Skip to content

feat(server): docker runtime sandbox_env / sandbox_binds config#1303

Open
tea-artist wants to merge 1 commit into
opensandbox-group:mainfrom
teableio:docker-sandbox-env-binds
Open

feat(server): docker runtime sandbox_env / sandbox_binds config#1303
tea-artist wants to merge 1 commit into
opensandbox-group:mainfrom
teableio:docker-sandbox-env-binds

Conversation

@tea-artist

Copy link
Copy Markdown

Summary

Add two DockerConfig fields applied to every sandbox container created by the docker runtime:

  • sandbox_env: environment variables merged under the request's env (request keys win)
  • sandbox_binds: host bind mounts in Docker -v syntax, prepended to the binds derived from a request's volumes

Motivation

The Kubernetes runtime has a deployment-side pod template (batchsandbox_template_file) where operators can add fleet-wide mounts and environment variables. The docker runtime has no equivalent: sandbox env/mounts come only from each creation request, which the calling application controls.

The concrete case: when the services a sandbox calls back into present certificates from a private/corporate CA, tools inside the sandbox reject TLS (SELF_SIGNED_CERT_IN_CHAIN etc.). On Kubernetes this is solved in the pod template (mount the root CA + set NODE_EXTRA_CA_CERTS); on docker there was no operator-side hook at all. With this change:

[docker]
sandbox_binds = ["/opt/certs/root-ca.crt:/etc/ssl/private-ca/root-ca.crt:ro"]
sandbox_env = { NODE_EXTRA_CA_CERTS = "/etc/ssl/private-ca/root-ca.crt" }

Test plan

  • test_create_sandbox_applies_config_sandbox_env_and_binds: config env lands in the container, request env overrides same-named keys, config binds precede request volume binds
  • full server test suite passes
  • example.config.toml / example.config.zh.toml / configuration.md updated

Add two DockerConfig fields applied to every sandbox container:

- sandbox_env: environment variables merged under request env (request wins)
- sandbox_binds: host bind mounts (docker -v syntax), prepended to the binds
  derived from a request's volumes

They are the docker-runtime counterpart of the Kubernetes pod template
(batchsandbox_template_file): fleet-wide settings such as trusting a private
CA (mount the root CA via sandbox_binds and point NODE_EXTRA_CA_CERTS at it
via sandbox_env) previously had no deployment-side hook on the docker runtime.

Covered by test_create_sandbox_applies_config_sandbox_env_and_binds; examples
and configuration.md updated.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds docker-runtime operator-level defaults to apply environment variables and bind mounts to every sandbox container, aligning the Docker runtime with the Kubernetes pod-template capability for fleet-wide configuration (e.g., private CA trust injection).

Changes:

  • Introduces docker.sandbox_env and docker.sandbox_binds in DockerConfig, with request env keys overriding config defaults.
  • Applies docker.sandbox_binds to all sandbox containers by prepending them ahead of request-derived volume binds.
  • Updates tests and documentation/examples to reflect the new config options.

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
server/tests/test_docker_service.py Adds a test for config-level sandbox env/binds application (needs stronger assertion for bind ordering).
server/opensandbox_server/services/docker/docker_service.py Prepends docker.sandbox_binds ahead of request-derived binds in container host config.
server/opensandbox_server/services/docker/container_ops.py Merges docker.sandbox_env into sandbox env with request keys taking precedence.
server/opensandbox_server/examples/example.config.zh.toml Documents the new sandbox_env / sandbox_binds options (Chinese example).
server/opensandbox_server/examples/example.config.toml Documents the new sandbox_env / sandbox_binds options (English example).
server/opensandbox_server/config.py Adds sandbox_env / sandbox_binds fields to DockerConfig.
server/configuration.md Documents the new docker config fields (minor type-format inconsistency).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +210 to +229
with (
patch.object(service, "_ensure_image_available"),
patch.object(service, "_prepare_sandbox_runtime"),
patch(
"opensandbox_server.services.docker.docker_service.allocate_port_bindings",
return_value={
"44772": ("0.0.0.0", 40001),
"8080": ("0.0.0.0", 40002),
},
),
):
await service.create_sandbox(request)

environment = mock_client.api.create_container.call_args.kwargs["environment"]
assert "NODE_EXTRA_CA_CERTS=/etc/ssl/private-ca/root-ca.crt" in environment
assert "SHARED=request" in environment # request overrides the config default
assert "SHARED=config" not in environment
binds = mock_client.api.create_host_config.call_args.kwargs.get("binds")
assert binds == ["/opt/certs/root-ca.crt:/etc/ssl/private-ca/root-ca.crt:ro"]

Comment thread server/configuration.md
| `seccomp_profile` | string \| omitted | `null` | Seccomp profile name or **absolute path**; empty uses Docker default seccomp. |
| `pids_limit` | integer \| null | `4096` | Max PIDs per sandbox container; set to **`null`** to disable the limit. |
| `sandbox_env` | table | `{}` | Environment variables injected into **every** sandbox container; keys from a creation request override same-named keys. Docker-runtime counterpart of the Kubernetes pod template (e.g. `NODE_EXTRA_CA_CERTS` to trust a private CA, together with `sandbox_binds`). |
| `sandbox_binds` | string[] | `[]` | Host bind mounts applied to **every** sandbox container, Docker `-v` syntax (`host:container[:mode]`); prepended to binds derived from a request's `volumes`. |
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants