eliott/openwork
1
0
Fork 0
mirror of https://github.com/different-ai/openwork synced 2026-04-25 17:15:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: add microsandbox sandbox flow and feature flag toggle (#1446)

Browse Source 
* add pre-baked microsandbox image

Bake openwork, openwork-server, and the pinned opencode binary into a single Docker image so micro-sandbox remote-connect smoke tests can boot quickly and be verified with curl and container health checks.

* add Rust microsandbox example

Add a standalone microsandbox SDK example that boots the OpenWork image, validates remote-connect endpoints, and streams sandbox logs so backend-only sandbox behavior can be exercised without Docker.

* exclude Rust example build output

Keep the standalone microsandbox example in git, but drop generated Cargo target artifacts so the branch only contains source, docs, and lockfile.

* test

* add microsandbox feature flag for sandbox creation

Made-with: Cursor

* refactor sandbox mode isolation

Made-with: Cursor
This commit is contained in:
ben
2026-04-15 15:10:52 -07:00
committed by GitHub
parent 9bd844c93d
commit 800602f4e3
27 changed files with 7120 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
scripts/build-microsandbox-openwork-image.sh Executable file
View File

@@ -0,0 +1,40 @@
#!/usr/bin/env bash
set -euo pipefail
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
DOCKERFILE="$ROOT_DIR/packaging/docker/Dockerfile.microsandbox"
IMAGE_REF="${1:-openwork-microsandbox:dev}"
DOCKER_PLATFORM="${DOCKER_PLATFORM:-}"
OPENCODE_VERSION="${OPENCODE_VERSION:-$(node -e 'const fs=require("fs"); const parsed=JSON.parse(fs.readFileSync(process.argv[1], "utf8")); process.stdout.write(String(parsed.opencodeVersion || "").trim().replace(/^v/, ""));' "$ROOT_DIR/constants.json")}"
OPENWORK_ORCHESTRATOR_VERSION="${OPENWORK_ORCHESTRATOR_VERSION:-$(node -e 'const fs=require("fs"); const pkg=JSON.parse(fs.readFileSync(process.argv[1], "utf8")); process.stdout.write(String(pkg.version));' "$ROOT_DIR/apps/orchestrator/package.json")}"
OPENWORK_SERVER_VERSION="${OPENWORK_SERVER_VERSION:-$(node -e 'const fs=require("fs"); const pkg=JSON.parse(fs.readFileSync(process.argv[1], "utf8")); process.stdout.write(String(pkg.version));' "$ROOT_DIR/apps/server/package.json")}"
args=(
build
-t "$IMAGE_REF"
-f "$DOCKERFILE"
--build-arg "OPENWORK_ORCHESTRATOR_VERSION=$OPENWORK_ORCHESTRATOR_VERSION"
--build-arg "OPENWORK_SERVER_VERSION=$OPENWORK_SERVER_VERSION"
--build-arg "OPENCODE_VERSION=$OPENCODE_VERSION"
)
if [ -n "$DOCKER_PLATFORM" ]; then
args+=(--platform "$DOCKER_PLATFORM")
fi
args+=("$ROOT_DIR")
printf 'Building micro-sandbox image %s\n' "$IMAGE_REF"
printf ' openwork-orchestrator@%s\n' "$OPENWORK_ORCHESTRATOR_VERSION"
printf ' openwork-server@%s\n' "$OPENWORK_SERVER_VERSION"
printf ' opencode@%s\n' "$OPENCODE_VERSION"
docker "${args[@]}"
printf '\nBuilt micro-sandbox image: %s\n' "$IMAGE_REF"
printf 'Run example:\n'
printf ' docker run --rm -p 8787:8787 -e OPENWORK_CONNECT_HOST=127.0.0.1 %s\n' "$IMAGE_REF"
printf 'Verify:\n'
printf ' curl http://127.0.0.1:8787/health\n'
printf ' curl -H "Authorization: Bearer microsandbox-token" http://127.0.0.1:8787/workspaces\n'