@ebowwa/sandbox 0.1.1

package/src/runtimes/docker.ts

@@ -0,0 +1,501 @@
+/**
+ * Docker Runtime
+ *
+ * Runs code in Docker containers for maximum isolation.
+ * Provides full filesystem and network control with container-level security.
+ *
+ * Isolation level: 'container'
+ */
+
+import { spawn, type ChildProcess } from "node:child_process";
+import { randomUUID } from "node:crypto";
+import { setTimeout as setTimeoutPromise } from "node:timers/promises";
+import type {
+  ExecutionResult,
+  Permissions,
+  Limits,
+  DisplayOutput,
+} from "../core/types.js";
+import type {
+  IRuntime,
+  RuntimeOptions,
+  ExecutionRequest,
+  RuntimeCapabilities,
+} from "../core/runtime.js";
+
+/** Docker runtime configuration */
+export interface DockerRuntimeConfig {
+  /** Default Docker image to use */
+  defaultImage?: string;
+  /** Docker socket path */
+  dockerSocket?: string;
+  /** Network mode for containers */
+  networkMode?: "none" | "bridge" | "host";
+  /** Cleanup containers after execution */
+  autoCleanup?: boolean;
+  /** Memory limit for containers (bytes) */
+  defaultMemory?: number;
+  /** CPU limit (number of CPUs) */
+  cpuLimit?: number;
+}
+
+/** Container execution options */
+export interface ContainerOptions {
+  /** Docker image to use */
+  image?: string;
+  /** Container name */
+  name?: string;
+  /** Environment variables */
+  env?: Record<string, string>;
+  /** Working directory in container */
+  workdir?: string;
+  /** Mount points */
+  mounts?: Array<{
+    source: string;
+    target: string;
+    readonly?: boolean;
+  }>;
+  /** Port mappings */
+  ports?: Array<{
+    hostPort: number;
+    containerPort: number;
+    protocol?: "tcp" | "udp";
+  }>;
+  /** Network mode */
+  network?: "none" | "bridge" | "host";
+}
+
+/**
+ * Docker Runtime
+ *
+ * Executes code in isolated Docker containers with full resource control.
+ * Maximum isolation with configurable filesystem and network access.
+ */
+export class DockerRuntime implements IRuntime {
+  readonly name = "docker";
+  readonly capabilities: RuntimeCapabilities = {
+    isolation: "container",
+    stateful: true,
+    async: true,
+    filesystem: true,
+    network: true,
+    maxMemory: 16 * 1024 * 1024 * 1024, // 16GB
+    wasi: true,
+  };
+
+  private executing = false;
+  private config: Required<DockerRuntimeConfig>;
+  private containers = new Map<string, string>(); // name -> containerId
+
+  constructor(config: DockerRuntimeConfig = {}) {
+    this.config = {
+      defaultImage: config.defaultImage ?? "node:20-slim",
+      dockerSocket: config.dockerSocket ?? "/var/run/docker.sock",
+      networkMode: config.networkMode ?? "none",
+      autoCleanup: config.autoCleanup ?? true,
+      defaultMemory: config.defaultMemory ?? 512 * 1024 * 1024, // 512MB
+      cpuLimit: config.cpuLimit ?? 1,
+    };
+  }
+
+  async init(): Promise<void> {
+    // Verify Docker is available
+    const available = await this.checkDockerAvailable();
+    if (!available) {
+      throw new Error("Docker is not available. Ensure Docker daemon is running.");
+    }
+  }
+
+  async isAvailable(): Promise<boolean> {
+    return this.checkDockerAvailable();
+  }
+
+  async execute(
+    request: ExecutionRequest,
+    options: RuntimeOptions
+  ): Promise<ExecutionResult> {
+    const startTime = Date.now();
+    this.executing = true;
+
+    const stdout: string[] = [];
+    const stderr: string[] = [];
+    const displays: DisplayOutput[] = [];
+
+    const containerName = `sandbox-${randomUUID().slice(0, 8)}`;
+
+    try {
+      // Parse limits
+      const timeout = this.parseTimeout(options.limits?.timeout);
+      const maxMemory = this.parseMemory(options.limits?.memory) || this.config.defaultMemory;
+      const cpuLimit = options.limits?.cpuTime
+        ? Math.max(0.1, (options.limits.cpuTime / 1000))
+        : this.config.cpuLimit;
+
+      // Build container options from permissions
+      const containerOptions = this.buildContainerOptions(request, options, {
+        memory: maxMemory,
+        cpu: cpuLimit,
+        name: containerName,
+      });
+
+      // Create abort controller for timeout
+      const controller = new AbortController();
+      const timeoutId = setTimeout(() => controller.abort(), timeout);
+
+      if (options.signal) {
+        options.signal.addEventListener("abort", () => {
+          controller.abort();
+          clearTimeout(timeoutId);
+        });
+      }
+
+      // Pull image if needed
+      await this.pullImageIfNeeded(containerOptions.image!);
+
+      // Create and start container
+      const containerId = await this.createContainer(containerOptions);
+      this.containers.set(containerName, containerId);
+
+      // Execute code in container
+      const result = await this.runInContainer(
+        containerId,
+        request,
+        controller.signal
+      );
+
+      clearTimeout(timeoutId);
+
+      // Collect output
+      stdout.push(...result.stdout);
+      stderr.push(...result.stderr);
+
+      return {
+        success: result.exitCode === 0,
+        value: result.value,
+        metrics: {
+          duration: Date.now() - startTime,
+          memoryUsed: maxMemory, // Approximate
+        },
+        output: { stdout, stderr, displays },
+      };
+    } catch (error) {
+      if (error instanceof Error && error.name === "AbortError") {
+        return this.createErrorResult(
+          "Execution timed out",
+          "timeout",
+          startTime,
+          stdout,
+          stderr
+        );
+      }
+
+      return this.createErrorResult(
+        error instanceof Error ? error.message : String(error),
+        "runtime",
+        startTime,
+        stdout,
+        stderr
+      );
+    } finally {
+      // Cleanup container
+      if (this.config.autoCleanup) {
+        await this.removeContainer(containerName);
+      }
+      this.executing = false;
+    }
+  }
+
+  async terminate(): Promise<void> {
+    // Cleanup all containers
+    for (const [name] of this.containers) {
+      await this.removeContainer(name);
+    }
+    this.containers.clear();
+    this.executing = false;
+  }
+
+  isExecuting(): boolean {
+    return this.executing;
+  }
+
+  /**
+   * Check if Docker is available
+   */
+  private async checkDockerAvailable(): Promise<boolean> {
+    return new Promise((resolve) => {
+      const proc = spawn("docker", ["version"], { stdio: "ignore" });
+      proc.on("close", (code) => resolve(code === 0));
+      proc.on("error", () => resolve(false));
+    });
+  }
+
+  /**
+   * Pull Docker image if not present
+   */
+  private async pullImageIfNeeded(image: string): Promise<void> {
+    // Check if image exists
+    const exists = await new Promise<boolean>((resolve) => {
+      const proc = spawn("docker", ["image", "inspect", image], { stdio: "ignore" });
+      proc.on("close", (code) => resolve(code === 0));
+      proc.on("error", () => resolve(false));
+    });
+
+    if (!exists) {
+      await new Promise<void>((resolve, reject) => {
+        const proc = spawn("docker", ["pull", image], { stdio: "inherit" });
+        proc.on("close", (code) => {
+          if (code === 0) resolve();
+          else reject(new Error(`Failed to pull image: ${image}`));
+        });
+        proc.on("error", reject);
+      });
+    }
+  }
+
+  /**
+   * Build container options from execution request
+   */
+  private buildContainerOptions(
+    request: ExecutionRequest,
+    options: RuntimeOptions,
+    limits: { memory: number; cpu: number; name: string }
+  ): ContainerOptions {
+    const perms = options.permissions;
+    const containerOptions: ContainerOptions = {
+      image: this.config.defaultImage,
+      name: limits.name,
+      env: options.env,
+      workdir: options.cwd ?? "/workspace",
+      network: this.config.networkMode,
+    };
+
+    // Filesystem permissions
+    if (perms.fs?.read || perms.fs?.write) {
+      containerOptions.mounts = [
+        {
+          source: options.cwd ?? process.cwd(),
+          target: containerOptions.workdir ?? "/workspace",
+          readonly: !perms.fs.write,
+        },
+      ];
+    }
+
+    // Network permissions
+    if (perms.network?.outbound || perms.network?.inbound) {
+      containerOptions.network = "bridge";
+    }
+
+    return containerOptions;
+  }
+
+  /**
+   * Create Docker container
+   */
+  private async createContainer(opts: ContainerOptions): Promise<string> {
+    const args = ["create"];
+
+    // Name
+    args.push("--name", opts.name!);
+
+    // Memory limit
+    args.push("--memory", `${Math.floor(this.config.defaultMemory / (1024 * 1024))}m`);
+
+    // CPU limit
+    args.push("--cpus", this.config.cpuLimit.toString());
+
+    // Network mode
+    if (opts.network) {
+      args.push(`--network=${opts.network}`);
+    }
+
+    // Working directory
+    if (opts.workdir) {
+      args.push("--workdir", opts.workdir);
+    }
+
+    // Environment variables
+    if (opts.env) {
+      for (const [key, value] of Object.entries(opts.env)) {
+        args.push("--env", `${key}=${value}`);
+      }
+    }
+
+    // Mounts
+    if (opts.mounts) {
+      for (const mount of opts.mounts) {
+        const mode = mount.readonly ? ":ro" : "";
+        args.push("--volume", `${mount.source}:${mount.target}${mode}`);
+      }
+    }
+
+    // Port mappings
+    if (opts.ports) {
+      for (const port of opts.ports) {
+        const protocol = port.protocol ?? "tcp";
+        args.push("--publish", `${port.hostPort}:${port.containerPort}/${protocol}`);
+      }
+    }
+
+    // Security options
+    args.push("--security-opt", "no-new-privileges");
+
+    // Disable inter-container communication
+    args.push("--icc=false");
+
+    // Image
+    args.push(opts.image!);
+
+    return new Promise((resolve, reject) => {
+      const proc = spawn("docker", args);
+      let output = "";
+
+      proc.stdout.on("data", (data: Buffer) => {
+        output += data.toString();
+      });
+
+      proc.stderr.on("data", (data: Buffer) => {
+        console.error(`docker stderr: ${data}`);
+      });
+
+      proc.on("close", (code) => {
+        if (code === 0) {
+          resolve(output.trim());
+        } else {
+          reject(new Error(`Failed to create container: ${output}`));
+        }
+      });
+
+      proc.on("error", reject);
+    });
+  }
+
+  /**
+   * Run code in container
+   */
+  private async runInContainer(
+    containerId: string,
+    request: ExecutionRequest,
+    signal: AbortSignal
+  ): Promise<{ stdout: string[]; stderr: string[]; exitCode: number; value?: unknown }> {
+    const stdout: string[] = [];
+    const stderr: string[] = [];
+
+    // Start container
+    await new Promise<void>((resolve, reject) => {
+      const proc = spawn("docker", ["start", containerId]);
+      proc.on("close", (code) => {
+        if (code === 0) resolve();
+        else reject(new Error("Failed to start container"));
+      });
+      proc.on("error", reject);
+    });
+
+    // Write WASM to temp file and execute
+    const wasmBase64 = Buffer.from(request.wasm.wasmBytes).toString("base64");
+    const execCommand = `node -e "require('fs').writeFileSync('/tmp/code.wasm',Buffer.from('${wasmBase64}','base64'));const {WASI}=require('wasi');const wasi=new WASI({version:'preview1'});WebAssembly.instantiate(require('fs').readFileSync('/tmp/code.wasm'),{wasi_snapshot_preview1:wasi.wasiImport}).then(({instance})=>{wasi.start(instance)})"`;
+
+    // Execute in container
+    return new Promise((resolve, reject) => {
+      const proc = spawn("docker", [
+        "exec",
+        containerId,
+        "/bin/sh",
+        "-c",
+        execCommand,
+      ]);
+
+      proc.stdout.on("data", (data: Buffer) => {
+        stdout.push(data.toString("utf8"));
+      });
+
+      proc.stderr.on("data", (data: Buffer) => {
+        stderr.push(data.toString("utf8"));
+      });
+
+      signal.addEventListener("abort", () => {
+        proc.kill("SIGKILL");
+      });
+
+      proc.on("close", (code) => {
+        // Try to parse output as JSON
+        let value: unknown = undefined;
+        const output = stdout.join("");
+        try {
+          const parsed = JSON.parse(output);
+          if (parsed.__return_value !== undefined) {
+            value = parsed.__return_value;
+          }
+        } catch {
+          value = output.trim() || undefined;
+        }
+
+        resolve({
+          stdout,
+          stderr,
+          exitCode: code ?? 1,
+          value,
+        });
+      });
+
+      proc.on("error", reject);
+    });
+  }
+
+  /**
+   * Remove container
+   */
+  private async removeContainer(nameOrId: string): Promise<void> {
+    const containerId = this.containers.get(nameOrId) ?? nameOrId;
+
+    await new Promise<void>((resolve) => {
+      const proc = spawn("docker", ["rm", "-f", containerId], { stdio: "ignore" });
+      proc.on("close", () => {
+        this.containers.delete(nameOrId);
+        resolve();
+      });
+      proc.on("error", () => resolve());
+    });
+  }
+
+  private createErrorResult(
+    message: string,
+    type: "compile" | "runtime" | "permission" | "limit" | "timeout" | "cancel",
+    startTime: number,
+    stdout: string[] = [],
+    stderr: string[] = []
+  ): ExecutionResult {
+    return {
+      success: false,
+      error: { message, type },
+      metrics: {
+        duration: Date.now() - startTime,
+        memoryUsed: 0,
+      },
+      output: { stdout, stderr, displays: [] },
+    };
+  }
+
+  private parseMemory(memory: string | number | undefined): number {
+    if (!memory) return this.config.defaultMemory;
+    if (typeof memory === "number") return memory;
+    const match = memory.match(/^(\d+(?:\.\d+)?)\s*(b|kb|mb|gb)?$/i);
+    if (!match) return this.config.defaultMemory;
+    const [, num, unit] = match;
+    const multipliers: Record<string, number> = {
+      b: 1, kb: 1024, mb: 1024 ** 2, gb: 1024 ** 3,
+    };
+    return Math.floor(parseFloat(num) * (multipliers[unit?.toLowerCase() ?? "b"] ?? 1));
+  }
+
+  private parseTimeout(timeout: string | number | undefined): number {
+    if (!timeout) return 300000; // 5 minutes default for containers
+    if (typeof timeout === "number") return timeout;
+    const match = timeout.match(/^(\d+(?:\.\d+)?)\s*(ms|s|m)?$/i);
+    if (!match) return 300000;
+    const [, num, unit] = match;
+    const multipliers: Record<string, number> = {
+      ms: 1, s: 1000, m: 60000,
+    };
+    return Math.floor(parseFloat(num) * (multipliers[unit?.toLowerCase() ?? "ms"] ?? 1));
+  }
+}

package/src/runtimes/index.ts

@@ -0,0 +1,21 @@
+/**
+ * Runtime Exports
+ *
+ * Exports all available runtimes for sandboxed code execution.
+ */
+
+// Type exports
+export type { ProcessRuntimeConfig } from "./process.js";
+export type { DockerRuntimeConfig, ContainerOptions } from "./docker.js";
+
+// Runtime implementations
+export { ProcessRuntime } from "./process.js";
+export { DockerRuntime } from "./docker.js";
+
+// Re-export types from core for convenience
+export type {
+  IRuntime,
+  RuntimeOptions,
+  ExecutionRequest,
+  RuntimeCapabilities,
+} from "../core/runtime.js";