sandboxbox 1.2.0 → 1.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/container.js +138 -1
- package/package.json +1 -1
package/container.js
CHANGED
|
@@ -217,6 +217,87 @@ echo "⚠️ Note: Chromium-only (Firefox/WebKit need glibc - use Ubuntu)"
|
|
|
217
217
|
// Resolve project directory
|
|
218
218
|
const resolvedProjectDir = resolve(projectDir);
|
|
219
219
|
|
|
220
|
+
// First, try full namespace isolation
|
|
221
|
+
try {
|
|
222
|
+
console.log('🎯 Attempting full namespace isolation...');
|
|
223
|
+
return await this.runPlaywrightWithNamespaces(options);
|
|
224
|
+
} catch (error) {
|
|
225
|
+
console.log(`⚠️ Namespace isolation failed: ${error.message}`);
|
|
226
|
+
console.log('🔄 Falling back to basic isolation mode...\n');
|
|
227
|
+
return await this.runPlaywrightBasic(options);
|
|
228
|
+
}
|
|
229
|
+
}
|
|
230
|
+
|
|
231
|
+
/**
|
|
232
|
+
* Run simple container test without Playwright (for testing purposes)
|
|
233
|
+
*/
|
|
234
|
+
async runSimpleTest(options = {}) {
|
|
235
|
+
const { projectDir = '.', testCommand = 'echo "Container is working!" && ls -la /workspace' } = options;
|
|
236
|
+
const resolvedProjectDir = resolve(projectDir);
|
|
237
|
+
|
|
238
|
+
console.log('🧪 Running simple container test...\n');
|
|
239
|
+
|
|
240
|
+
// Try basic isolation first
|
|
241
|
+
try {
|
|
242
|
+
console.log('🎯 Attempting basic isolation...');
|
|
243
|
+
return await this.runBasicTest(options);
|
|
244
|
+
} catch (error) {
|
|
245
|
+
console.log(`⚠️ Basic test failed: ${error.message}`);
|
|
246
|
+
console.log('🔄 Running without isolation...\n');
|
|
247
|
+
return this.runWithoutIsolation(options);
|
|
248
|
+
}
|
|
249
|
+
}
|
|
250
|
+
|
|
251
|
+
/**
|
|
252
|
+
* Run basic test in container
|
|
253
|
+
*/
|
|
254
|
+
async runBasicTest(options = {}) {
|
|
255
|
+
const { projectDir = '.', testCommand = 'echo "Container is working!" && ls -la /workspace' } = options;
|
|
256
|
+
const resolvedProjectDir = resolve(projectDir);
|
|
257
|
+
|
|
258
|
+
// Simplified bubblewrap command
|
|
259
|
+
const bwrapCmd = [
|
|
260
|
+
bubblewrap.findBubblewrap(),
|
|
261
|
+
'--bind', resolvedProjectDir, '/workspace',
|
|
262
|
+
'--chdir', '/workspace',
|
|
263
|
+
'--tmpfs', '/tmp',
|
|
264
|
+
'/bin/sh', '-c', testCommand
|
|
265
|
+
];
|
|
266
|
+
|
|
267
|
+
console.log(`🚀 Running: ${testCommand}`);
|
|
268
|
+
console.log(`📁 Project directory: ${resolvedProjectDir}`);
|
|
269
|
+
console.log(`🎯 Sandbox isolation: basic mode\n`);
|
|
270
|
+
|
|
271
|
+
return this.executeCommand(bwrapCmd, resolvedProjectDir);
|
|
272
|
+
}
|
|
273
|
+
|
|
274
|
+
/**
|
|
275
|
+
* Run without any isolation (last resort)
|
|
276
|
+
*/
|
|
277
|
+
async runWithoutIsolation(options = {}) {
|
|
278
|
+
const { projectDir = '.', testCommand = 'echo "Container is working!" && ls -la' } = options;
|
|
279
|
+
const resolvedProjectDir = resolve(projectDir);
|
|
280
|
+
|
|
281
|
+
console.log(`🚀 Running without isolation: ${testCommand}`);
|
|
282
|
+
console.log(`📁 Project directory: ${resolvedProjectDir}`);
|
|
283
|
+
console.log(`🎯 Sandbox isolation: none\n`);
|
|
284
|
+
|
|
285
|
+
try {
|
|
286
|
+
execSync(testCommand, { stdio: 'inherit', cwd: resolvedProjectDir });
|
|
287
|
+
console.log('\n✅ Test completed successfully!');
|
|
288
|
+
return 0;
|
|
289
|
+
} catch (error) {
|
|
290
|
+
throw new Error(`Test failed: ${error.message}`);
|
|
291
|
+
}
|
|
292
|
+
}
|
|
293
|
+
|
|
294
|
+
/**
|
|
295
|
+
* Run Playwright with full namespace isolation (ideal mode)
|
|
296
|
+
*/
|
|
297
|
+
async runPlaywrightWithNamespaces(options = {}) {
|
|
298
|
+
const { projectDir = '.', testCommand = 'npx playwright test', mountProject = true } = options;
|
|
299
|
+
const resolvedProjectDir = resolve(projectDir);
|
|
300
|
+
|
|
220
301
|
// Build bubblewrap command with proper namespace isolation
|
|
221
302
|
const bwrapCmd = [
|
|
222
303
|
bubblewrap.findBubblewrap(),
|
|
@@ -289,6 +370,48 @@ echo "⚠️ Note: Chromium-only (Firefox/WebKit need glibc - use Ubuntu)"
|
|
|
289
370
|
console.log(`📁 Project directory: ${resolvedProjectDir}`);
|
|
290
371
|
console.log(`🎯 Sandbox isolation: full bubblewrap namespace isolation\n`);
|
|
291
372
|
|
|
373
|
+
return this.executeCommand(fullCmd, resolvedProjectDir);
|
|
374
|
+
}
|
|
375
|
+
|
|
376
|
+
/**
|
|
377
|
+
* Run Playwright with basic isolation (fallback mode for limited environments)
|
|
378
|
+
*/
|
|
379
|
+
async runPlaywrightBasic(options = {}) {
|
|
380
|
+
const { projectDir = '.', testCommand = 'npx playwright test', mountProject = true } = options;
|
|
381
|
+
const resolvedProjectDir = resolve(projectDir);
|
|
382
|
+
|
|
383
|
+
console.log('🎯 Running in basic isolation mode (limited features)...');
|
|
384
|
+
|
|
385
|
+
// Simplified bubblewrap command without namespaces
|
|
386
|
+
const bwrapCmd = [
|
|
387
|
+
bubblewrap.findBubblewrap(),
|
|
388
|
+
|
|
389
|
+
// Basic filesystem
|
|
390
|
+
'--bind', resolvedProjectDir, '/workspace',
|
|
391
|
+
'--chdir', '/workspace',
|
|
392
|
+
'--tmpfs', '/tmp',
|
|
393
|
+
'--share-net', // Keep network access
|
|
394
|
+
|
|
395
|
+
// Essential environment variables
|
|
396
|
+
'--setenv', 'PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1',
|
|
397
|
+
'--setenv', 'PLAYWRIGHT_CHROMIUM_EXECUTABLE_PATH=/usr/bin/chromium-browser',
|
|
398
|
+
'--setenv', 'CHROMIUM_FLAGS=--no-sandbox --disable-dev-shm-usage --disable-gpu',
|
|
399
|
+
|
|
400
|
+
// Run command directly without wrapper script
|
|
401
|
+
'/bin/sh', '-c', testCommand
|
|
402
|
+
];
|
|
403
|
+
|
|
404
|
+
console.log(`🚀 Running: ${testCommand}`);
|
|
405
|
+
console.log(`📁 Project directory: ${resolvedProjectDir}`);
|
|
406
|
+
console.log(`🎯 Sandbox isolation: basic mode (limited namespaces)\n`);
|
|
407
|
+
|
|
408
|
+
return this.executeCommand(bwrapCmd, resolvedProjectDir);
|
|
409
|
+
}
|
|
410
|
+
|
|
411
|
+
/**
|
|
412
|
+
* Execute bubblewrap command with proper error handling
|
|
413
|
+
*/
|
|
414
|
+
executeCommand(fullCmd, resolvedProjectDir) {
|
|
292
415
|
try {
|
|
293
416
|
// Execute with spawn for better control
|
|
294
417
|
const child = spawn(fullCmd[0], fullCmd.slice(1), {
|
|
@@ -446,7 +569,21 @@ Requirements:
|
|
|
446
569
|
|
|
447
570
|
} else if (args[0] === 'run') {
|
|
448
571
|
const projectDir = args[1] || '.';
|
|
449
|
-
|
|
572
|
+
|
|
573
|
+
// First try simple test to verify container works
|
|
574
|
+
console.log('🧪 Testing container functionality...\n');
|
|
575
|
+
try {
|
|
576
|
+
await container.runSimpleTest({ projectDir });
|
|
577
|
+
console.log('✅ Container test successful!\n');
|
|
578
|
+
|
|
579
|
+
// Now try Playwright
|
|
580
|
+
console.log('🎭 Running Playwright tests...\n');
|
|
581
|
+
await container.runPlaywright({ projectDir });
|
|
582
|
+
} catch (error) {
|
|
583
|
+
console.log(`⚠️ Container test failed: ${error.message}`);
|
|
584
|
+
console.log('🚫 Skipping Playwright tests due to container issues\n');
|
|
585
|
+
throw error;
|
|
586
|
+
}
|
|
450
587
|
|
|
451
588
|
} else if (args[0] === 'shell') {
|
|
452
589
|
const projectDir = args[1] || '.';
|