isol8 0.4.3 → 0.5.1

package/README.md

@@ -104,6 +104,8 @@ isol8 run script.py --host http://server:3000 --key my-api-key
 | `--out <file>` | Write stdout to file | — |
 | `--no-stream` | Disable real-time output streaming | `false` |
 | `--persistent` | Keep container alive between runs | `false` |
+| `--persist` | Keep container after execution for inspection/debugging | `false` |
+| `--debug` | Enable debug logging for internal engine operations | `false` |
 | `--timeout <ms>` | Execution timeout in milliseconds | `30000` |
 | `--memory <limit>` | Memory limit (e.g. `512m`, `1g`) | `512m` |
 | `--cpu <limit>` | CPU limit as fraction (e.g. `0.5`, `2.0`) | `1.0` |

package/dist/cli.js

@@ -6929,11 +6929,6 @@ var require_utils2 = __commonJS((exports, module) => {
   };
 });
 
-// node_modules/ssh2/lib/protocol/crypto/build/Release/sshcrypto.node
-var require_sshcrypto = __commonJS((exports, module) => {
-  module.exports = __require("./sshcrypto-0209sx47.node");
-});
-
 // node_modules/ssh2/lib/protocol/crypto/poly1305.js
 var require_poly1305 = __commonJS((exports, module) => {
   var __dirname = "/home/runner/work/isol8/isol8/node_modules/ssh2/lib/protocol/crypto", __filename = "/home/runner/work/isol8/isol8/node_modules/ssh2/lib/protocol/crypto/poly1305.js";
@@ -7420,7 +7415,7 @@ var require_crypto = __commonJS((exports, module) => {
   var ChaChaPolyDecipher;
   var GenericDecipher;
   try {
-    binding = require_sshcrypto();
+    binding = (()=>{throw new Error("Cannot require module "+"./crypto/build/Release/sshcrypto.node");})();
     ({
       AESGCMCipher,
       ChaChaPolyCipher,
@@ -54798,7 +54793,8 @@ function mergeConfig(defaults, overrides) {
     dependencies: {
       ...defaults.dependencies,
       ...overrides.dependencies
-    }
+    },
+    debug: overrides.debug ?? defaults.debug
   };
 }
 var DEFAULT_CONFIG;
@@ -54821,7 +54817,8 @@ var init_config = __esm(() => {
       autoPrune: true,
       maxContainerAgeMs: 3600000
     },
-    dependencies: {}
+    dependencies: {},
+    debug: false
   };
 });
 
@@ -54978,6 +54975,37 @@ var init_runtime = __esm(() => {
   RuntimeRegistry.register(DenoAdapter);
 });
 
+// src/utils/logger.ts
+var exports_logger = {};
+__export(exports_logger, {
+  logger: () => logger
+});
+
+class Logger {
+  debugMode = false;
+  setDebug(enabled) {
+    this.debugMode = enabled;
+  }
+  debug(...args) {
+    if (this.debugMode) {
+      console.log("[DEBUG]", ...args);
+    }
+  }
+  info(...args) {
+    console.log(...args);
+  }
+  warn(...args) {
+    console.warn("[WARN]", ...args);
+  }
+  error(...args) {
+    console.error("[ERROR]", ...args);
+  }
+}
+var logger;
+var init_logger = __esm(() => {
+  logger = new Logger;
+});
+
 // src/engine/concurrency.ts
 class Semaphore {
   max;
@@ -55086,26 +55114,32 @@ class ContainerPool {
       ...this.createOptions,
       Image: image
     });
+    logger.debug(`[Pool] Container ${container.id} created for image: ${image}`);
     await container.start();
+    logger.debug(`[Pool] Container ${container.id} started`);
     return container;
   }
   replenish(image) {
     if (this.replenishing.has(image)) {
+      logger.debug(`[Pool] Replenishment for ${image} already in progress`);
       return;
     }
     this.replenishing.add(image);
+    logger.debug(`[Pool] Starting background replenishment for image: ${image}`);
     const promise = this.createContainer(image).then((container) => {
       const pool = this.pools.get(image) ?? [];
       if (pool.length < this.poolSize) {
         pool.push({ container, createdAt: Date.now() });
         this.pools.set(image, pool);
+        logger.debug(`[Pool] Replenished container ${container.id} added to pool for ${image}. Pool size: ${pool.length}`);
       } else {
+        logger.debug(`[Pool] Replenished container ${container.id} not needed (pool for ${image} is full), destroying`);
         container.remove({ force: true }).catch((err) => {
-          console.error(`[Pool] Error destroying unneeded replenished container ${container.id}:`, err);
+          logger.error(`[Pool] Error destroying unneeded replenished container ${container.id}:`, err);
         });
       }
     }).catch((err) => {
-      console.error(`[Pool] Error during replenishment for ${image}:`, err);
+      logger.error(`[Pool] Error during replenishment for ${image}:`, err);
     }).finally(() => {
       this.replenishing.delete(image);
       this.pendingReplenishments.delete(promise);
@@ -55113,6 +55147,9 @@ class ContainerPool {
     this.pendingReplenishments.add(promise);
   }
 }
+var init_pool = __esm(() => {
+  init_logger();
+});
 
 // src/engine/utils.ts
 var exports_utils = {};
@@ -55309,7 +55346,7 @@ function getInstallCommand(runtime, packages) {
 }
 async function installPackages(container, runtime, packages) {
   const cmd = getInstallCommand(runtime, packages);
-  console.error(`[DEBUG] Installing packages: ${JSON.stringify(cmd)}`);
+  logger.debug(`Installing packages: ${JSON.stringify(cmd)}`);
   const env2 = [
     "PATH=/sandbox/.local/bin:/sandbox/.npm-global/bin:/sandbox/.bun-global/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin"
   ];
@@ -55373,6 +55410,7 @@ class DockerIsol8 {
   semaphore;
   sandboxSize;
   tmpSize;
+  persist;
   container = null;
   persistentRuntime = null;
   pool = null;
@@ -55392,6 +55430,10 @@ class DockerIsol8 {
     this.semaphore = new Semaphore(maxConcurrent);
     this.sandboxSize = options.sandboxSize ?? "512m";
     this.tmpSize = options.tmpSize ?? "256m";
+    this.persist = options.persist ?? false;
+    if (options.debug) {
+      logger.setDebug(true);
+    }
   }
   async start() {}
   async stop() {
@@ -55499,9 +55541,13 @@ class DockerIsol8 {
         const execStream = await exec.start({ Tty: false });
         yield* this.streamExecOutput(execStream, exec, container, timeoutMs);
       } finally {
-        try {
-          await container.remove({ force: true });
-        } catch {}
+        if (this.persist) {
+          logger.debug(`[Persist] Leaving container running for inspection: ${container.id}`);
+        } else {
+          try {
+            await container.remove({ force: true });
+          } catch {}
+        }
       }
     } finally {
       this.semaphore.release();
@@ -55589,7 +55635,11 @@ class DockerIsol8 {
         ...req.outputPaths ? { files: await this.retrieveFiles(container, req.outputPaths) } : {}
       };
     } finally {
-      await this.pool.release(container, image);
+      if (this.persist) {
+        logger.debug(`[Persist] Leaving container running for inspection: ${container.id}`);
+      } else {
+        await this.pool.release(container, image);
+      }
     }
   }
   async executePersistent(req) {
@@ -55889,6 +55939,8 @@ class DockerIsol8 {
 var import_dockerode, SANDBOX_WORKDIR = "/sandbox", MAX_OUTPUT_BYTES, PROXY_PORT = 8118, PROXY_STARTUP_TIMEOUT_MS = 5000, PROXY_POLL_INTERVAL_MS = 100;
 var init_docker = __esm(() => {
   init_runtime();
+  init_logger();
+  init_pool();
   import_dockerode = __toESM(require_docker(), 1);
   MAX_OUTPUT_BYTES = 1024 * 1024;
 });
@@ -57665,7 +57717,7 @@ var init_server = __esm(() => {
 });
 
 // src/cli.ts
-import { existsSync as existsSync2, readFileSync as readFileSync2, writeFileSync } from "node:fs";
+import { existsSync as existsSync3, readFileSync as readFileSync2, writeFileSync } from "node:fs";
 import { homedir as homedir2 } from "node:os";
 import { join as join2, resolve as resolve2 } from "node:path";
 
@@ -61061,7 +61113,15 @@ init_docker();
 
 // src/engine/image-builder.ts
 init_runtime();
-var DOCKERFILE_DIR = new URL("../../docker", import.meta.url).pathname;
+import { existsSync as existsSync2 } from "node:fs";
+function resolveDockerDir() {
+  const fromBundled = new URL("../docker", import.meta.url).pathname;
+  if (existsSync2(fromBundled)) {
+    return fromBundled;
+  }
+  return new URL("../../docker", import.meta.url).pathname;
+}
+var DOCKERFILE_DIR = resolveDockerDir();
 async function buildBaseImages(docker, onProgress) {
   const runtimes = RuntimeRegistry.list();
   for (const adapter of runtimes) {
@@ -61231,7 +61291,7 @@ program2.command("setup").description("Check Docker and build isol8 images").opt
   console.log(`
 [DONE] Setup complete!`);
 });
-program2.command("run").description("Execute code in isol8").argument("[file]", "Script file to execute").option("-e, --eval <code>", "Execute inline code string").option("-r, --runtime <name>", "Force runtime (python, node, bun, deno, bash)").option("--net <mode>", "Network mode: none, host, filtered", "none").option("--allow <regex>", "Whitelist regex for filtered mode (repeatable)", collect, []).option("--deny <regex>", "Blacklist regex for filtered mode (repeatable)", collect, []).option("--out <file>", "Write output to file").option("--persistent", "Use persistent container").option("--timeout <ms>", "Execution timeout in milliseconds").option("--memory <limit>", "Memory limit (e.g. 512m, 1g)").option("--cpu <limit>", "CPU limit as fraction (e.g. 0.5, 2.0)").option("--image <name>", "Override Docker image").option("--pids-limit <n>", "Maximum number of processes").option("--writable", "Disable read-only root filesystem").option("--max-output <bytes>", "Maximum output size in bytes").option("--secret <KEY=VALUE>", "Secret env var (repeatable, values masked)", collect, []).option("--sandbox-size <size>", "Sandbox tmpfs size (e.g. 128m)").option("--tmp-size <size>", "Tmp tmpfs size (e.g. 256m, 512m)").option("--stdin <data>", "Data to pipe to stdin").option("--install <package>", "Install package for runtime (repeatable)", collect, []).option("--host <url>", "Execute on remote server").option("--key <key>", "API key for remote server").option("--no-stream", "Disable real-time output streaming").action(async (file, opts) => {
+program2.command("run").description("Execute code in isol8").argument("[file]", "Script file to execute").option("-e, --eval <code>", "Execute inline code string").option("-r, --runtime <name>", "Force runtime (python, node, bun, deno, bash)").option("--net <mode>", "Network mode: none, host, filtered", "none").option("--allow <regex>", "Whitelist regex for filtered mode (repeatable)", collect, []).option("--deny <regex>", "Blacklist regex for filtered mode (repeatable)", collect, []).option("--out <file>", "Write output to file").option("--persistent", "Use persistent container").option("--timeout <ms>", "Execution timeout in milliseconds").option("--memory <limit>", "Memory limit (e.g. 512m, 1g)").option("--cpu <limit>", "CPU limit as fraction (e.g. 0.5, 2.0)").option("--image <name>", "Override Docker image").option("--pids-limit <n>", "Maximum number of processes").option("--writable", "Disable read-only root filesystem").option("--max-output <bytes>", "Maximum output size in bytes").option("--secret <KEY=VALUE>", "Secret env var (repeatable, values masked)", collect, []).option("--sandbox-size <size>", "Sandbox tmpfs size (e.g. 128m)").option("--tmp-size <size>", "Tmp tmpfs size (e.g. 256m, 512m)").option("--stdin <data>", "Data to pipe to stdin").option("--install <package>", "Install package for runtime (repeatable)", collect, []).option("--host <url>", "Execute on remote server").option("--key <key>", "API key for remote server").option("--no-stream", "Disable real-time output streaming").option("--debug", "Enable debug logging").option("--persist", "Keep container running after execution for inspection").action(async (file, opts) => {
   const { code, runtime, engineOptions, engine, stdinData, fileExtension } = await resolveRunInput(file, opts);
   const cleanup = async () => {
     await engine.stop();
@@ -61330,7 +61390,7 @@ program2.command("config").description("Show the resolved isol8 configuration").
     join2(resolve2(process.cwd()), "isol8.config.json"),
     join2(homedir2(), ".isol8", "config.json")
   ];
-  const loadedFrom = searchPaths.find((p) => existsSync2(p));
+  const loadedFrom = searchPaths.find((p) => existsSync3(p));
   if (opts.json) {
     console.log(JSON.stringify(config, null, 2));
     return;
@@ -61455,7 +61515,7 @@ async function resolveRunInput(file, opts) {
     runtime = opts.runtime ?? "python";
   } else if (file) {
     const filePath = resolve2(file);
-    if (!existsSync2(filePath)) {
+    if (!existsSync3(filePath)) {
       console.error(`[ERR] File not found: ${file}`);
       process.exit(1);
     }
@@ -61492,8 +61552,14 @@ async function resolveRunInput(file, opts) {
     ...opts.pidsLimit ? { pidsLimit: Number.parseInt(opts.pidsLimit, 10) } : {},
     ...opts.writable ? { readonlyRootFs: false } : {},
     ...opts.maxOutput ? { maxOutputSize: Number.parseInt(opts.maxOutput, 10) } : {},
-    ...opts.tmpSize ? { tmpSize: opts.tmpSize } : {}
+    ...opts.tmpSize ? { tmpSize: opts.tmpSize } : {},
+    debug: opts.debug ?? config.debug,
+    persist: opts.persist ?? false
   };
+  if (engineOptions.debug) {
+    const { logger: logger2 } = await Promise.resolve().then(() => (init_logger(), exports_logger));
+    logger2.setDebug(true);
+  }
   let fileExtension;
   if (file) {
     const ext = file.substring(file.lastIndexOf("."));
@@ -61534,4 +61600,4 @@ if (!process.argv.slice(2).length) {
 }
 program2.parse();
 
-//# debugId=E455279A70D3A2C764756E2164756E21
+//# debugId=E350C5AB2EA12EB364756E2164756E21