Documentation
¶
Index ¶
- func IsPolicyCompatibilityError(err error) bool
- func LogExceptionPath(exceptionID, component, accessType, detail string)
- func LogPolicyDenied(sessionID, backend, operation, resource, reason string)
- func LogSessionClosed(sessionID, backend, reason string)
- func LogSessionCreated(sessionID, backend string, policy Policy)
- func LogUnsupportedBackend(policy Policy, attempted []string, reason string)
- func NewSessionID() string
- type DirEntry
- type ExecOptions
- type ExecResult
- type Factory
- type FilesystemPolicy
- type Host
- type NetworkMode
- type NetworkPolicy
- type Policy
- type PolicyCompatibilityError
- type ProcessHandle
- type ProcessRequest
- type Registry
- func (r *Registry) AvailableBackends() []string
- func (r *Registry) CreateSession(ctx context.Context, policy Policy) (Session, error)
- func (r *Registry) Get(name string) Factory
- func (r *Registry) List() []string
- func (r *Registry) Register(factory Factory) error
- func (r *Registry) Unregister(name string)
- type Session
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func IsPolicyCompatibilityError ¶
IsPolicyCompatibilityError reports whether an error is a policy compatibility error.
func LogExceptionPath ¶
func LogExceptionPath(exceptionID, component, accessType, detail string)
func LogPolicyDenied ¶
func LogPolicyDenied(sessionID, backend, operation, resource, reason string)
func LogSessionClosed ¶
func LogSessionClosed(sessionID, backend, reason string)
func LogSessionCreated ¶
func LogUnsupportedBackend ¶
func NewSessionID ¶
func NewSessionID() string
NewSessionID returns a cryptographically random session identifier. Using random IDs avoids Docker container name collisions across test runs.
Types ¶
type DirEntry ¶
DirEntry is retained for use by prompt_host.go which reads directories via os.ReadDir and needs a uniform entry type shared with sandbox callers.
type ExecOptions ¶
type ExecResult ¶
type Factory ¶
type Factory interface {
CreateSession(ctx context.Context, policy Policy) (Session, error)
Supported(policy Policy) error
Name() string
Available() bool
}
Factory creates sessions from policies.
type FilesystemPolicy ¶
type FilesystemPolicy struct {
// WorkspaceRoot is the host path mounted as the sandbox root. When empty,
// WorkingDir is used for backwards compatibility.
WorkspaceRoot string
// WorkingDir is the logical working directory inside the sandbox root.
WorkingDir string
}
FilesystemPolicy defines filesystem constraints for a sandbox session.
type Host ¶
type Host = Session
Host is an alias for Session kept for internal use by the runner and core tools. New code should use Session directly.
type NetworkMode ¶
type NetworkMode string
NetworkMode defines the network access mode for a sandbox session.
const ( // NetworkDisabled blocks all network access. NetworkDisabled NetworkMode = "disabled" // NetworkAllowAll allows unrestricted network access. NetworkAllowAll NetworkMode = "allow_all" )
type NetworkPolicy ¶
type NetworkPolicy struct {
// Mode is the network access mode: disabled | allow_all.
Mode NetworkMode
// Timeout for network operations. Zero means no timeout.
Timeout time.Duration
}
NetworkPolicy defines network constraints for a sandbox session.
type Policy ¶
type Policy struct {
// Filesystem policy
Filesystem FilesystemPolicy
// Network policy
Network NetworkPolicy
// Env holds environment variables injected into sandboxed processes.
Env map[string]string
// InheritEnv includes system environment variables when true.
InheritEnv bool
// Timeout for process execution. Zero means no timeout.
Timeout time.Duration
}
Policy is an immutable, backend-agnostic session policy describing requested limits for filesystem, network, and process constraints.
func (Policy) NetworkModeOrDefault ¶
func (p Policy) NetworkModeOrDefault() NetworkMode
NetworkModeOrDefault returns the network mode with default applied.
func (Policy) Validate ¶
Validate returns an error if the policy contains invalid configurations. This validates policy structure, not backend compatibility.
func (Policy) WorkspaceRootOrDefault ¶
WorkspaceRootOrDefault returns the mounted sandbox root on the host.
type PolicyCompatibilityError ¶
PolicyCompatibilityError indicates a policy is not compatible with a backend.
func (*PolicyCompatibilityError) Error ¶
func (e *PolicyCompatibilityError) Error() string
type ProcessHandle ¶
type ProcessHandle interface {
PID() int
Wait(ctx context.Context) (ExecResult, error)
Stdin() io.WriteCloser
Stdout() io.ReadCloser
Stderr() io.ReadCloser
Close() error
}
type ProcessRequest ¶
type Registry ¶
type Registry struct {
// contains filtered or unexported fields
}
Registry manages available backend factories and creates sessions.
func (*Registry) AvailableBackends ¶
AvailableBackends returns available factory names in registration order.
func (*Registry) CreateSession ¶
CreateSession creates a session using a compatible backend. The registry iterates registered factories in registration order and uses the first one that is available and supports the policy.
func (*Registry) Unregister ¶
Unregister removes a factory from the registry.
type Session ¶
type Session interface {
// Lifecycle
Policy() Policy
Close() error
Alive() bool
Done() <-chan struct{}
// Host process surface
Exec(ctx context.Context, command string, opts ExecOptions) (ExecResult, error)
StartProcess(ctx context.Context, req ProcessRequest) (ProcessHandle, error)
// Path resolution — use os.* with the resolved path for file I/O.
ResolvePath(path string) (string, error)
WorkingDir() string
}
Session is the plugin-facing sandbox surface: lifecycle + mediated host access. It combines what was previously the Session lifecycle interface and the Host file/process interface into a single type so plugins receive one coherent value.
Source Files