

func ContainerBuildEnv(workload core.ContainerBuildWorkload, resolved map[string]string) (map[string]string, error)

func DirectorySize 

func DirectorySize(root string) int64

func ManagedRuntimeScopeArgs added in v0.4.0 

func ManagedRuntimeScopeArgs(parts ...string) []string

func ManagedRuntimeScopeName added in v0.4.0 

func ManagedRuntimeScopeName(parts ...string) string

func ParseSandboxedContainerBuildDigestMarker 

func ParseSandboxedContainerBuildDigestMarker(output []byte) string

func ReadSandboxedContainerBuildDigest 

func ReadSandboxedContainerBuildDigest(path string) (string, error)

func ResolveContainerBuildPaths 

func ResolveContainerBuildPaths(workspace string, workload core.ContainerBuildWorkload) (string, string, error)

func SandboxedCommandContract 

func SandboxedCommandContract(descriptor core.RuntimeDescriptor) core.RuntimeAdapterContract

func SandboxedContainerBuildContract 

func SandboxedContainerBuildContract(descriptor core.RuntimeDescriptor) core.RuntimeAdapterContract

func ValidSHA256Digest 

func ValidSHA256Digest(value string) bool

Types

type ContainerRuntimeScope 

type ContainerRuntimeScope struct {
	Args []string
}

type DockerCommandRunner added in v0.2.0 

type DockerCommandRunner interface {
	CombinedOutput(ctx context.Context, stdin []byte, name string, args ...string) ([]byte, []byte, error)
}

type DockerSandboxRuntime added in v0.2.0 

type DockerSandboxRuntime struct {
	Tool        string
	RuntimeName string
	Runner      DockerCommandRunner
}

func (DockerSandboxRuntime) Available added in v0.2.0 

func (r DockerSandboxRuntime) Available(ctx context.Context) error

func (DockerSandboxRuntime) Run added in v0.2.0 

func (r DockerSandboxRuntime) Run(ctx context.Context, req SandboxRunRequest) (SandboxRunResult, error)

type ExecDockerCommandRunner added in v0.2.0 

type ExecDockerCommandRunner struct{}

func (ExecDockerCommandRunner) CombinedOutput added in v0.2.0 

func (ExecDockerCommandRunner) CombinedOutput(ctx context.Context, stdin []byte, name string, args ...string) ([]byte, []byte, error)

type ExecRuntimeCommandRunner added in v0.2.0 

type ExecRuntimeCommandRunner struct{}

func (ExecRuntimeCommandRunner) LookPath added in v0.2.0 

func (ExecRuntimeCommandRunner) LookPath(name string) (string, error)

func (ExecRuntimeCommandRunner) Run added in v0.2.0 

func (ExecRuntimeCommandRunner) Run(ctx context.Context, name string, args ...string) (RuntimeCommandResult, error)

type ManagedRuntimeBundleCatalog added in v0.4.0 

type ManagedRuntimeBundleCatalog struct {
	ReleaseTag       string                                `json:"release_tag,omitempty"`
	SourceBaseURL    string                                `json:"source_base_url,omitempty"`
	GeneratedAt      time.Time                             `json:"generated_at"`
	Bundles          []core.ManagedRuntimeBundleDescriptor `json:"bundles"`
	BlockedVersions  []string                              `json:"blocked_versions,omitempty"`
	RevokedKeyIDs    []string                              `json:"revoked_key_ids,omitempty"`
	MinimumVersion   string                                `json:"minimum_version,omitempty"`
	StableSigningKey string                                `json:"stable_signing_key,omitempty"`
}

func (ManagedRuntimeBundleCatalog) Bundle added in v0.4.0 

func (c ManagedRuntimeBundleCatalog) Bundle(bundleID string, now time.Time) (core.ManagedRuntimeBundleDescriptor, error)

func (ManagedRuntimeBundleCatalog) BundleForTarget added in v0.4.0 

func (c ManagedRuntimeBundleCatalog) BundleForTarget(bundleID, targetOS, targetArch string, now time.Time) (core.ManagedRuntimeBundleDescriptor, error)

type ManagedRuntimeInstallation added in v0.4.0 

type ManagedRuntimeInstallation struct {
	Bundle      core.ManagedRuntimeBundleDescriptor
	Root        string
	CommandPath string
}

func NewManagedContainerdRuntimeInstallation added in v0.4.0 

func NewManagedContainerdRuntimeInstallation(bundle core.ManagedRuntimeBundleDescriptor, root string) (ManagedRuntimeInstallation, error)

type RuntimeAdapterCatalogDocument 

type RuntimeAdapterCatalogDocument struct {
	Version                   string                       `json:"version"`
	ProtocolVersion           string                       `json:"protocol_version"`
	Adapters                  []RuntimeAdapterCatalogEntry `json:"adapters"`
	RuntimeBackends           []RuntimeBackendCatalogEntry `json:"runtime_backends,omitempty"`
	HostOwnedResponsibilities []string                     `json:"host_owned_responsibilities"`
}

func (RuntimeAdapterCatalogDocument) Validate 

func (d RuntimeAdapterCatalogDocument) Validate() error

type RuntimeAdapterCatalogEntry 

type RuntimeAdapterCatalogEntry struct {
	AdapterID           string                      `json:"adapter_id"`
	Operation           string                      `json:"operation"`
	Kinds               []core.RuntimeAdapterKind   `json:"kinds"`
	WorkloadKinds       []core.WorkloadKind         `json:"workload_kinds"`
	RuntimeProfiles     []core.RuntimeProfile       `json:"runtime_profiles"`
	WorkspacePolicy     core.RuntimeWorkspacePolicy `json:"workspace_policy"`
	ConformanceProfiles []string                    `json:"conformance_profiles"`
}

func (RuntimeAdapterCatalogEntry) Contract 

func (e RuntimeAdapterCatalogEntry) Contract(descriptor core.RuntimeDescriptor) core.RuntimeAdapterContract

func (RuntimeAdapterCatalogEntry) Validate 

func (e RuntimeAdapterCatalogEntry) Validate() error

type RuntimeBackendCatalogEntry added in v0.2.0 

type RuntimeBackendCatalogEntry struct {
	BackendID           string                      `json:"backend_id"`
	Families            []core.RuntimeBackendFamily `json:"families"`
	Tools               []core.ContainerRuntimeTool `json:"tools"`
	SupportedTargets    []core.ManagedRuntimeTarget `json:"supported_targets,omitempty"`
	IsolationModes      []core.RuntimeIsolationMode `json:"isolation_modes"`
	InstallBurdens      []core.RuntimeInstallBurden `json:"install_burdens"`
	RuntimeProfiles     []core.RuntimeProfile       `json:"runtime_profiles"`
	ExecutorProviders   []string                    `json:"executor_providers"`
	ConformanceProfiles []string                    `json:"conformance_profiles"`
}

func (RuntimeBackendCatalogEntry) Validate added in v0.2.0 

func (e RuntimeBackendCatalogEntry) Validate() error

type RuntimeBackendProbe added in v0.2.0 

type RuntimeBackendProbe struct {
	Options RuntimeBackendProbeOptions
	Runner  RuntimeCommandRunner
}

func DockerCompatibleRuntimeProbes added in v0.2.0 

func DockerCompatibleRuntimeProbes(runner RuntimeCommandRunner, generatedAt time.Time) []RuntimeBackendProbe

func ManagedContainerdRuntimeProbe added in v0.4.0 

func ManagedContainerdRuntimeProbe(installation *ManagedRuntimeInstallation, runner RuntimeCommandRunner, generatedAt time.Time) RuntimeBackendProbe

func ManagedContainerdRuntimeProbes added in v0.4.0 

func ManagedContainerdRuntimeProbes(catalog ManagedRuntimeBundleCatalog, installRoot string, runner RuntimeCommandRunner, generatedAt time.Time) []RuntimeBackendProbe

func (RuntimeBackendProbe) Probe added in v0.2.0 

func (p RuntimeBackendProbe) Probe(ctx context.Context) core.RuntimeBackendReport

type RuntimeBackendProbeOptions added in v0.2.0 

type RuntimeBackendProbeOptions struct {
	BackendID            string
	Family               core.RuntimeBackendFamily
	Tool                 core.ContainerRuntimeTool
	Command              string
	VersionArgs          []string
	ConformanceImage     string
	ConformanceCommand   []string
	ConformanceWorkspace string
	RuntimeScopeArgs     []string
	IsolationMode        core.RuntimeIsolationMode
	InstallBurden        core.RuntimeInstallBurden
	RuntimeProfiles      []core.RuntimeProfile
	ConformanceProfiles  []string
	ManagedBundle        *core.ManagedRuntimeBundleDescriptor
	GeneratedAt          time.Time
}

type RuntimeCommandResult added in v0.2.0 

type RuntimeCommandResult struct {
	Stdout []byte
	Stderr []byte
}

type RuntimeCommandRunner added in v0.2.0 

type RuntimeCommandRunner interface {
	LookPath(name string) (string, error)
	Run(ctx context.Context, name string, args ...string) (RuntimeCommandResult, error)
}

type SandboxMount 

type SandboxMount struct {
	HostPath       string
	ContainerPath  string
	ReadOnly       bool
	RequiredPrefix string
}

type SandboxRunRequest 

type SandboxRunRequest struct {
	Image                      string
	Command                    []string
	CommandOverridesEntrypoint bool
	RuntimeScope               ContainerRuntimeScope
	Stdin                      []byte
	Workspace                  string
	WorkingDir                 string
	Env                        map[string]string
	Network                    string
	RuntimeName                string
	RunAsRoot                  bool
	WritableRootFS             bool
	AddCapabilities            []string
	ExtraTmpfs                 []string
	DataMounts                 []SandboxMount
	Timeout                    time.Duration
	Limits                     core.ResourceLimits
}

type SandboxRunResult 

type SandboxRunResult struct {
	ExitCode      int
	Stdout        []byte
	Stderr        []byte
	ArtifactHash  string
	ResourceUsage core.ResourceUsage
}

type SandboxRuntime 

type SandboxRuntime interface {
	Available(context.Context) error
	Run(context.Context, SandboxRunRequest) (SandboxRunResult, error)
}

type SandboxRuntimeCommandAdapter 

type SandboxRuntimeCommandAdapter struct {
	Runtime SandboxRuntime
}

func (SandboxRuntimeCommandAdapter) RunSandboxedCommand 

func (a SandboxRuntimeCommandAdapter) RunSandboxedCommand(ctx context.Context, invocation SandboxedCommandRuntimeInvocation) (core.RuntimeExecutionResult, error)

type SandboxRuntimeContainerBuildAdapter 

type SandboxRuntimeContainerBuildAdapter struct {
	Runtime SandboxRuntime
}

func (SandboxRuntimeContainerBuildAdapter) BuildSandboxedContainer 

func (a SandboxRuntimeContainerBuildAdapter) BuildSandboxedContainer(ctx context.Context, invocation SandboxedContainerBuildRuntimeInvocation) (core.RuntimeExecutionResult, error)

type SandboxedCommandInvocationOptions 

type SandboxedCommandInvocationOptions struct {
	TaskID          string
	LeaseID         string
	Image           string
	Workspace       string
	Network         string
	Timeout         time.Duration
	TimeoutLimitHit string
	Workload        core.CommandWorkload
	ResolvedEnv     map[string]string
	Limits          core.ResourceLimits
}

type SandboxedCommandRuntime 

type SandboxedCommandRuntime interface {
	RunSandboxedCommand(context.Context, SandboxedCommandRuntimeInvocation) (core.RuntimeExecutionResult, error)
}

type SandboxedCommandRuntimeInvocation 

type SandboxedCommandRuntimeInvocation struct {
	Request         core.RuntimeExecutionRequest
	Image           string
	Workspace       string
	Network         string
	Timeout         time.Duration
	TimeoutLimitHit string
}

func NewSandboxedCommandInvocation 

func NewSandboxedCommandInvocation(opts SandboxedCommandInvocationOptions) (SandboxedCommandRuntimeInvocation, error)

type SandboxedContainerBuildInvocationOptions 

type SandboxedContainerBuildInvocationOptions struct {
	TaskID          string
	LeaseID         string
	Image           string
	Workspace       string
	Network         string
	Timeout         time.Duration
	TimeoutLimitHit string
	Workload        core.ContainerBuildWorkload
	ResolvedEnv     map[string]string
	Limits          core.ResourceLimits
}

type SandboxedContainerBuildRuntime 

type SandboxedContainerBuildRuntime interface {
	BuildSandboxedContainer(context.Context, SandboxedContainerBuildRuntimeInvocation) (core.RuntimeExecutionResult, error)
}

type SandboxedContainerBuildRuntimeInvocation 

type SandboxedContainerBuildRuntimeInvocation struct {
	Request         core.RuntimeExecutionRequest
	Image           string
	Workspace       string
	Network         string
	Timeout         time.Duration
	TimeoutLimitHit string
}

func NewSandboxedContainerBuildInvocation 

func NewSandboxedContainerBuildInvocation(opts SandboxedContainerBuildInvocationOptions) (SandboxedContainerBuildRuntimeInvocation, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.