Add guest-only workspace secrets
Add explicit workspace secrets across the CLI, SDK, and MCP, with create-time secret definitions and per-call secret-to-env mapping for exec, shell open, and service start. Persist only safe secret metadata in workspace records, materialize secret files under /run/pyro-secrets, and redact secret values from exec output, shell reads, service logs, and surfaced errors. Fix the remaining real-guest shell gap by shipping bundled guest init alongside the guest agent and patching both into guest-backed workspace rootfs images before boot. The new init mounts devpts so PTY shells work on Firecracker guests, while reset continues to recreate the sandbox and re-materialize secrets from stored task-local secret material. Validation: uv lock; UV_CACHE_DIR=.uv-cache make check; UV_CACHE_DIR=.uv-cache make dist-check; and a real guest-backed Firecracker smoke covering workspace create with secrets, secret-backed exec, shell, service, reset, and delete.
This commit is contained in:
parent
18b8fd2a7d
commit
fc72fcd3a1
32 changed files with 1980 additions and 181 deletions
|
|
@ -57,12 +57,13 @@ def test_vsock_exec_client_round_trip(monkeypatch: pytest.MonkeyPatch) -> None:
|
|||
return stub
|
||||
|
||||
client = VsockExecClient(socket_factory=socket_factory)
|
||||
response = client.exec(1234, 5005, "echo ok", 30)
|
||||
response = client.exec(1234, 5005, "echo ok", 30, env={"TOKEN": "expected"})
|
||||
|
||||
assert response.exit_code == 0
|
||||
assert response.stdout == "ok\n"
|
||||
assert stub.connected == (1234, 5005)
|
||||
assert b'"command": "echo ok"' in stub.sent
|
||||
assert b'"env": {"TOKEN": "expected"}' in stub.sent
|
||||
assert stub.closed is True
|
||||
|
||||
|
||||
|
|
@ -105,6 +106,39 @@ def test_vsock_exec_client_upload_archive_round_trip(
|
|||
assert stub.closed is True
|
||||
|
||||
|
||||
def test_vsock_exec_client_install_secrets_round_trip(
|
||||
monkeypatch: pytest.MonkeyPatch, tmp_path: Path
|
||||
) -> None:
|
||||
monkeypatch.setattr(socket, "AF_VSOCK", 40, raising=False)
|
||||
archive_path = tmp_path / "secrets.tar"
|
||||
with tarfile.open(archive_path, "w") as archive:
|
||||
payload = b"expected\n"
|
||||
info = tarfile.TarInfo(name="API_TOKEN")
|
||||
info.size = len(payload)
|
||||
archive.addfile(info, io.BytesIO(payload))
|
||||
stub = StubSocket(
|
||||
b'{"destination":"/run/pyro-secrets","entry_count":1,"bytes_written":9}'
|
||||
)
|
||||
|
||||
def socket_factory(family: int, sock_type: int) -> StubSocket:
|
||||
assert family == socket.AF_VSOCK
|
||||
assert sock_type == socket.SOCK_STREAM
|
||||
return stub
|
||||
|
||||
client = VsockExecClient(socket_factory=socket_factory)
|
||||
response = client.install_secrets(1234, 5005, archive_path, timeout_seconds=60)
|
||||
|
||||
request_payload, archive_payload = stub.sent.split(b"\n", 1)
|
||||
request = json.loads(request_payload.decode("utf-8"))
|
||||
assert request["action"] == "install_secrets"
|
||||
assert int(request["archive_size"]) == archive_path.stat().st_size
|
||||
assert archive_payload == archive_path.read_bytes()
|
||||
assert response.destination == "/run/pyro-secrets"
|
||||
assert response.entry_count == 1
|
||||
assert response.bytes_written == 9
|
||||
assert stub.closed is True
|
||||
|
||||
|
||||
def test_vsock_exec_client_export_archive_round_trip(
|
||||
monkeypatch: pytest.MonkeyPatch, tmp_path: Path
|
||||
) -> None:
|
||||
|
|
@ -241,6 +275,8 @@ def test_vsock_exec_client_shell_round_trip(monkeypatch: pytest.MonkeyPatch) ->
|
|||
cwd="/workspace",
|
||||
cols=120,
|
||||
rows=30,
|
||||
env={"TOKEN": "expected"},
|
||||
redact_values=["expected"],
|
||||
)
|
||||
assert opened.shell_id == "shell-1"
|
||||
read = client.read_shell(1234, 5005, shell_id="shell-1", cursor=0, max_chars=1024)
|
||||
|
|
@ -260,6 +296,8 @@ def test_vsock_exec_client_shell_round_trip(monkeypatch: pytest.MonkeyPatch) ->
|
|||
open_request = json.loads(stubs[0].sent.decode("utf-8").strip())
|
||||
assert open_request["action"] == "open_shell"
|
||||
assert open_request["shell_id"] == "shell-1"
|
||||
assert open_request["env"] == {"TOKEN": "expected"}
|
||||
assert open_request["redact_values"] == ["expected"]
|
||||
|
||||
|
||||
def test_vsock_exec_client_service_round_trip(monkeypatch: pytest.MonkeyPatch) -> None:
|
||||
|
|
@ -348,6 +386,7 @@ def test_vsock_exec_client_service_round_trip(monkeypatch: pytest.MonkeyPatch) -
|
|||
readiness={"type": "file", "path": "/workspace/.ready"},
|
||||
ready_timeout_seconds=30,
|
||||
ready_interval_ms=500,
|
||||
env={"TOKEN": "expected"},
|
||||
)
|
||||
assert started["service_name"] == "app"
|
||||
status = client.status_service(1234, 5005, service_name="app")
|
||||
|
|
@ -359,6 +398,7 @@ def test_vsock_exec_client_service_round_trip(monkeypatch: pytest.MonkeyPatch) -
|
|||
start_request = json.loads(stubs[0].sent.decode("utf-8").strip())
|
||||
assert start_request["action"] == "start_service"
|
||||
assert start_request["service_name"] == "app"
|
||||
assert start_request["env"] == {"TOKEN": "expected"}
|
||||
|
||||
|
||||
def test_vsock_exec_client_raises_agent_error(monkeypatch: pytest.MonkeyPatch) -> None:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue