@cloudflare/sandbox 0.0.9 → 0.1.0

package/CHANGELOG.md

@@ -1,5 +1,15 @@
 # @cloudflare/sandbox
 
+## 0.1.0
+
+### Minor Changes
+
+- [#24](https://github.com/cloudflare/sandbox-sdk/pull/24) [`cecde0a`](https://github.com/cloudflare/sandbox-sdk/commit/cecde0a7530a87deffd8562fb8b01d66ee80ee19) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Redesign command execution API
+
+### Patch Changes
+
+- [#22](https://github.com/cloudflare/sandbox-sdk/pull/22) [`f5fcd52`](https://github.com/cloudflare/sandbox-sdk/commit/f5fcd52025d1f7958a374e69d75e3fc590275f3f) Thanks [@ghostwriternr](https://github.com/ghostwriternr)! - Allow setting env variables dynamically and remove command restrictions
+
 ## 0.0.9
 
 ### Patch Changes

package/Dockerfile

@@ -59,22 +59,9 @@ RUN curl -fsSL https://bun.sh/install | bash \
 # Install global npm packages as root
 RUN npm install -g yarn pnpm
 
-# Create a non-root user for running applications
-RUN useradd -m -s /bin/bash sandbox \
-    && echo "sandbox ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
-
 # Set up working directory
 WORKDIR /app
 
-# Set ownership of the app directory to sandbox user
-RUN chown -R sandbox:sandbox /app
-
-# Set environment variables
-ENV PATH="/home/sandbox/.local/bin:${PATH}"
-
-# Switch to non-root user
-USER sandbox
-
 # Verify installations
 RUN python3 --version && \
     node --version && \
@@ -84,7 +71,7 @@ RUN python3 --version && \
     pnpm --version
 
 # Copy container source files
-COPY --chown=sandbox:sandbox container_src/* ./
+COPY container_src/ ./
 
 # Expose the application port
 EXPOSE 3000

package/container_src/handler/exec.ts

@@ -0,0 +1,337 @@
+import { type SpawnOptions, spawn } from "node:child_process";
+import type { ExecuteRequest, SessionData } from "../types";
+
+function executeCommand(
+  sessions: Map<string, SessionData>,
+  command: string,
+  sessionId?: string,
+  background?: boolean
+): Promise<{
+  success: boolean;
+  stdout: string;
+  stderr: string;
+  exitCode: number;
+}> {
+  return new Promise((resolve, reject) => {
+    const spawnOptions: SpawnOptions = {
+      shell: true,
+      stdio: ["pipe", "pipe", "pipe"] as const,
+      detached: background || false,
+    };
+
+    const child = spawn(command, spawnOptions);
+
+    // Store the process reference for cleanup if sessionId is provided
+    if (sessionId && sessions.has(sessionId)) {
+      const session = sessions.get(sessionId)!;
+      session.activeProcess = child;
+    }
+
+    let stdout = "";
+    let stderr = "";
+
+    child.stdout?.on("data", (data) => {
+      stdout += data.toString();
+    });
+
+    child.stderr?.on("data", (data) => {
+      stderr += data.toString();
+    });
+
+    if (background) {
+      // For background processes, unref and return quickly
+      child.unref();
+
+      // Collect initial output for 100ms then return
+      setTimeout(() => {
+        resolve({
+          exitCode: 0, // Process is still running
+          stderr,
+          stdout,
+          success: true,
+        });
+      }, 100);
+
+      // Still handle errors
+      child.on("error", (error) => {
+        console.error(`[Server] Background process error: ${command}`, error);
+        // Don't reject since we might have already resolved
+      });
+    } else {
+      // Normal synchronous execution
+      child.on("close", (code) => {
+        // Clear the active process reference
+        if (sessionId && sessions.has(sessionId)) {
+          const session = sessions.get(sessionId)!;
+          session.activeProcess = null;
+        }
+
+        console.log(`[Server] Command completed: ${command}, Exit code: ${code}`);
+
+        resolve({
+          exitCode: code || 0,
+          stderr,
+          stdout,
+          success: code === 0,
+        });
+      });
+
+      child.on("error", (error) => {
+        // Clear the active process reference
+        if (sessionId && sessions.has(sessionId)) {
+          const session = sessions.get(sessionId)!;
+          session.activeProcess = null;
+        }
+
+        reject(error);
+      });
+    }
+  });
+}
+
+export async function handleExecuteRequest(
+  sessions: Map<string, SessionData>,
+  req: Request,
+  corsHeaders: Record<string, string>
+): Promise<Response> {
+  try {
+    const body = (await req.json()) as ExecuteRequest;
+    const { command, sessionId, background } = body;
+
+    if (!command || typeof command !== "string") {
+      return new Response(
+        JSON.stringify({
+          error: "Command is required and must be a string",
+        }),
+        {
+          headers: {
+            "Content-Type": "application/json",
+            ...corsHeaders,
+          },
+          status: 400,
+        }
+      );
+    }
+
+    console.log(`[Server] Executing command: ${command}`);
+
+    const result = await executeCommand(sessions, command, sessionId, background);
+
+    return new Response(
+      JSON.stringify({
+        command,
+        exitCode: result.exitCode,
+        stderr: result.stderr,
+        stdout: result.stdout,
+        success: result.success,
+        timestamp: new Date().toISOString(),
+      }),
+      {
+        headers: {
+          "Content-Type": "application/json",
+          ...corsHeaders,
+        },
+      }
+    );
+  } catch (error) {
+    console.error("[Server] Error in handleExecuteRequest:", error);
+    return new Response(
+      JSON.stringify({
+        error: "Failed to execute command",
+        message: error instanceof Error ? error.message : "Unknown error",
+      }),
+      {
+        headers: {
+          "Content-Type": "application/json",
+          ...corsHeaders,
+        },
+        status: 500,
+      }
+    );
+  }
+}
+
+export async function handleStreamingExecuteRequest(
+  sessions: Map<string, SessionData>,
+  req: Request,
+  corsHeaders: Record<string, string>
+): Promise<Response> {
+  try {
+    const body = (await req.json()) as ExecuteRequest;
+    const { command, sessionId, background } = body;
+
+    if (!command || typeof command !== "string") {
+      return new Response(
+        JSON.stringify({
+          error: "Command is required and must be a string",
+        }),
+        {
+          headers: {
+            "Content-Type": "application/json",
+            ...corsHeaders,
+          },
+          status: 400,
+        }
+      );
+    }
+
+    console.log(
+      `[Server] Executing streaming command: ${command}`
+    );
+
+    const stream = new ReadableStream({
+      start(controller) {
+        const spawnOptions: SpawnOptions = {
+          shell: true,
+          stdio: ["pipe", "pipe", "pipe"] as const,
+          detached: background || false,
+        };
+
+        const child = spawn(command, spawnOptions);
+
+        // Store the process reference for cleanup if sessionId is provided
+        if (sessionId && sessions.has(sessionId)) {
+          const session = sessions.get(sessionId)!;
+          session.activeProcess = child;
+        }
+
+        // For background processes, unref to prevent blocking
+        if (background) {
+          child.unref();
+        }
+
+        let stdout = "";
+        let stderr = "";
+
+        // Send command start event
+        controller.enqueue(
+          new TextEncoder().encode(
+            `data: ${JSON.stringify({
+              type: "start",
+              timestamp: new Date().toISOString(),
+              command,
+              background: background || false,
+            })}\n\n`
+          )
+        );
+
+        child.stdout?.on("data", (data) => {
+          const output = data.toString();
+          stdout += output;
+
+          // Send real-time output
+          controller.enqueue(
+            new TextEncoder().encode(
+              `data: ${JSON.stringify({
+                type: "stdout",
+                timestamp: new Date().toISOString(),
+                data: output,
+                command,
+              })}\n\n`
+            )
+          );
+        });
+
+        child.stderr?.on("data", (data) => {
+          const output = data.toString();
+          stderr += output;
+
+          // Send real-time error output
+          controller.enqueue(
+            new TextEncoder().encode(
+              `data: ${JSON.stringify({
+                type: "stderr",
+                timestamp: new Date().toISOString(),
+                data: output,
+                command,
+              })}\n\n`
+            )
+          );
+        });
+
+        child.on("close", (code) => {
+          // Clear the active process reference
+          if (sessionId && sessions.has(sessionId)) {
+            const session = sessions.get(sessionId)!;
+            session.activeProcess = null;
+          }
+
+          console.log(
+            `[Server] Command completed: ${command}, Exit code: ${code}`
+          );
+
+          // Send command completion event
+          controller.enqueue(
+            new TextEncoder().encode(
+              `data: ${JSON.stringify({
+                type: "complete",
+                timestamp: new Date().toISOString(),
+                command,
+                exitCode: code,
+                result: {
+                  success: code === 0,
+                  exitCode: code,
+                  stdout,
+                  stderr,
+                  command,
+                  timestamp: new Date().toISOString(),
+                },
+              })}\n\n`
+            )
+          );
+
+          // For non-background processes, close the stream
+          // For background processes with streaming, the stream stays open
+          if (!background) {
+            controller.close();
+          }
+        });
+
+        child.on("error", (error) => {
+          // Clear the active process reference
+          if (sessionId && sessions.has(sessionId)) {
+            const session = sessions.get(sessionId)!;
+            session.activeProcess = null;
+          }
+
+          controller.enqueue(
+            new TextEncoder().encode(
+              `data: ${JSON.stringify({
+                type: "error",
+                timestamp: new Date().toISOString(),
+                error: error.message,
+                command,
+              })}\n\n`
+            )
+          );
+
+          controller.close();
+        });
+      },
+    });
+
+    return new Response(stream, {
+      headers: {
+        "Cache-Control": "no-cache",
+        Connection: "keep-alive",
+        "Content-Type": "text/event-stream",
+        ...corsHeaders,
+      },
+    });
+  } catch (error) {
+    console.error("[Server] Error in handleStreamingExecuteRequest:", error);
+    return new Response(
+      JSON.stringify({
+        error: "Failed to execute streaming command",
+        message: error instanceof Error ? error.message : "Unknown error",
+      }),
+      {
+        headers: {
+          "Content-Type": "application/json",
+          ...corsHeaders,
+        },
+        status: 500,
+      }
+    );
+  }
+}