tony/CHORUS
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8d9b62daf37ad7dc3f5f0a17966e5fe3a4e00361
CHORUS/Makefile
anthonyrawlins 8d9b62daf3 Phase 2: Implement Execution Environment Abstraction (v0.3.0) 
This commit implements Phase 2 of the CHORUS Task Execution Engine development plan,
providing a comprehensive execution environment abstraction layer with Docker
container sandboxing support.

## New Features

### Core Sandbox Interface
- Comprehensive ExecutionSandbox interface with isolated task execution
- Support for command execution, file I/O, environment management
- Resource usage monitoring and sandbox lifecycle management
- Standardized error handling with SandboxError types and categories

### Docker Container Sandbox Implementation
- Full Docker API integration with secure container creation
- Transparent repository mounting with configurable read/write access
- Advanced security policies with capability dropping and privilege controls
- Comprehensive resource limits (CPU, memory, disk, processes, file handles)
- Support for tmpfs mounts, masked paths, and read-only bind mounts
- Container lifecycle management with proper cleanup and health monitoring

### Security & Resource Management
- Configurable security policies with SELinux, AppArmor, and Seccomp support
- Fine-grained capability management with secure defaults
- Network isolation options with configurable DNS and proxy settings
- Resource monitoring with real-time CPU, memory, and network usage tracking
- Comprehensive ulimits configuration for process and file handle limits

### Repository Integration
- Seamless repository mounting from local paths to container workspaces
- Git configuration support with user credentials and global settings
- File inclusion/exclusion patterns for selective repository access
- Configurable permissions and ownership for mounted repositories

### Testing Infrastructure
- Comprehensive test suite with 60+ test cases covering all functionality
- Docker integration tests with Alpine Linux containers (skipped in short mode)
- Mock sandbox implementation for unit testing without Docker dependencies
- Security policy validation tests with read-only filesystem enforcement
- Resource usage monitoring and cleanup verification tests

## Technical Details

### Dependencies Added
- github.com/docker/docker v28.4.0+incompatible - Docker API client
- github.com/docker/go-connections v0.6.0 - Docker connection utilities
- github.com/docker/go-units v0.5.0 - Docker units and formatting
- Associated Docker API dependencies for complete container management

### Architecture
- Interface-driven design enabling multiple sandbox implementations
- Comprehensive configuration structures for all sandbox aspects
- Resource usage tracking with detailed metrics collection
- Error handling with retryable error classification
- Proper cleanup and resource management throughout sandbox lifecycle

### Compatibility
- Maintains backward compatibility with existing CHORUS architecture
- Designed for future integration with Phase 3 Core Task Execution Engine
- Extensible design supporting additional sandbox implementations (VM, process)

This Phase 2 implementation provides the foundation for secure, isolated task
execution that will be integrated with the AI model providers from Phase 1
in the upcoming Phase 3 development.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-25 14:28:08 +10:00

130 lines
4.0 KiB
Makefile
Raw Blame History

# CHORUS Multi-Binary Makefile
# Builds both chorus-agent and chorus-hap binaries
# Build configuration
BINARY_NAME_AGENT = chorus-agent
BINARY_NAME_HAP = chorus-hap
BINARY_NAME_COMPAT = chorus
VERSION ?= 0.3.0
COMMIT_HASH ?= $(shell git rev-parse --short HEAD 2>/dev/null || echo "unknown")
BUILD_DATE ?= $(shell date -u '+%Y-%m-%d_%H:%M:%S')
# Go build flags
LDFLAGS = -ldflags "-X main.version=$(VERSION) -X main.commitHash=$(COMMIT_HASH) -X main.buildDate=$(BUILD_DATE)"
BUILD_FLAGS = -v $(LDFLAGS)
# Directories
BUILD_DIR = build
CMD_DIR = cmd
# Default target
.PHONY: all
all: clean build
# Build all binaries (including compatibility wrapper)
.PHONY: build
build: build-agent build-hap build-compat
# Build autonomous agent binary
.PHONY: build-agent
build-agent:
@echo "🤖 Building CHORUS autonomous agent..."
@mkdir -p $(BUILD_DIR)
go build $(BUILD_FLAGS) -o $(BUILD_DIR)/$(BINARY_NAME_AGENT) ./$(CMD_DIR)/agent
@echo "✅ Agent binary built: $(BUILD_DIR)/$(BINARY_NAME_AGENT)"
# Build human agent portal binary
.PHONY: build-hap
build-hap:
@echo "👤 Building CHORUS human agent portal..."
@mkdir -p $(BUILD_DIR)
go build $(BUILD_FLAGS) -o $(BUILD_DIR)/$(BINARY_NAME_HAP) ./$(CMD_DIR)/hap
@echo "✅ HAP binary built: $(BUILD_DIR)/$(BINARY_NAME_HAP)"
# Build compatibility wrapper (deprecated)
.PHONY: build-compat
build-compat:
@echo "⚠️ Building CHORUS compatibility wrapper (deprecated)..."
@mkdir -p $(BUILD_DIR)
go build $(BUILD_FLAGS) -o $(BUILD_DIR)/$(BINARY_NAME_COMPAT) ./$(CMD_DIR)/chorus
@echo "✅ Compatibility wrapper built: $(BUILD_DIR)/$(BINARY_NAME_COMPAT)"
# Test compilation without building
.PHONY: test-compile
test-compile:
@echo "🔍 Testing compilation of both binaries..."
go build -o /dev/null ./$(CMD_DIR)/agent
go build -o /dev/null ./$(CMD_DIR)/hap
@echo "✅ Both binaries compile successfully"
# Run tests
.PHONY: test
test:
@echo "🧪 Running tests..."
go test -v ./...
# Clean build artifacts
.PHONY: clean
clean:
@echo "🧹 Cleaning build artifacts..."
rm -rf $(BUILD_DIR)
@echo "✅ Clean complete"
# Install both binaries to GOPATH/bin
.PHONY: install
install: build
@echo "📦 Installing binaries to GOPATH/bin..."
cp $(BUILD_DIR)/$(BINARY_NAME_AGENT) $(shell go env GOPATH)/bin/
cp $(BUILD_DIR)/$(BINARY_NAME_HAP) $(shell go env GOPATH)/bin/
@echo "✅ Binaries installed"
# Development helpers
.PHONY: run-agent
run-agent: build-agent
@echo "🚀 Running CHORUS agent..."
./$(BUILD_DIR)/$(BINARY_NAME_AGENT)
.PHONY: run-hap
run-hap: build-hap
@echo "🚀 Running CHORUS HAP..."
./$(BUILD_DIR)/$(BINARY_NAME_HAP)
# Docker builds
.PHONY: docker-agent
docker-agent:
@echo "🐳 Building Docker image for CHORUS agent..."
docker build -f docker/Dockerfile.agent -t chorus-agent:$(VERSION) .
.PHONY: docker-hap
docker-hap:
@echo "🐳 Building Docker image for CHORUS HAP..."
docker build -f docker/Dockerfile.hap -t chorus-hap:$(VERSION) .
.PHONY: docker
docker: docker-agent docker-hap
# Help
.PHONY: help
help:
@echo "CHORUS Multi-Binary Build System"
@echo ""
@echo "Targets:"
@echo " all - Clean and build both binaries (default)"
@echo " build - Build both binaries"
@echo " build-agent - Build autonomous agent binary only"
@echo " build-hap - Build human agent portal binary only"
@echo " test-compile - Test that both binaries compile"
@echo " test - Run tests"
@echo " clean - Remove build artifacts"
@echo " install - Install binaries to GOPATH/bin"
@echo " run-agent - Build and run agent"
@echo " run-hap - Build and run HAP"
@echo " docker - Build Docker images for both binaries"
@echo " docker-agent - Build Docker image for agent only"
@echo " docker-hap - Build Docker image for HAP only"
@echo " help - Show this help"
@echo ""
@echo "Environment Variables:"
@echo " VERSION - Version string (default: 0.1.0-dev)"
@echo " COMMIT_HASH - Git commit hash (auto-detected)"
@echo " BUILD_DATE - Build timestamp (auto-generated)"
Reference in New Issue View Git Blame Copy Permalink