feat(codapi): support go sandbox

2024-04-03 16:53:25 +08:00 · 2024-04-03 16:53:25 +08:00 · 5824ab066c
commit 5824ab066c
parent 530958f8ef
6 changed files with 123 additions and 1 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
 .vscode
--- a/configs/boxes.json
+++ b/configs/boxes.json
@ -1,5 +1,17 @@
 {
    "alpine": {
        "image": "codapi/alpine"
    },
    "go": {
        "image": "codapi/go",
        "runtime": "runc",
        "cpu": 2,
        "memory": 512,
        "network": "none",
        "writable": true,
        "volume": "%s:/sandbox:rw",
        "cap_drop": ["all"],
        "ulimit": ["nofile=96"],
        "nproc": 64
    }
 }
--- a/configs/commands/go.json
+++ b/configs/commands/go.json
@ -0,0 +1,12 @@
 {
    "run": {
        "engine": "docker",
        "entry": "main.go",
        "steps": [
            {
                "box": "go",
                "command": ["go", "run", "main.go"]
            }
        ]
    }
 }
--- a/configs/config.json
+++ b/configs/config.json
@ -15,7 +15,7 @@
    "step": {
        "user": "sandbox",
        "action": "run",
-        "timeout": 5,
+        "timeout": 30,
        "noutput": 4096
    }
 }
--- a/docs/add-sandbox.md
+++ b/docs/add-sandbox.md
@ -123,3 +123,94 @@ Which produces the following output:
    "stderr": ""
 }
 ```
 ## Go
 First, let's create a Docker image capable of running Go:
 ```sh
 cd /opt/codapi
 mkdir images/go
 touch images/go/Dockerfile
 ```
 Fill the `Dockerfile`:
 ```Dockerfile
 FROM golang:1.22.1-alpine3.19
 RUN adduser --home /sandbox --disabled-password sandbox
 USER sandbox
 WORKDIR /sandbox
 ```
 Build the image:
 ```sh
 docker build --file images/go/Dockerfile --tag codapi/go:latest images/go/
 ```
 And register the image as a Codapi _box_ in `configs/boxes.json`:
 ```json
 {
    // ...
    "go": {
        "image": "codapi/go",
        "runtime": "runc",
        "cpu": 2,
        "memory": 512,
        "network": "none",
        "writable": true,
        "volume": "%s:/sandbox:rw",
        "cap_drop": ["all"],
        "ulimit": ["nofile=96"],
        "nproc": 64
    }
 }
 ```
 Finally, let's configure what happens when the client executes the `run` command in the `go` sandbox. To do this, we create `configs/commands/go.json`:
 ```json
 {
    "run": {
        "engine": "docker",
        "entry": "main.go",
        "steps": [
            {
                "box": "go",
                "command": ["go", "run", "main.go"]
            }
        ]
    }
 }
 ```
 This is essentially what it says:
 > When the client executes the `run` command in the `go` sandbox, save their code to the `main.go` file, then run it in the `go` box (Docker container) using the `go run main.go` shell command.
 To apply the changed configuration, restart Codapi (as root):
 ```sh
 systemctl restart codapi.service
 ```
 And try running some go code:
 ```sh
 curl -H "content-type: application/json" -d '{"sandbox":"go","version":"","command":"run","files":{"":"package main\nimport (\n    \"fmt\"\n)\n\nfunc main() {\n    fmt.Println(\"hello\")\n}"}}' http://localhost:1313/v1/exec
 ```
 Which produces the following output:
 ```json
 {
    "id": "go_run_f9592410",
    "ok": true,
    "duration": 10839,
    "stdout": "hello",
    "stderr": ""
 }
 ```
--- a/images/go/Dockerfile
+++ b/images/go/Dockerfile
@ -0,0 +1,6 @@
 FROM golang:1.22.1-alpine3.19
 RUN adduser --home /sandbox --disabled-password sandbox
 USER sandbox
 WORKDIR /sandbox