@h-rig/runtime 0.0.6-alpha.0

package/dist/src/control-plane/runtime/sandbox/utils.js

@@ -0,0 +1,137 @@
+// @bun
+// packages/runtime/src/control-plane/runtime/sandbox/utils.ts
+import { existsSync as existsSync2, readdirSync, realpathSync } from "fs";
+import { resolve as resolve2 } from "path";
+
+// packages/runtime/src/layout.ts
+import { existsSync } from "fs";
+import { basename, dirname, resolve } from "path";
+function resolveMonorepoRoot(projectRoot) {
+  const normalizedProjectRoot = resolve(projectRoot);
+  const explicit = process.env.MONOREPO_ROOT?.trim();
+  if (explicit) {
+    const explicitRoot = resolve(explicit);
+    const explicitParent = dirname(explicitRoot);
+    if (basename(explicitParent) === ".worktrees") {
+      const owner = dirname(explicitParent);
+      const ownerHasGit = existsSync(resolve(owner, ".git"));
+      const ownerHasTaskConfig = existsSync(resolve(owner, ".rig", "task-config.json"));
+      const ownerHasRigConfig = existsSync(resolve(owner, "rig.config.ts"));
+      if (ownerHasGit && (ownerHasTaskConfig || ownerHasRigConfig)) {
+        return owner;
+      }
+      throw new Error(`MONOREPO_ROOT points to worktree ${explicitRoot}, but the owner checkout is incomplete at ${owner}.`);
+    }
+    if (!existsSync(resolve(explicitRoot, ".git"))) {
+      throw new Error(`MONOREPO_ROOT points to ${explicitRoot}, but no git checkout was found there.`);
+    }
+    const hasTaskConfig = existsSync(resolve(explicitRoot, ".rig", "task-config.json"));
+    const hasRigConfig = existsSync(resolve(explicitRoot, "rig.config.ts"));
+    if (!hasTaskConfig && !hasRigConfig) {
+      throw new Error(`MONOREPO_ROOT points to ${explicitRoot}, but neither .rig/task-config.json nor rig.config.ts exists there.`);
+    }
+    return explicitRoot;
+  }
+  const projectParent = dirname(normalizedProjectRoot);
+  if (basename(projectParent) === ".worktrees") {
+    const worktreeOwner = dirname(projectParent);
+    const ownerHasGit = existsSync(resolve(worktreeOwner, ".git"));
+    const ownerHasTaskConfig = existsSync(resolve(worktreeOwner, ".rig", "task-config.json"));
+    const ownerHasRigConfig = existsSync(resolve(worktreeOwner, "rig.config.ts"));
+    if (ownerHasGit && (ownerHasTaskConfig || ownerHasRigConfig)) {
+      return worktreeOwner;
+    }
+  }
+  return normalizedProjectRoot;
+}
+
+// packages/runtime/src/control-plane/runtime/sandbox/utils.ts
+function toRealPath(path) {
+  if (!existsSync2(path)) {
+    return resolve2(path);
+  }
+  try {
+    return realpathSync.native(path);
+  } catch {
+    return resolve2(path);
+  }
+}
+function resolveHostGitMetadataPaths(projectRoot, workspaceDir) {
+  const candidates = new Set;
+  const addPath = (candidate) => {
+    if (existsSync2(candidate)) {
+      candidates.add(toRealPath(candidate));
+    }
+  };
+  addPath(resolve2(projectRoot, ".git"));
+  addPath(resolve2(workspaceDir, "..", "..", ".git"));
+  for (const repoRoot of resolveHostRepoRootPaths(projectRoot)) {
+    addPath(resolve2(repoRoot, ".git"));
+  }
+  const workspaceGit = resolve2(workspaceDir, ".git");
+  if (existsSync2(workspaceGit)) {
+    addPath(workspaceGit);
+  }
+  return [...candidates];
+}
+function resolveHostRepoRootPaths(projectRoot) {
+  const candidates = new Set;
+  const addPath = (candidate) => {
+    if (existsSync2(candidate)) {
+      candidates.add(toRealPath(candidate));
+    }
+  };
+  try {
+    const monorepoRoot = resolveMonorepoRoot(projectRoot);
+    if (toRealPath(monorepoRoot) !== toRealPath(projectRoot)) {
+      addPath(monorepoRoot);
+    }
+  } catch {}
+  const reposDir = resolve2(projectRoot, "repos");
+  if (existsSync2(reposDir)) {
+    for (const entry of readdirSync(reposDir, { withFileTypes: true })) {
+      if (entry.isDirectory() || entry.isSymbolicLink()) {
+        addPath(resolve2(reposDir, entry.name));
+      }
+    }
+  }
+  return [...candidates];
+}
+function resolveNetworkWithPolicy(sandboxConfig, envOverride) {
+  if (envOverride) {
+    const envValue = parseBooleanEnv(envOverride, sandboxConfig.network);
+    if (envValue !== sandboxConfig.network) {
+      console.warn(`[sandbox] RIG_RUNTIME_SANDBOX_NETWORK=${envOverride} overrides policy sandbox.network=${sandboxConfig.network}`);
+    }
+    return envValue;
+  }
+  return sandboxConfig.network;
+}
+function parseBooleanEnv(raw, fallback) {
+  if (!raw) {
+    return fallback;
+  }
+  const normalized = raw.trim().toLowerCase();
+  if (normalized === "1" || normalized === "true" || normalized === "yes" || normalized === "on") {
+    return true;
+  }
+  if (normalized === "0" || normalized === "false" || normalized === "no" || normalized === "off") {
+    return false;
+  }
+  return fallback;
+}
+function uniq(values) {
+  return [...new Set(values)];
+}
+function seatbeltString(value) {
+  return `"${value.replace(/\\/g, "\\\\").replace(/"/g, "\\\"")}"`;
+}
+export {
+  uniq,
+  toRealPath,
+  seatbeltString,
+  resolveNetworkWithPolicy,
+  resolveHostRepoRootPaths,
+  resolveHostGitMetadataPaths,
+  parseBooleanEnv
+};

package/dist/src/control-plane/runtime/sandbox-backend-bwrap.js

@@ -0,0 +1,311 @@
+// @bun
+var __require = import.meta.require;
+
+// packages/runtime/src/control-plane/runtime/sandbox/backend-bwrap.ts
+import { mkdirSync } from "fs";
+import { resolve as resolve3 } from "path";
+
+// packages/runtime/src/control-plane/runtime/sandbox/utils.ts
+import { existsSync as existsSync2, readdirSync, realpathSync } from "fs";
+import { resolve as resolve2 } from "path";
+
+// packages/runtime/src/layout.ts
+import { existsSync } from "fs";
+import { basename, dirname, resolve } from "path";
+function resolveMonorepoRoot(projectRoot) {
+  const normalizedProjectRoot = resolve(projectRoot);
+  const explicit = process.env.MONOREPO_ROOT?.trim();
+  if (explicit) {
+    const explicitRoot = resolve(explicit);
+    const explicitParent = dirname(explicitRoot);
+    if (basename(explicitParent) === ".worktrees") {
+      const owner = dirname(explicitParent);
+      const ownerHasGit = existsSync(resolve(owner, ".git"));
+      const ownerHasTaskConfig = existsSync(resolve(owner, ".rig", "task-config.json"));
+      const ownerHasRigConfig = existsSync(resolve(owner, "rig.config.ts"));
+      if (ownerHasGit && (ownerHasTaskConfig || ownerHasRigConfig)) {
+        return owner;
+      }
+      throw new Error(`MONOREPO_ROOT points to worktree ${explicitRoot}, but the owner checkout is incomplete at ${owner}.`);
+    }
+    if (!existsSync(resolve(explicitRoot, ".git"))) {
+      throw new Error(`MONOREPO_ROOT points to ${explicitRoot}, but no git checkout was found there.`);
+    }
+    const hasTaskConfig = existsSync(resolve(explicitRoot, ".rig", "task-config.json"));
+    const hasRigConfig = existsSync(resolve(explicitRoot, "rig.config.ts"));
+    if (!hasTaskConfig && !hasRigConfig) {
+      throw new Error(`MONOREPO_ROOT points to ${explicitRoot}, but neither .rig/task-config.json nor rig.config.ts exists there.`);
+    }
+    return explicitRoot;
+  }
+  const projectParent = dirname(normalizedProjectRoot);
+  if (basename(projectParent) === ".worktrees") {
+    const worktreeOwner = dirname(projectParent);
+    const ownerHasGit = existsSync(resolve(worktreeOwner, ".git"));
+    const ownerHasTaskConfig = existsSync(resolve(worktreeOwner, ".rig", "task-config.json"));
+    const ownerHasRigConfig = existsSync(resolve(worktreeOwner, "rig.config.ts"));
+    if (ownerHasGit && (ownerHasTaskConfig || ownerHasRigConfig)) {
+      return worktreeOwner;
+    }
+  }
+  return normalizedProjectRoot;
+}
+
+// packages/runtime/src/control-plane/runtime/sandbox/utils.ts
+function toRealPath(path) {
+  if (!existsSync2(path)) {
+    return resolve2(path);
+  }
+  try {
+    return realpathSync.native(path);
+  } catch {
+    return resolve2(path);
+  }
+}
+function resolveHostGitMetadataPaths(projectRoot, workspaceDir) {
+  const candidates = new Set;
+  const addPath = (candidate) => {
+    if (existsSync2(candidate)) {
+      candidates.add(toRealPath(candidate));
+    }
+  };
+  addPath(resolve2(projectRoot, ".git"));
+  addPath(resolve2(workspaceDir, "..", "..", ".git"));
+  for (const repoRoot of resolveHostRepoRootPaths(projectRoot)) {
+    addPath(resolve2(repoRoot, ".git"));
+  }
+  const workspaceGit = resolve2(workspaceDir, ".git");
+  if (existsSync2(workspaceGit)) {
+    addPath(workspaceGit);
+  }
+  return [...candidates];
+}
+function resolveHostRepoRootPaths(projectRoot) {
+  const candidates = new Set;
+  const addPath = (candidate) => {
+    if (existsSync2(candidate)) {
+      candidates.add(toRealPath(candidate));
+    }
+  };
+  try {
+    const monorepoRoot = resolveMonorepoRoot(projectRoot);
+    if (toRealPath(monorepoRoot) !== toRealPath(projectRoot)) {
+      addPath(monorepoRoot);
+    }
+  } catch {}
+  const reposDir = resolve2(projectRoot, "repos");
+  if (existsSync2(reposDir)) {
+    for (const entry of readdirSync(reposDir, { withFileTypes: true })) {
+      if (entry.isDirectory() || entry.isSymbolicLink()) {
+        addPath(resolve2(reposDir, entry.name));
+      }
+    }
+  }
+  return [...candidates];
+}
+function resolveNetworkWithPolicy(sandboxConfig, envOverride) {
+  if (envOverride) {
+    const envValue = parseBooleanEnv(envOverride, sandboxConfig.network);
+    if (envValue !== sandboxConfig.network) {
+      console.warn(`[sandbox] RIG_RUNTIME_SANDBOX_NETWORK=${envOverride} overrides policy sandbox.network=${sandboxConfig.network}`);
+    }
+    return envValue;
+  }
+  return sandboxConfig.network;
+}
+function parseBooleanEnv(raw, fallback) {
+  if (!raw) {
+    return fallback;
+  }
+  const normalized = raw.trim().toLowerCase();
+  if (normalized === "1" || normalized === "true" || normalized === "yes" || normalized === "on") {
+    return true;
+  }
+  if (normalized === "0" || normalized === "false" || normalized === "no" || normalized === "off") {
+    return false;
+  }
+  return fallback;
+}
+function uniq(values) {
+  return [...new Set(values)];
+}
+
+// packages/runtime/src/control-plane/runtime/sandbox/backend-bwrap.ts
+class BwrapBackend {
+  kind = "linux-bwrap";
+  binaryPath;
+  config;
+  ctx;
+  resolvedPaths;
+  which;
+  constructor(binaryPath, config, ctx, resolvedPaths, which) {
+    this.binaryPath = binaryPath;
+    this.config = config;
+    this.ctx = ctx;
+    this.resolvedPaths = resolvedPaths;
+    this.which = which ?? ((bin) => Bun.which(bin));
+  }
+  wrap(options) {
+    const command = this.buildCommand(options);
+    return {
+      command,
+      enabled: true,
+      backend: "linux-bwrap"
+    };
+  }
+  buildCommand(options) {
+    const { runtime, projectRoot, command } = options;
+    const { ctx, resolvedPaths, config } = this;
+    const workspaceReal = ctx.realPath(runtime.workspaceDir);
+    const runtimeRootReal = ctx.realPath(runtime.rootDir);
+    const homeReal = ctx.realPath(runtime.homeDir);
+    const tmpReal = ctx.realPath(runtime.tmpDir);
+    const cacheReal = ctx.realPath(runtime.cacheDir);
+    const hostGitDirs = resolveHostGitMetadataPaths(projectRoot, runtime.workspaceDir);
+    const hostRepoRoots = resolveHostRepoRootPaths(projectRoot).map((repoRoot) => ctx.realPath(repoRoot));
+    const bunDir = ctx.realPath(resolvedPaths.bunDir);
+    const claudeDir = resolvedPaths.claudeDir ? ctx.realPath(resolvedPaths.claudeDir) : null;
+    const allowNetwork = resolveNetworkWithPolicy(config, process.env.RIG_RUNTIME_SANDBOX_NETWORK);
+    const args = [
+      this.binaryPath,
+      "--die-with-parent",
+      "--new-session",
+      "--unshare-pid",
+      "--tmpfs",
+      "/",
+      "--ro-bind",
+      "/usr",
+      "/usr",
+      "--ro-bind",
+      "/bin",
+      "/bin",
+      "--ro-bind",
+      "/sbin",
+      "/sbin"
+    ];
+    for (const libPath of ["/lib", "/lib64"]) {
+      if (ctx.pathExists(libPath)) {
+        args.push("--ro-bind", libPath, libPath);
+      }
+    }
+    for (const etcEntry of [
+      "/etc/ld.so.cache",
+      "/etc/ld.so.conf",
+      "/etc/ld.so.conf.d",
+      "/etc/resolv.conf",
+      "/etc/hosts",
+      "/etc/nsswitch.conf",
+      "/etc/gai.conf",
+      "/etc/host.conf",
+      "/etc/ssl",
+      "/etc/ca-certificates",
+      "/etc/pki",
+      "/etc/passwd",
+      "/etc/group",
+      "/etc/localtime",
+      "/etc/timezone",
+      "/etc/locale.conf",
+      "/etc/default/locale"
+    ]) {
+      if (ctx.pathExists(etcEntry)) {
+        args.push("--ro-bind", etcEntry, etcEntry);
+      }
+    }
+    if (ctx.pathExists("/run/systemd/resolve")) {
+      args.push("--ro-bind", "/run/systemd/resolve", "/run/systemd/resolve");
+    }
+    if (ctx.pathExists("/run/nscd")) {
+      args.push("--ro-bind", "/run/nscd", "/run/nscd");
+    }
+    args.push("--ro-bind", bunDir, bunDir);
+    if (claudeDir) {
+      args.push("--ro-bind", claudeDir, claudeDir);
+    }
+    if (resolvedPaths.nodeDir && ctx.pathExists(resolvedPaths.nodeDir)) {
+      args.push("--ro-bind", resolvedPaths.nodeDir, resolvedPaths.nodeDir);
+    }
+    for (const depPath of resolvedPaths.depRoots) {
+      if (ctx.pathExists(depPath)) {
+        args.push("--ro-bind", depPath, depPath);
+      }
+    }
+    const projectRootReal = ctx.realPath(projectRoot);
+    if (projectRootReal !== workspaceReal && !projectRootReal.startsWith(workspaceReal + "/") && ctx.pathExists(projectRootReal)) {
+      args.push("--ro-bind", projectRootReal, projectRootReal);
+    }
+    for (const repoRoot of hostRepoRoots) {
+      if (!ctx.pathExists(repoRoot) || repoRoot === workspaceReal || repoRoot.startsWith(workspaceReal + "/") || repoRoot === projectRootReal || repoRoot.startsWith(projectRootReal + "/")) {
+        continue;
+      }
+      args.push("--ro-bind", repoRoot, repoRoot);
+    }
+    args.push("--bind", workspaceReal, workspaceReal);
+    args.push("--bind", runtimeRootReal, runtimeRootReal);
+    for (const rwPath of uniq([homeReal, tmpReal, cacheReal])) {
+      if (rwPath !== runtimeRootReal && !rwPath.startsWith(runtimeRootReal + "/")) {
+        args.push("--bind", rwPath, rwPath);
+      }
+    }
+    for (const gitPath of hostGitDirs) {
+      if (!ctx.pathExists(gitPath))
+        continue;
+      if (gitPath === runtimeRootReal || gitPath.startsWith(runtimeRootReal + "/"))
+        continue;
+      if (gitPath === workspaceReal || gitPath.startsWith(workspaceReal + "/"))
+        continue;
+      args.push("--bind", gitPath, gitPath);
+    }
+    const realHome = process.env.HOME?.trim();
+    if (realHome) {
+      for (const binSubdir of [".local/bin", ".local/lib", ".cargo/bin"]) {
+        const binPath = ctx.realPath(resolve3(realHome, binSubdir));
+        if (ctx.pathExists(binPath)) {
+          args.push("--ro-bind", binPath, binPath);
+        }
+      }
+      const agentSshDir = resolve3(homeReal, ".ssh");
+      if (ctx.pathExists(agentSshDir)) {
+        args.push("--ro-bind", agentSshDir, agentSshDir);
+      } else {
+        const hostSshDir = resolve3(realHome, ".ssh");
+        if (ctx.pathExists(hostSshDir)) {
+          mkdirSync(agentSshDir, { recursive: true });
+          args.push("--ro-bind", hostSshDir, agentSshDir);
+          args.push("--ro-bind", hostSshDir, hostSshDir);
+        }
+      }
+    }
+    args.push("--proc", "/proc");
+    args.push("--dev", "/dev");
+    args.push("--tmpfs", "/tmp");
+    args.push("--unsetenv", "CLAUDECODE");
+    args.push("--setenv", "HOME", homeReal);
+    args.push("--setenv", "TMPDIR", "/tmp");
+    args.push("--chdir", workspaceReal);
+    if (!allowNetwork) {
+      args.push("--unshare-net");
+    }
+    args.push("--", ...this.resolveCommandBinary(command));
+    return args;
+  }
+  resolveCommandBinary(command) {
+    if (command.length === 0)
+      return command;
+    const [bin, ...rest] = command;
+    if (!bin)
+      return command;
+    const resolved = this.which(bin);
+    if (!resolved)
+      return command;
+    try {
+      const { realpathSync: realpathSync2 } = __require("fs");
+      const resolvedBinary = realpathSync2(resolved);
+      return [resolvedBinary, ...rest];
+    } catch {
+      return [resolved, ...rest];
+    }
+  }
+}
+export {
+  BwrapBackend
+};

package/dist/src/control-plane/runtime/sandbox-backend-none.js

@@ -0,0 +1,21 @@
+// @bun
+// packages/runtime/src/control-plane/runtime/sandbox/backend-none.ts
+class NoSandboxBackend {
+  kind = "none";
+  reason;
+  constructor(reason) {
+    this.reason = reason;
+  }
+  wrap(options) {
+    return {
+      command: options.command,
+      enabled: false,
+      backend: "none",
+      reason: this.reason,
+      metadata: undefined
+    };
+  }
+}
+export {
+  NoSandboxBackend
+};