- Updated ImageRegistry to use public Docker Hub (anthonyrawlins namespace)
- Modified image naming: chorus-base, chorus-rust-dev, chorus-go-dev, etc.
- Added Docker Hub URLs and actual image sizes to metadata
- Created comprehensive TaskExecutionEngine.md documentation covering:
* Complete architecture and implementation details
* Security isolation layers and threat mitigation
* Performance characteristics and benchmarks
* Real-world examples with resource usage metrics
* Troubleshooting guide and FAQ
* Comparisons with alternative approaches (SSH, VMs, native)
Images now publicly available at docker.io/anthonyrawlins/chorus-*
🤖 Generated with Claude Code (https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Integrate chorus-dev-images repository with automatic language detection
and appropriate development container selection.
New features:
- ImageSelector for automatic language-to-image mapping
- Language detection from task context, description, and repository
- Standardized workspace environment variables
- Support for 7 development environments (Rust, Go, Python, Node, Java, C++)
Changes:
- pkg/execution/images.go (new): Image selection and language detection logic
- pkg/execution/engine.go: Modified createSandboxConfig to use ImageSelector
This ensures agents automatically get the right tools for their tasks without
manual configuration.
Related: https://gitea.chorus.services/tony/chorus-dev-images🤖 Generated with Claude Code (https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This commit implements Phase 3 of the CHORUS task execution engine development plan,
replacing the mock implementation with a real AI-powered task execution system.
## Major Components Added:
### TaskExecutionEngine (pkg/execution/engine.go)
- Complete AI-powered task execution orchestration
- Bridges AI providers (Phase 1) with execution sandboxes (Phase 2)
- Configurable execution strategies and resource management
- Comprehensive task result processing and artifact handling
- Real-time metrics and monitoring integration
### Task Coordinator Integration (coordinator/task_coordinator.go)
- Replaced mock time.Sleep(10s) implementation with real AI execution
- Added initializeExecutionEngine() method for setup
- Integrated AI-powered execution with fallback to mock when needed
- Enhanced task result processing with execution metadata
- Improved task type detection and context building
### Key Features:
- **AI-Powered Execution**: Tasks are now processed by AI providers with appropriate role-based routing
- **Sandbox Integration**: Commands generated by AI are executed in secure Docker containers
- **Artifact Management**: Files and outputs generated during execution are properly captured
- **Performance Monitoring**: Detailed metrics tracking AI response time, sandbox execution time, and resource usage
- **Fallback Resilience**: Graceful fallback to mock execution when AI/sandbox systems are unavailable
- **Comprehensive Error Handling**: Proper error handling and logging throughout the execution pipeline
### Technical Implementation:
- Task execution requests are converted to AI prompts with contextual information
- AI responses are parsed to extract executable commands and file artifacts
- Commands are executed in isolated Docker containers with resource limits
- Results are aggregated with execution metrics and returned to the coordinator
- Full integration maintains backward compatibility while adding real execution capability
This completes the core execution engine and enables CHORUS agents to perform real AI-powered task execution
instead of simulated work, representing a major milestone in the autonomous agent capability.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
This commit implements Phase 2 of the CHORUS Task Execution Engine development plan,
providing a comprehensive execution environment abstraction layer with Docker
container sandboxing support.
## New Features
### Core Sandbox Interface
- Comprehensive ExecutionSandbox interface with isolated task execution
- Support for command execution, file I/O, environment management
- Resource usage monitoring and sandbox lifecycle management
- Standardized error handling with SandboxError types and categories
### Docker Container Sandbox Implementation
- Full Docker API integration with secure container creation
- Transparent repository mounting with configurable read/write access
- Advanced security policies with capability dropping and privilege controls
- Comprehensive resource limits (CPU, memory, disk, processes, file handles)
- Support for tmpfs mounts, masked paths, and read-only bind mounts
- Container lifecycle management with proper cleanup and health monitoring
### Security & Resource Management
- Configurable security policies with SELinux, AppArmor, and Seccomp support
- Fine-grained capability management with secure defaults
- Network isolation options with configurable DNS and proxy settings
- Resource monitoring with real-time CPU, memory, and network usage tracking
- Comprehensive ulimits configuration for process and file handle limits
### Repository Integration
- Seamless repository mounting from local paths to container workspaces
- Git configuration support with user credentials and global settings
- File inclusion/exclusion patterns for selective repository access
- Configurable permissions and ownership for mounted repositories
### Testing Infrastructure
- Comprehensive test suite with 60+ test cases covering all functionality
- Docker integration tests with Alpine Linux containers (skipped in short mode)
- Mock sandbox implementation for unit testing without Docker dependencies
- Security policy validation tests with read-only filesystem enforcement
- Resource usage monitoring and cleanup verification tests
## Technical Details
### Dependencies Added
- github.com/docker/docker v28.4.0+incompatible - Docker API client
- github.com/docker/go-connections v0.6.0 - Docker connection utilities
- github.com/docker/go-units v0.5.0 - Docker units and formatting
- Associated Docker API dependencies for complete container management
### Architecture
- Interface-driven design enabling multiple sandbox implementations
- Comprehensive configuration structures for all sandbox aspects
- Resource usage tracking with detailed metrics collection
- Error handling with retryable error classification
- Proper cleanup and resource management throughout sandbox lifecycle
### Compatibility
- Maintains backward compatibility with existing CHORUS architecture
- Designed for future integration with Phase 3 Core Task Execution Engine
- Extensible design supporting additional sandbox implementations (VM, process)
This Phase 2 implementation provides the foundation for secure, isolated task
execution that will be integrated with the AI model providers from Phase 1
in the upcoming Phase 3 development.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
