Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ErrImageNotAllowed = errors.New("runner: image not in allowlist")
ErrImageNotAllowed is returned when the skill's Docker image is not in the allowlist.
var ErrNotImplemented = errors.New("runner: not implemented")
ErrNotImplemented is returned when the runner has not been implemented yet.
var ErrSkillNotFound = errors.New("runner: skill not found")
ErrSkillNotFound is returned when the requested skill cannot be found in the registry.
var ErrTimeout = errors.New("runner: execution timed out")
ErrTimeout is returned when execution exceeds the configured timeout.
Functions ¶
func CleanupOrphans ¶
CleanupOrphans finds and removes any containers with the label "managed-by=skillbox" that were left behind by previous server instances (e.g. after a crash or ungraceful shutdown). It is designed to be called once at server startup.
Each orphaned container is force-removed. Errors removing individual containers are logged but do not stop the cleanup of remaining containers. A non-nil error is returned only if the container listing itself fails.
func ParseCPULimit ¶
ParseCPULimit converts a fractional CPU string (e.g. "0.5", "1", "2") into a Docker CPUQuota value in microseconds per 100ms period. Docker uses CPUPeriod (default 100000 microseconds = 100ms) and CPUQuota to enforce CPU limits:
0.5 CPU -> CPUQuota = 50000 (50ms of 100ms period) 1 CPU -> CPUQuota = 100000 (100ms of 100ms period) 2 CPUs -> CPUQuota = 200000 (200ms of 100ms period)
func ParseMemoryLimit ¶
ParseMemoryLimit converts a Kubernetes-style memory string to bytes. Supported suffixes:
Ki — kibibytes (1024) Mi — mebibytes (1024^2) Gi — gibibytes (1024^3)
A plain integer is treated as bytes.
func ValidateImage ¶
ValidateImage checks that the requested Docker image is present in the allowlist. If the allowlist is empty, all images are rejected. The comparison is case-sensitive and requires an exact match.
Types ¶
type RunRequest ¶
type RunRequest struct {
Skill string `json:"skill"`
Version string `json:"version"`
Input json.RawMessage `json:"input"`
Env map[string]string `json:"env,omitempty"`
TenantID string `json:"-"`
}
RunRequest describes a skill execution request.
type RunResult ¶
type RunResult struct {
ExecutionID string `json:"execution_id"`
Status string `json:"status"` // success, failed, timeout
Output json.RawMessage `json:"output,omitempty"`
FilesURL string `json:"files_url,omitempty"`
FilesList []string `json:"files_list,omitempty"`
Logs string `json:"logs,omitempty"`
DurationMs int64 `json:"duration_ms"`
Error *string `json:"error"`
}
RunResult holds the outcome of a skill execution.
type Runner ¶
type Runner struct {
// contains filtered or unexported fields
}
Runner orchestrates skill execution in sandboxed Docker containers.
func New ¶
func New(cfg *config.Config, docker *client.Client, reg *registry.Registry, st *store.Store, art *artifacts.Collector) *Runner
New creates a Runner with all required dependencies.
func (*Runner) Run ¶
Run executes a skill in a sandboxed Docker container. It handles the complete lifecycle: record creation, skill loading, container setup, execution, output collection, artifact uploading, and cleanup.
The context controls the overall execution timeout. If the context is cancelled or times out, the container is killed and the execution is marked as "timeout".
Source Files