microsandbox-rb 0.8.2 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +37 -1
- data/Cargo.lock +88 -98
- data/DESIGN.md +2 -2
- data/README.md +6 -2
- data/ext/microsandbox/Cargo.toml +4 -4
- data/lib/microsandbox/sandbox.rb +16 -0
- data/lib/microsandbox/version.rb +2 -2
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3395a95418c2c6e159365140455797f0b40318aa585aea8b0b4ac0b93f521957
|
|
4
|
+
data.tar.gz: e39164f8143656a0f069720f3359e133bffe2cb5438146dab3b3e629abbe9647
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d07ddd920c69d73c86372176745047ed27c515a5ba3dd30bb1c9fe5ddcf2de39009dc670d1f44965d38ea6c8399e84224640e51fe4caf792f40291ab49befbe1
|
|
7
|
+
data.tar.gz: 2eb6879b20289edbcebf80eee934bfd81d176bf6f8e3c577f3da21d8e987e15315db486c612f5f1bd8fa296a35ba4f3244e293496116bce321ae7bd9a9201530
|
data/CHANGELOG.md
CHANGED
|
@@ -6,6 +6,38 @@ All notable changes to this gem are documented here. The format is based on
|
|
|
6
6
|
microsandbox runtime it embeds; each release notes the upstream runtime tag it
|
|
7
7
|
wraps, and the README's Versioning section keeps the full gem→runtime map.
|
|
8
8
|
|
|
9
|
+
## [0.9.0] - 2026-06-29
|
|
10
|
+
|
|
11
|
+
Adopts upstream runtime **`v0.5.10` → `v0.6.1`** (spanning the upstream `v0.6.0`
|
|
12
|
+
and `v0.6.1` releases). The upstream public SDK surface is purely additive — no
|
|
13
|
+
items were removed or re-signatured — so the gem's Ruby API is unchanged and the
|
|
14
|
+
existing bindings compile against `v0.6.1` untouched. Per the README's versioning
|
|
15
|
+
policy, adopting a new upstream runtime moves the gem onto its own `0.9` line.
|
|
16
|
+
|
|
17
|
+
### Changed
|
|
18
|
+
|
|
19
|
+
- **Embedded runtime is now `v0.6.1`** (`Microsandbox::RUNTIME_VERSION` /
|
|
20
|
+
`Microsandbox.runtime_version`). Upstream fixes inherited by the synchronous
|
|
21
|
+
Ruby API:
|
|
22
|
+
- **Zombie sandbox runtimes no longer block** (upstream #1036): the SDK stops
|
|
23
|
+
waiting on a sandbox runtime that has already exited, so lifecycle calls
|
|
24
|
+
return promptly instead of hanging on a dead child.
|
|
25
|
+
- **Secrets are substituted through `CONNECT` proxies** (upstream #1022):
|
|
26
|
+
`microsandbox-network` now applies secret injection on tunnelled (HTTPS
|
|
27
|
+
`CONNECT`) requests, not only on plain-HTTP ones.
|
|
28
|
+
- **Stale sandboxes are stopped and cleaned up** (upstream #1050).
|
|
29
|
+
- Windows host support, `msb` CLI additions (`--no-tty`, self-downgrade,
|
|
30
|
+
cross-platform `doctor`), and the `msb_krun` `0.1.17 → 0.1.19` bump are
|
|
31
|
+
inherited but do not affect the macOS/Linux Ruby build or API surface.
|
|
32
|
+
|
|
33
|
+
### Notes
|
|
34
|
+
|
|
35
|
+
- The new upstream **host-directory bind rootfs** (`ImageBuilder::bind`, upstream
|
|
36
|
+
#1021) is intentionally **not** exposed in this release: it requires a real
|
|
37
|
+
microVM boot to exercise, and the Python SDK parity reference only stubs the
|
|
38
|
+
type without wiring it into the sandbox builder. Tracked as a possible
|
|
39
|
+
follow-up.
|
|
40
|
+
|
|
9
41
|
## [0.8.2] - 2026-06-29
|
|
10
42
|
|
|
11
43
|
Gem-only release on the `v0.5.10` runtime (unchanged). Bundles the post-`0.8.1`
|
|
@@ -580,7 +612,11 @@ microsandbox runtime, aligned with the official Python/Node/Go SDKs.
|
|
|
580
612
|
core crate has Apple-native deps). Until precompiled gems are published,
|
|
581
613
|
installing from source requires a Rust toolchain (stable >= 1.91).
|
|
582
614
|
|
|
583
|
-
[Unreleased]: https://github.com/ya-luotao/microsandbox-rb/compare/v0.
|
|
615
|
+
[Unreleased]: https://github.com/ya-luotao/microsandbox-rb/compare/v0.9.0...HEAD
|
|
616
|
+
[0.9.0]: https://github.com/ya-luotao/microsandbox-rb/compare/v0.8.2...v0.9.0
|
|
617
|
+
[0.8.2]: https://github.com/ya-luotao/microsandbox-rb/compare/v0.8.1...v0.8.2
|
|
618
|
+
[0.8.1]: https://github.com/ya-luotao/microsandbox-rb/compare/v0.8.0...v0.8.1
|
|
619
|
+
[0.8.0]: https://github.com/ya-luotao/microsandbox-rb/compare/v0.7.0...v0.8.0
|
|
584
620
|
[0.7.0]: https://github.com/ya-luotao/microsandbox-rb/compare/v0.6.0...v0.7.0
|
|
585
621
|
[0.6.0]: https://github.com/ya-luotao/microsandbox-rb/compare/v0.5.12...v0.6.0
|
|
586
622
|
[0.5.12]: https://github.com/ya-luotao/microsandbox-rb/compare/v0.5.11...v0.5.12
|
data/Cargo.lock
CHANGED
|
@@ -2460,26 +2460,6 @@ dependencies = [
|
|
|
2460
2460
|
"icu_properties",
|
|
2461
2461
|
]
|
|
2462
2462
|
|
|
2463
|
-
[[package]]
|
|
2464
|
-
name = "imago"
|
|
2465
|
-
version = "0.2.3"
|
|
2466
|
-
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
2467
|
-
checksum = "ae7cfee876c698a1a2ed9c705ab18f21acbed82110f19b51cc458de73426fe2c"
|
|
2468
|
-
dependencies = [
|
|
2469
|
-
"async-trait",
|
|
2470
|
-
"bincode",
|
|
2471
|
-
"cfg-if",
|
|
2472
|
-
"libc",
|
|
2473
|
-
"miniz_oxide",
|
|
2474
|
-
"nix 0.30.1",
|
|
2475
|
-
"page_size",
|
|
2476
|
-
"rustc_version",
|
|
2477
|
-
"tokio",
|
|
2478
|
-
"tracing",
|
|
2479
|
-
"vm-memory 0.18.0",
|
|
2480
|
-
"windows-sys 0.61.2",
|
|
2481
|
-
]
|
|
2482
|
-
|
|
2483
2463
|
[[package]]
|
|
2484
2464
|
name = "indexmap"
|
|
2485
2465
|
version = "2.14.0"
|
|
@@ -2875,15 +2855,6 @@ dependencies = [
|
|
|
2875
2855
|
"libc",
|
|
2876
2856
|
]
|
|
2877
2857
|
|
|
2878
|
-
[[package]]
|
|
2879
|
-
name = "linux-loader"
|
|
2880
|
-
version = "0.13.0"
|
|
2881
|
-
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
2882
|
-
checksum = "870c3814345f050991f99869417779f6062542bcf4ed81db7a1b926ad1306638"
|
|
2883
|
-
dependencies = [
|
|
2884
|
-
"vm-memory 0.16.2",
|
|
2885
|
-
]
|
|
2886
|
-
|
|
2887
2858
|
[[package]]
|
|
2888
2859
|
name = "linux-raw-sys"
|
|
2889
2860
|
version = "0.12.1"
|
|
@@ -3003,8 +2974,8 @@ dependencies = [
|
|
|
3003
2974
|
|
|
3004
2975
|
[[package]]
|
|
3005
2976
|
name = "microsandbox"
|
|
3006
|
-
version = "0.
|
|
3007
|
-
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.
|
|
2977
|
+
version = "0.6.1"
|
|
2978
|
+
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.6.1#868ac5a8f04fadca357b377537e7a5740a856509"
|
|
3008
2979
|
dependencies = [
|
|
3009
2980
|
"anyhow",
|
|
3010
2981
|
"astral-tokio-tar",
|
|
@@ -3052,12 +3023,13 @@ dependencies = [
|
|
|
3052
3023
|
"tracing",
|
|
3053
3024
|
"typed-builder",
|
|
3054
3025
|
"which",
|
|
3026
|
+
"windows-sys 0.61.2",
|
|
3055
3027
|
]
|
|
3056
3028
|
|
|
3057
3029
|
[[package]]
|
|
3058
3030
|
name = "microsandbox-agent-client"
|
|
3059
|
-
version = "0.
|
|
3060
|
-
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.
|
|
3031
|
+
version = "0.6.1"
|
|
3032
|
+
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.6.1#868ac5a8f04fadca357b377537e7a5740a856509"
|
|
3061
3033
|
dependencies = [
|
|
3062
3034
|
"ciborium",
|
|
3063
3035
|
"microsandbox-protocol",
|
|
@@ -3069,8 +3041,8 @@ dependencies = [
|
|
|
3069
3041
|
|
|
3070
3042
|
[[package]]
|
|
3071
3043
|
name = "microsandbox-db"
|
|
3072
|
-
version = "0.
|
|
3073
|
-
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.
|
|
3044
|
+
version = "0.6.1"
|
|
3045
|
+
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.6.1#868ac5a8f04fadca357b377537e7a5740a856509"
|
|
3074
3046
|
dependencies = [
|
|
3075
3047
|
"async-trait",
|
|
3076
3048
|
"sea-orm",
|
|
@@ -3081,8 +3053,8 @@ dependencies = [
|
|
|
3081
3053
|
|
|
3082
3054
|
[[package]]
|
|
3083
3055
|
name = "microsandbox-filesystem"
|
|
3084
|
-
version = "0.
|
|
3085
|
-
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.
|
|
3056
|
+
version = "0.6.1"
|
|
3057
|
+
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.6.1#868ac5a8f04fadca357b377537e7a5740a856509"
|
|
3086
3058
|
dependencies = [
|
|
3087
3059
|
"libc",
|
|
3088
3060
|
"microsandbox-utils",
|
|
@@ -3094,8 +3066,8 @@ dependencies = [
|
|
|
3094
3066
|
|
|
3095
3067
|
[[package]]
|
|
3096
3068
|
name = "microsandbox-image"
|
|
3097
|
-
version = "0.
|
|
3098
|
-
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.
|
|
3069
|
+
version = "0.6.1"
|
|
3070
|
+
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.6.1#868ac5a8f04fadca357b377537e7a5740a856509"
|
|
3099
3071
|
dependencies = [
|
|
3100
3072
|
"astral-tokio-tar",
|
|
3101
3073
|
"async-compression",
|
|
@@ -3115,24 +3087,25 @@ dependencies = [
|
|
|
3115
3087
|
"tokio",
|
|
3116
3088
|
"tokio-util",
|
|
3117
3089
|
"tracing",
|
|
3118
|
-
"
|
|
3090
|
+
"windows-sys 0.61.2",
|
|
3119
3091
|
]
|
|
3120
3092
|
|
|
3121
3093
|
[[package]]
|
|
3122
3094
|
name = "microsandbox-metrics"
|
|
3123
|
-
version = "0.
|
|
3124
|
-
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.
|
|
3095
|
+
version = "0.6.1"
|
|
3096
|
+
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.6.1#868ac5a8f04fadca357b377537e7a5740a856509"
|
|
3125
3097
|
dependencies = [
|
|
3126
3098
|
"chrono",
|
|
3127
3099
|
"libc",
|
|
3128
3100
|
"thiserror 2.0.18",
|
|
3129
3101
|
"tracing",
|
|
3102
|
+
"windows-sys 0.61.2",
|
|
3130
3103
|
]
|
|
3131
3104
|
|
|
3132
3105
|
[[package]]
|
|
3133
3106
|
name = "microsandbox-migration"
|
|
3134
|
-
version = "0.
|
|
3135
|
-
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.
|
|
3107
|
+
version = "0.6.1"
|
|
3108
|
+
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.6.1#868ac5a8f04fadca357b377537e7a5740a856509"
|
|
3136
3109
|
dependencies = [
|
|
3137
3110
|
"sea-orm-migration",
|
|
3138
3111
|
"serde_json",
|
|
@@ -3140,8 +3113,8 @@ dependencies = [
|
|
|
3140
3113
|
|
|
3141
3114
|
[[package]]
|
|
3142
3115
|
name = "microsandbox-network"
|
|
3143
|
-
version = "0.
|
|
3144
|
-
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.
|
|
3116
|
+
version = "0.6.1"
|
|
3117
|
+
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.6.1#868ac5a8f04fadca357b377537e7a5740a856509"
|
|
3145
3118
|
dependencies = [
|
|
3146
3119
|
"base64",
|
|
3147
3120
|
"bytes",
|
|
@@ -3159,6 +3132,7 @@ dependencies = [
|
|
|
3159
3132
|
"microsandbox-protocol",
|
|
3160
3133
|
"microsandbox-utils",
|
|
3161
3134
|
"msb_krun",
|
|
3135
|
+
"msb_krun_utils",
|
|
3162
3136
|
"parking_lot",
|
|
3163
3137
|
"pem",
|
|
3164
3138
|
"percent-encoding",
|
|
@@ -3176,12 +3150,13 @@ dependencies = [
|
|
|
3176
3150
|
"tokio",
|
|
3177
3151
|
"tokio-rustls",
|
|
3178
3152
|
"tracing",
|
|
3153
|
+
"windows-sys 0.61.2",
|
|
3179
3154
|
]
|
|
3180
3155
|
|
|
3181
3156
|
[[package]]
|
|
3182
3157
|
name = "microsandbox-protocol"
|
|
3183
|
-
version = "0.
|
|
3184
|
-
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.
|
|
3158
|
+
version = "0.6.1"
|
|
3159
|
+
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.6.1#868ac5a8f04fadca357b377537e7a5740a856509"
|
|
3185
3160
|
dependencies = [
|
|
3186
3161
|
"chrono",
|
|
3187
3162
|
"ciborium",
|
|
@@ -3195,8 +3170,8 @@ dependencies = [
|
|
|
3195
3170
|
|
|
3196
3171
|
[[package]]
|
|
3197
3172
|
name = "microsandbox-runtime"
|
|
3198
|
-
version = "0.
|
|
3199
|
-
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.
|
|
3173
|
+
version = "0.6.1"
|
|
3174
|
+
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.6.1#868ac5a8f04fadca357b377537e7a5740a856509"
|
|
3200
3175
|
dependencies = [
|
|
3201
3176
|
"bytes",
|
|
3202
3177
|
"chrono",
|
|
@@ -3221,12 +3196,13 @@ dependencies = [
|
|
|
3221
3196
|
"thiserror 2.0.18",
|
|
3222
3197
|
"tokio",
|
|
3223
3198
|
"tracing",
|
|
3199
|
+
"windows-sys 0.61.2",
|
|
3224
3200
|
]
|
|
3225
3201
|
|
|
3226
3202
|
[[package]]
|
|
3227
3203
|
name = "microsandbox-types"
|
|
3228
|
-
version = "0.
|
|
3229
|
-
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.
|
|
3204
|
+
version = "0.6.1"
|
|
3205
|
+
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.6.1#868ac5a8f04fadca357b377537e7a5740a856509"
|
|
3230
3206
|
dependencies = [
|
|
3231
3207
|
"chrono",
|
|
3232
3208
|
"serde",
|
|
@@ -3237,19 +3213,20 @@ dependencies = [
|
|
|
3237
3213
|
|
|
3238
3214
|
[[package]]
|
|
3239
3215
|
name = "microsandbox-utils"
|
|
3240
|
-
version = "0.
|
|
3241
|
-
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.
|
|
3216
|
+
version = "0.6.1"
|
|
3217
|
+
source = "git+https://github.com/superradcompany/microsandbox?tag=v0.6.1#868ac5a8f04fadca357b377537e7a5740a856509"
|
|
3242
3218
|
dependencies = [
|
|
3243
3219
|
"dirs",
|
|
3244
3220
|
"libc",
|
|
3245
3221
|
"reflink-copy",
|
|
3246
3222
|
"scopeguard",
|
|
3247
3223
|
"ureq",
|
|
3224
|
+
"windows-sys 0.61.2",
|
|
3248
3225
|
]
|
|
3249
3226
|
|
|
3250
3227
|
[[package]]
|
|
3251
3228
|
name = "microsandbox_rb"
|
|
3252
|
-
version = "0.
|
|
3229
|
+
version = "0.9.0"
|
|
3253
3230
|
dependencies = [
|
|
3254
3231
|
"chrono",
|
|
3255
3232
|
"futures",
|
|
@@ -3321,11 +3298,31 @@ dependencies = [
|
|
|
3321
3298
|
"num-traits",
|
|
3322
3299
|
]
|
|
3323
3300
|
|
|
3301
|
+
[[package]]
|
|
3302
|
+
name = "msb-imago"
|
|
3303
|
+
version = "0.1.0"
|
|
3304
|
+
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
3305
|
+
checksum = "16db000f7280d4c8a78b8b95f64a41006d447fd116ecd69d984d93774cb85d09"
|
|
3306
|
+
dependencies = [
|
|
3307
|
+
"async-trait",
|
|
3308
|
+
"bincode",
|
|
3309
|
+
"cfg-if",
|
|
3310
|
+
"libc",
|
|
3311
|
+
"miniz_oxide",
|
|
3312
|
+
"nix 0.30.1",
|
|
3313
|
+
"page_size",
|
|
3314
|
+
"rustc_version",
|
|
3315
|
+
"tokio",
|
|
3316
|
+
"tracing",
|
|
3317
|
+
"vm-memory",
|
|
3318
|
+
"windows-sys 0.61.2",
|
|
3319
|
+
]
|
|
3320
|
+
|
|
3324
3321
|
[[package]]
|
|
3325
3322
|
name = "msb_krun"
|
|
3326
|
-
version = "0.1.
|
|
3323
|
+
version = "0.1.19"
|
|
3327
3324
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
3328
|
-
checksum = "
|
|
3325
|
+
checksum = "c0fb3437734ef4103d3891d3cbd51a8726f196af350c68cb044a1860207c64d3"
|
|
3329
3326
|
dependencies = [
|
|
3330
3327
|
"crossbeam-channel",
|
|
3331
3328
|
"kvm-bindings",
|
|
@@ -3338,14 +3335,14 @@ dependencies = [
|
|
|
3338
3335
|
"msb_krun_polly",
|
|
3339
3336
|
"msb_krun_utils",
|
|
3340
3337
|
"msb_krun_vmm",
|
|
3341
|
-
"vm-memory
|
|
3338
|
+
"vm-memory",
|
|
3342
3339
|
]
|
|
3343
3340
|
|
|
3344
3341
|
[[package]]
|
|
3345
3342
|
name = "msb_krun_arch"
|
|
3346
|
-
version = "0.1.
|
|
3343
|
+
version = "0.1.19"
|
|
3347
3344
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
3348
|
-
checksum = "
|
|
3345
|
+
checksum = "e25fe665643d66900ec9407ef0d3afdb5cd4ca97ad394c46b8243bfa6344bfc0"
|
|
3349
3346
|
dependencies = [
|
|
3350
3347
|
"kvm-bindings",
|
|
3351
3348
|
"kvm-ioctls",
|
|
@@ -3353,21 +3350,20 @@ dependencies = [
|
|
|
3353
3350
|
"msb_krun_arch_gen",
|
|
3354
3351
|
"msb_krun_smbios",
|
|
3355
3352
|
"msb_krun_utils",
|
|
3356
|
-
"vm-memory
|
|
3357
|
-
"vmm-sys-util",
|
|
3353
|
+
"vm-memory",
|
|
3358
3354
|
]
|
|
3359
3355
|
|
|
3360
3356
|
[[package]]
|
|
3361
3357
|
name = "msb_krun_arch_gen"
|
|
3362
|
-
version = "0.1.
|
|
3358
|
+
version = "0.1.19"
|
|
3363
3359
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
3364
|
-
checksum = "
|
|
3360
|
+
checksum = "7e50dfac228ad088917f8ffb2920c4a56d762ebc5a90950ee7bf5414253b02aa"
|
|
3365
3361
|
|
|
3366
3362
|
[[package]]
|
|
3367
3363
|
name = "msb_krun_cpuid"
|
|
3368
|
-
version = "0.1.
|
|
3364
|
+
version = "0.1.19"
|
|
3369
3365
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
3370
|
-
checksum = "
|
|
3366
|
+
checksum = "fd5221749c0224858b075b61f3f2a0964dbfe367093e9ee650b6b0e3d690c3b2"
|
|
3371
3367
|
dependencies = [
|
|
3372
3368
|
"kvm-bindings",
|
|
3373
3369
|
"kvm-ioctls",
|
|
@@ -3376,37 +3372,39 @@ dependencies = [
|
|
|
3376
3372
|
|
|
3377
3373
|
[[package]]
|
|
3378
3374
|
name = "msb_krun_devices"
|
|
3379
|
-
version = "0.1.
|
|
3375
|
+
version = "0.1.19"
|
|
3380
3376
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
3381
|
-
checksum = "
|
|
3377
|
+
checksum = "4fee50bfdf1a1258e33bcf0ee8631bb805db79b8d442161ab63d700689a992a8"
|
|
3382
3378
|
dependencies = [
|
|
3383
3379
|
"bitflags 1.3.2",
|
|
3384
3380
|
"capng",
|
|
3385
3381
|
"caps",
|
|
3386
3382
|
"crossbeam-channel",
|
|
3387
|
-
"imago",
|
|
3388
3383
|
"kvm-bindings",
|
|
3389
3384
|
"kvm-ioctls",
|
|
3390
3385
|
"libc",
|
|
3391
3386
|
"libloading",
|
|
3392
3387
|
"log",
|
|
3393
3388
|
"lru",
|
|
3389
|
+
"msb-imago",
|
|
3394
3390
|
"msb_krun_arch",
|
|
3395
3391
|
"msb_krun_hvf",
|
|
3396
3392
|
"msb_krun_polly",
|
|
3397
3393
|
"msb_krun_utils",
|
|
3398
3394
|
"nix 0.30.1",
|
|
3399
3395
|
"rand 0.9.4",
|
|
3396
|
+
"tokio",
|
|
3400
3397
|
"virtio-bindings",
|
|
3401
3398
|
"vm-fdt",
|
|
3402
|
-
"vm-memory
|
|
3399
|
+
"vm-memory",
|
|
3400
|
+
"windows-sys 0.61.2",
|
|
3403
3401
|
]
|
|
3404
3402
|
|
|
3405
3403
|
[[package]]
|
|
3406
3404
|
name = "msb_krun_hvf"
|
|
3407
|
-
version = "0.1.
|
|
3405
|
+
version = "0.1.19"
|
|
3408
3406
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
3409
|
-
checksum = "
|
|
3407
|
+
checksum = "3f2300bbe4dbd56bdc3ffc2384baf82e299fff8a45e844f41c4a0be64210ed47"
|
|
3410
3408
|
dependencies = [
|
|
3411
3409
|
"crossbeam-channel",
|
|
3412
3410
|
"libloading",
|
|
@@ -3416,19 +3414,19 @@ dependencies = [
|
|
|
3416
3414
|
|
|
3417
3415
|
[[package]]
|
|
3418
3416
|
name = "msb_krun_kernel"
|
|
3419
|
-
version = "0.1.
|
|
3417
|
+
version = "0.1.19"
|
|
3420
3418
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
3421
|
-
checksum = "
|
|
3419
|
+
checksum = "3402b8879bd5b91f33d069fefa00fd0416f12cd660cfd7538da8e77201f2dda5"
|
|
3422
3420
|
dependencies = [
|
|
3423
3421
|
"msb_krun_utils",
|
|
3424
|
-
"vm-memory
|
|
3422
|
+
"vm-memory",
|
|
3425
3423
|
]
|
|
3426
3424
|
|
|
3427
3425
|
[[package]]
|
|
3428
3426
|
name = "msb_krun_polly"
|
|
3429
|
-
version = "0.1.
|
|
3427
|
+
version = "0.1.19"
|
|
3430
3428
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
3431
|
-
checksum = "
|
|
3429
|
+
checksum = "da550bf268cb9217255ed152bfca9f61275a2796237fd180989958c7f54dc137"
|
|
3432
3430
|
dependencies = [
|
|
3433
3431
|
"libc",
|
|
3434
3432
|
"msb_krun_utils",
|
|
@@ -3436,18 +3434,18 @@ dependencies = [
|
|
|
3436
3434
|
|
|
3437
3435
|
[[package]]
|
|
3438
3436
|
name = "msb_krun_smbios"
|
|
3439
|
-
version = "0.1.
|
|
3437
|
+
version = "0.1.19"
|
|
3440
3438
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
3441
|
-
checksum = "
|
|
3439
|
+
checksum = "2c0737818e69346348f8ba2a7197cbec2336e807e5f7f094c80e0ca1635ca054"
|
|
3442
3440
|
dependencies = [
|
|
3443
|
-
"vm-memory
|
|
3441
|
+
"vm-memory",
|
|
3444
3442
|
]
|
|
3445
3443
|
|
|
3446
3444
|
[[package]]
|
|
3447
3445
|
name = "msb_krun_utils"
|
|
3448
|
-
version = "0.1.
|
|
3446
|
+
version = "0.1.19"
|
|
3449
3447
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
3450
|
-
checksum = "
|
|
3448
|
+
checksum = "fb370035195bfd6d60e0b4ad8b0d68dcf9d138f144d033087a960117920a126e"
|
|
3451
3449
|
dependencies = [
|
|
3452
3450
|
"bitflags 1.3.2",
|
|
3453
3451
|
"crossbeam-channel",
|
|
@@ -3456,13 +3454,14 @@ dependencies = [
|
|
|
3456
3454
|
"log",
|
|
3457
3455
|
"nix 0.30.1",
|
|
3458
3456
|
"vmm-sys-util",
|
|
3457
|
+
"windows-sys 0.61.2",
|
|
3459
3458
|
]
|
|
3460
3459
|
|
|
3461
3460
|
[[package]]
|
|
3462
3461
|
name = "msb_krun_vmm"
|
|
3463
|
-
version = "0.1.
|
|
3462
|
+
version = "0.1.19"
|
|
3464
3463
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
3465
|
-
checksum = "
|
|
3464
|
+
checksum = "68e9f485f720981fda9071b2711d4f8406b6c67ebf6bfa2bb8e83f3cc6c2aaea"
|
|
3466
3465
|
dependencies = [
|
|
3467
3466
|
"bzip2",
|
|
3468
3467
|
"crossbeam-channel",
|
|
@@ -3470,7 +3469,7 @@ dependencies = [
|
|
|
3470
3469
|
"kvm-bindings",
|
|
3471
3470
|
"kvm-ioctls",
|
|
3472
3471
|
"libc",
|
|
3473
|
-
"
|
|
3472
|
+
"libloading",
|
|
3474
3473
|
"log",
|
|
3475
3474
|
"msb_krun_arch",
|
|
3476
3475
|
"msb_krun_arch_gen",
|
|
@@ -3481,8 +3480,8 @@ dependencies = [
|
|
|
3481
3480
|
"msb_krun_polly",
|
|
3482
3481
|
"msb_krun_utils",
|
|
3483
3482
|
"nix 0.30.1",
|
|
3484
|
-
"vm-memory
|
|
3485
|
-
"
|
|
3483
|
+
"vm-memory",
|
|
3484
|
+
"windows-sys 0.61.2",
|
|
3486
3485
|
"zstd",
|
|
3487
3486
|
]
|
|
3488
3487
|
|
|
@@ -6396,24 +6395,15 @@ version = "0.3.0"
|
|
|
6396
6395
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
6397
6396
|
checksum = "7e21282841a059bb62627ce8441c491f09603622cd5a21c43bfedc85a2952f23"
|
|
6398
6397
|
|
|
6399
|
-
[[package]]
|
|
6400
|
-
name = "vm-memory"
|
|
6401
|
-
version = "0.16.2"
|
|
6402
|
-
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
6403
|
-
checksum = "1fd5e56d48353c5f54ef50bd158a0452fc82f5383da840f7b8efc31695dd3b9d"
|
|
6404
|
-
dependencies = [
|
|
6405
|
-
"libc",
|
|
6406
|
-
"thiserror 1.0.69",
|
|
6407
|
-
"winapi",
|
|
6408
|
-
]
|
|
6409
|
-
|
|
6410
6398
|
[[package]]
|
|
6411
6399
|
name = "vm-memory"
|
|
6412
6400
|
version = "0.18.0"
|
|
6413
6401
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
6414
6402
|
checksum = "9b55e753c7725603745cb32b2287ef7ef3da05c03c7702cda3fa8abe25ae0465"
|
|
6415
6403
|
dependencies = [
|
|
6404
|
+
"libc",
|
|
6416
6405
|
"thiserror 2.0.18",
|
|
6406
|
+
"winapi",
|
|
6417
6407
|
]
|
|
6418
6408
|
|
|
6419
6409
|
[[package]]
|
data/DESIGN.md
CHANGED
|
@@ -106,7 +106,7 @@ out (air-gapped hosts that provision out of band). libkrunfw is `dlopen`'d by
|
|
|
106
106
|
|
|
107
107
|
`ext/microsandbox/Cargo.toml` depends on the core crate via a **pinned git tag**
|
|
108
108
|
(`microsandbox` / `microsandbox-network`, pinned to the same tag as
|
|
109
|
-
`Microsandbox::RUNTIME_VERSION` — currently `v0.
|
|
109
|
+
`Microsandbox::RUNTIME_VERSION` — currently `v0.6.1`), so the gem builds anywhere
|
|
110
110
|
— CI, `rake-compiler-dock` release containers, and end-user source installs —
|
|
111
111
|
without an adjacent checkout. For fast local development against a sibling
|
|
112
112
|
microsandbox checkout, copy `.cargo/config.toml.example` to `.cargo/config.toml`
|
|
@@ -211,7 +211,7 @@ create options, full mount options (tmpfs/disk + stat-virtualization/
|
|
|
211
211
|
host-permissions), and snapshot inspection (`open`/`list_dir`/`reindex`).
|
|
212
212
|
|
|
213
213
|
A few **secondary** upstream knobs remain unexposed (a genuine binding gap, not
|
|
214
|
-
upstream-gated — they exist at the pinned `v0.
|
|
214
|
+
upstream-gated — they exist at the pinned `v0.6.1` runtime): per-published-port host
|
|
215
215
|
**bind address** (ports always bind loopback), network **interface overrides**,
|
|
216
216
|
and inline **named-volume create-mode** (pre-create with `Volume.create`, then
|
|
217
217
|
mount with `{ named: }`). These slot in module-by-module exactly as the existing
|
data/README.md
CHANGED
|
@@ -215,6 +215,9 @@ end
|
|
|
215
215
|
|
|
216
216
|
```ruby
|
|
217
217
|
Microsandbox::Sandbox.create("obs", image: "public.ecr.aws/docker/library/alpine:latest") do |sb|
|
|
218
|
+
# On the v0.6.1 runtime the metrics slot goes live a beat after create returns,
|
|
219
|
+
# so `metrics` can briefly raise "no live metrics slot" right after boot —
|
|
220
|
+
# retry for a few hundred ms rather than treating the first failure as fatal.
|
|
218
221
|
m = sb.metrics # => Microsandbox::Metrics
|
|
219
222
|
m.cpu_percent
|
|
220
223
|
m.memory_bytes
|
|
@@ -390,8 +393,8 @@ change diverged the two numbers — the gem version is **not** a reliable indica
|
|
|
390
393
|
of the embedded runtime version. To learn which runtime a build wraps, ask it:
|
|
391
394
|
|
|
392
395
|
```ruby
|
|
393
|
-
Microsandbox::VERSION # => "0.
|
|
394
|
-
Microsandbox.runtime_version # => "v0.
|
|
396
|
+
Microsandbox::VERSION # => "0.9.0" (the gem's own version)
|
|
397
|
+
Microsandbox.runtime_version # => "v0.6.1" (the embedded upstream runtime tag)
|
|
395
398
|
```
|
|
396
399
|
|
|
397
400
|
| Gem version | Upstream runtime | Notes |
|
|
@@ -407,6 +410,7 @@ Microsandbox.runtime_version # => "v0.5.10" (the embedded upstream runtime ta
|
|
|
407
410
|
| `0.8.0` | `v0.5.10` | adopts upstream `v0.5.10` (idle-only heartbeat, config-fd hardening, **4 GiB default bind-mount quota**); supersedes the reverted `v0.5.9` attempt |
|
|
408
411
|
| `0.8.1` | `v0.5.10` | gem-only: re-provision a stale local runtime; per-bind-mount `quota_mib:` override |
|
|
409
412
|
| `0.8.2` | `v0.5.10` | gem-only: redact secrets from errors, typed snapshot errors, panic-free durations, fat-gem loader + `extconf` preflight fixes, threading/streaming docs |
|
|
413
|
+
| `0.9.0` | `v0.6.1` | adopts upstream `v0.6.0`+`v0.6.1` (zombie-runtime wait fix, secret substitution through CONNECT proxies, stale-sandbox cleanup); upstream public API is additive — no Ruby surface change |
|
|
410
414
|
|
|
411
415
|
**Going forward** — the gem version moves on its own semver track and no longer
|
|
412
416
|
mirrors the upstream tag:
|
data/ext/microsandbox/Cargo.toml
CHANGED
|
@@ -6,8 +6,8 @@ name = "microsandbox_rb"
|
|
|
6
6
|
description = "Ruby SDK native extension for microsandbox — secure, fast microVM-based sandboxing."
|
|
7
7
|
# Must equal Microsandbox::VERSION (lib/microsandbox/version.rb) — Native.version
|
|
8
8
|
# returns this via env!("CARGO_PKG_VERSION") and version_spec.rb asserts equality.
|
|
9
|
-
# The core-crate dependency below stays pinned at its own tag (v0.
|
|
10
|
-
version = "0.
|
|
9
|
+
# The core-crate dependency below stays pinned at its own tag (v0.6.1).
|
|
10
|
+
version = "0.9.0"
|
|
11
11
|
authors = ["Super Rad Company <development@superrad.company>"]
|
|
12
12
|
repository = "https://github.com/superradcompany/microsandbox"
|
|
13
13
|
license = "Apache-2.0"
|
|
@@ -35,8 +35,8 @@ rb-sys = "0.9"
|
|
|
35
35
|
# `.cargo/config.toml.example`). "ssh" matches the feature set the Python/Node
|
|
36
36
|
# SDKs ship with; default features add "prebuilt" (provisions msb + libkrunfw at
|
|
37
37
|
# build time), "net", and "keyring".
|
|
38
|
-
microsandbox = { git = "https://github.com/superradcompany/microsandbox", tag = "v0.
|
|
39
|
-
microsandbox-network = { git = "https://github.com/superradcompany/microsandbox", tag = "v0.
|
|
38
|
+
microsandbox = { git = "https://github.com/superradcompany/microsandbox", tag = "v0.6.1", default-features = true, features = ["ssh"] }
|
|
39
|
+
microsandbox-network = { git = "https://github.com/superradcompany/microsandbox", tag = "v0.6.1" }
|
|
40
40
|
|
|
41
41
|
# Async core bridged to Ruby's synchronous API via a blocking tokio runtime.
|
|
42
42
|
tokio = { version = "1", features = ["rt-multi-thread", "sync", "time"] }
|
data/lib/microsandbox/sandbox.rb
CHANGED
|
@@ -928,6 +928,14 @@ module Microsandbox
|
|
|
928
928
|
end
|
|
929
929
|
|
|
930
930
|
# Latest resource-usage snapshot.
|
|
931
|
+
#
|
|
932
|
+
# Raises a {Microsandbox::Error} ("sandbox N has no live metrics slot") when
|
|
933
|
+
# called in the brief window right after {Sandbox.create} returns, before the
|
|
934
|
+
# runtime has registered the sandbox's metrics slot. On the `v0.6.1` runtime
|
|
935
|
+
# the spawn handshake no longer blocks create until the first sample is
|
|
936
|
+
# written, so the slot goes live a beat *after* boot (within a few hundred
|
|
937
|
+
# milliseconds); retry for that window rather than treating the first failure
|
|
938
|
+
# as fatal.
|
|
931
939
|
# @return [Metrics]
|
|
932
940
|
def metrics
|
|
933
941
|
Metrics.new(@native.metrics)
|
|
@@ -952,6 +960,14 @@ module Microsandbox
|
|
|
952
960
|
|
|
953
961
|
# Stream resource-usage snapshots, one per interval tick, until the sandbox
|
|
954
962
|
# stops. Requires metrics to be enabled for the sandbox.
|
|
963
|
+
#
|
|
964
|
+
# The first tick fires immediately, so opening the stream right after
|
|
965
|
+
# {Sandbox.create} can hit the same metrics-slot startup window as {#metrics}
|
|
966
|
+
# and yield a transient "no live metrics slot" error on that first tick.
|
|
967
|
+
# Because the stream is single-pass (a drained or errored stream is spent),
|
|
968
|
+
# make sure the slot is live *before* opening it — e.g. retry {#metrics}
|
|
969
|
+
# until it succeeds (the slot goes live within a few hundred milliseconds of
|
|
970
|
+
# boot), then call {#metrics_stream}.
|
|
955
971
|
# @param interval [Numeric] seconds between snapshots
|
|
956
972
|
# @return [MetricsStream] an {Enumerable} of {Metrics}
|
|
957
973
|
def metrics_stream(interval: 1.0)
|
data/lib/microsandbox/version.rb
CHANGED
|
@@ -8,12 +8,12 @@ module Microsandbox
|
|
|
8
8
|
# Versioning section of the README for the full gem-to-runtime map. Must equal
|
|
9
9
|
# the native ext's Cargo crate version (`Native.version`), enforced by
|
|
10
10
|
# spec/unit/version_spec.rb.
|
|
11
|
-
VERSION = "0.
|
|
11
|
+
VERSION = "0.9.0"
|
|
12
12
|
|
|
13
13
|
# The upstream microsandbox runtime release this gem build embeds — the `tag`
|
|
14
14
|
# pinned on the `microsandbox`/`microsandbox-network` git deps in
|
|
15
15
|
# ext/microsandbox/Cargo.toml. Exposed at runtime as
|
|
16
16
|
# {Microsandbox.runtime_version}. spec/unit/version_spec.rb asserts it stays in
|
|
17
17
|
# sync with the Cargo tag so it can't silently drift out of date.
|
|
18
|
-
RUNTIME_VERSION = "v0.
|
|
18
|
+
RUNTIME_VERSION = "v0.6.1"
|
|
19
19
|
end
|