microsandbox-rb 0.5.7 → 0.5.9

data/ext/microsandbox/src/agent.rs

@@ -0,0 +1,166 @@
+//! Raw agent client: `Microsandbox::Native::AgentClient`.
+//!
+//! Mirrors `sdk/python/src/agent.rs`. Wraps the core `AgentBridge` — the
+//! FFI-shaped, bytes-in/bytes-out façade over a sandbox's agentd relay socket.
+//! Frames are moved as raw CBOR bodies; (de)serialization stays in Ruby. Streams
+//! are referenced by opaque `u64` handles so the Ruby layer never owns a tokio
+//! receiver. Every call runs on the shared tokio runtime with the GVL released.
+
+use std::sync::Arc;
+use std::time::Duration;
+
+use magnus::{function, method, prelude::*, Error, RHash, RModule, RString, Ruby};
+use microsandbox::agent::AgentClient as CoreAgentClient;
+use microsandbox::{AgentBridge, BridgeFrame, MicrosandboxError};
+
+use crate::error;
+use crate::runtime::{block_on, ruby};
+
+/// Map an agent-client error onto the Ruby exception hierarchy (via the core
+/// `MicrosandboxError::AgentClient` wrapper, exactly like the Python binding).
+fn to_ruby_agent(err: microsandbox::AgentClientError) -> Error {
+    error::to_ruby(MicrosandboxError::AgentClient(err))
+}
+
+#[magnus::wrap(class = "Microsandbox::Native::AgentClient", free_immediately, size)]
+pub struct AgentClient {
+    inner: Arc<AgentBridge>,
+}
+
+impl AgentClient {
+    fn from_bridge(bridge: AgentBridge) -> Self {
+        Self {
+            inner: Arc::new(bridge),
+        }
+    }
+
+    //----------------------------------------------------------------------
+    // Connection (singleton methods)
+    //----------------------------------------------------------------------
+
+    /// Connect to a running sandbox by name. `timeout` is optional seconds.
+    fn connect_sandbox(name: String, timeout: Option<f64>) -> Result<AgentClient, Error> {
+        let bridge = match dur(timeout) {
+            Some(t) => block_on(AgentBridge::connect_sandbox_with_timeout(&name, t)),
+            None => block_on(AgentBridge::connect_sandbox(&name)),
+        }
+        .map_err(to_ruby_agent)?;
+        Ok(AgentClient::from_bridge(bridge))
+    }
+
+    /// Connect to an agentd relay socket by path. `timeout` is optional seconds.
+    fn connect_path(path: String, timeout: Option<f64>) -> Result<AgentClient, Error> {
+        let bridge = match dur(timeout) {
+            Some(t) => block_on(AgentBridge::connect_path_with_timeout(&path, t)),
+            None => block_on(AgentBridge::connect_path(&path)),
+        }
+        .map_err(to_ruby_agent)?;
+        Ok(AgentClient::from_bridge(bridge))
+    }
+
+    /// Resolve a sandbox's agent relay socket path without connecting.
+    fn socket_path(name: String) -> Result<String, Error> {
+        let path = CoreAgentClient::socket_path(&name).map_err(error::to_ruby)?;
+        Ok(path.to_string_lossy().into_owned())
+    }
+
+    //----------------------------------------------------------------------
+    // Instance methods
+    //----------------------------------------------------------------------
+
+    /// Send one frame and await a single response frame ({id, flags, body}).
+    fn request(&self, flags: u8, body: RString) -> Result<RHash, Error> {
+        let body = unsafe { body.as_slice() }.to_vec();
+        let inner = Arc::clone(&self.inner);
+        let frame =
+            block_on(async move { inner.request(flags, body).await }).map_err(to_ruby_agent)?;
+        Ok(frame_to_hash(frame))
+    }
+
+    /// Open a streaming session; returns {id, handle}.
+    fn stream_open(&self, flags: u8, body: RString) -> Result<RHash, Error> {
+        let body = unsafe { body.as_slice() }.to_vec();
+        let inner = Arc::clone(&self.inner);
+        let (id, handle) =
+            block_on(async move { inner.stream_open(flags, body).await }).map_err(to_ruby_agent)?;
+        let hash = ruby().hash_new();
+        hash.aset("id", id)?;
+        hash.aset("handle", handle)?;
+        Ok(hash)
+    }
+
+    /// Pull the next frame from a stream; nil at end-of-stream.
+    fn stream_next(&self, handle: u64) -> Result<Option<RHash>, Error> {
+        let inner = Arc::clone(&self.inner);
+        let frame =
+            block_on(async move { inner.stream_next(handle).await }).map_err(to_ruby_agent)?;
+        Ok(frame.map(frame_to_hash))
+    }
+
+    /// Close a stream handle. Idempotent.
+    fn stream_close(&self, handle: u64) -> Result<(), Error> {
+        let inner = Arc::clone(&self.inner);
+        block_on(async move { inner.stream_close(handle).await });
+        Ok(())
+    }
+
+    /// Send a follow-up frame on an existing correlation id.
+    fn send(&self, id: u32, flags: u8, body: RString) -> Result<(), Error> {
+        let body = unsafe { body.as_slice() }.to_vec();
+        let inner = Arc::clone(&self.inner);
+        block_on(async move { inner.send(id, flags, body).await }).map_err(to_ruby_agent)
+    }
+
+    /// Cached handshake `core.ready` frame body bytes (CBOR).
+    fn ready_bytes(&self) -> Result<RString, Error> {
+        let bytes = self.inner.ready_bytes().map_err(to_ruby_agent)?;
+        Ok(ruby().str_from_slice(&bytes))
+    }
+
+    /// Close the connection. Idempotent.
+    fn close(&self) -> Result<(), Error> {
+        let inner = Arc::clone(&self.inner);
+        block_on(async move { inner.close().await });
+        Ok(())
+    }
+}
+
+/// Convert seconds into a `Duration`, treating a non-positive/absent value as
+/// "use the default handshake timeout".
+fn dur(timeout: Option<f64>) -> Option<Duration> {
+    match timeout {
+        Some(t) if t.is_finite() && t > 0.0 => Some(Duration::from_secs_f64(t)),
+        _ => None,
+    }
+}
+
+/// Shape a `BridgeFrame` into a Ruby Hash. `body` is binary (ASCII-8BIT).
+fn frame_to_hash(frame: BridgeFrame) -> RHash {
+    let r = ruby();
+    let hash = r.hash_new();
+    let _ = hash.aset("id", frame.id);
+    let _ = hash.aset("flags", frame.flags);
+    let _ = hash.aset("body", r.str_from_slice(&frame.body));
+    hash
+}
+
+pub fn define(ruby: &Ruby, native: &RModule) -> Result<(), Error> {
+    let class = native.define_class("AgentClient", ruby.class_object())?;
+
+    class.define_singleton_method(
+        "connect_sandbox",
+        function!(AgentClient::connect_sandbox, 2),
+    )?;
+    class.define_singleton_method("connect_path", function!(AgentClient::connect_path, 2))?;
+    class.define_singleton_method("socket_path", function!(AgentClient::socket_path, 1))?;
+
+    class.define_method("request", method!(AgentClient::request, 2))?;
+    class.define_method("stream_open", method!(AgentClient::stream_open, 2))?;
+    class.define_method("stream_next", method!(AgentClient::stream_next, 1))?;
+    class.define_method("stream_close", method!(AgentClient::stream_close, 1))?;
+    class.define_method("send", method!(AgentClient::send, 3))?;
+    class.define_method("ready_bytes", method!(AgentClient::ready_bytes, 0))?;
+    class.define_method("close", method!(AgentClient::close, 0))?;
+
+    Ok(())
+}

data/ext/microsandbox/src/conv.rs

@@ -5,7 +5,7 @@
 
 use std::collections::HashMap;
 
-use magnus::{value::ReprValue, Error, RHash, TryConvert, Value};
+use magnus::{value::ReprValue, Error, RArray, RHash, TryConvert, Value};
 
 /// Fetch a non-nil value for `key`, if present.
 fn get(hash: RHash, key: &str) -> Option<Value> {
@@ -62,6 +62,24 @@ pub fn opt_string_vec(hash: RHash, key: &str) -> Result<Vec<String>, Error> {
     }
 }
 
+/// Array of `Hash`es (e.g. `patches`, custom-policy `rules`). Empty if absent.
+///
+/// `RHash` is a GC-managed handle and so cannot be collected via the blanket
+/// `Vec<T: TryConvert>` path; we walk the `Array` and convert each element.
+pub fn opt_hash_vec(hash: RHash, key: &str) -> Result<Vec<RHash>, Error> {
+    match get(hash, key) {
+        Some(v) => {
+            let arr = RArray::try_convert(v)?;
+            let mut out = Vec::with_capacity(arr.len());
+            for i in 0..arr.len() {
+                out.push(arr.entry::<RHash>(i as isize)?);
+            }
+            Ok(out)
+        }
+        None => Ok(Vec::new()),
+    }
+}
+
 /// `u16`→`u16` port map (host→guest TCP). Empty if absent.
 pub fn opt_port_map(hash: RHash, key: &str) -> Result<Vec<(u16, u16)>, Error> {
     match get(hash, key) {

data/ext/microsandbox/src/lib.rs

@@ -8,6 +8,7 @@
 //! Everything here lives under `Microsandbox::Native`; the ergonomic, idiomatic
 //! surface is the pure-Ruby layer in `lib/microsandbox/`.
 
+mod agent;
 mod conv;
 mod error;
 mod exec;
@@ -15,6 +16,7 @@ mod image;
 mod runtime;
 mod sandbox;
 mod snapshot;
+mod ssh;
 mod stream;
 mod volume;
 
@@ -79,6 +81,8 @@ fn init(ruby: &Ruby) -> Result<(), Error> {
     snapshot::define(ruby, &native)?;
     image::define(ruby, &native)?;
     volume::define(ruby, &native)?;
+    agent::define(ruby, &native)?;
+    ssh::define(ruby, &native)?;
 
     Ok(())
 }