-
Notifications
You must be signed in to change notification settings - Fork 0
Real Execution Backends
The v0.1.29 delegating drivers (
container/remote/ci) become REAL — they actually drive docker/podman, a remote runner, and a CI job — opt-in, fail-closed, with evidence byte-stable againstnode. Shipped in v0.1.34. Repo doc:docs/real-execution-backends.7.md.
In v0.1.29 the three delegating drivers were contract-conformant stubs:
delegate() built a handle and returned completed with delegated:/handle:
evidence without running anything. v0.1.34 replaces that no-op so a delegated
task really executes, recording the SAME canonical evidence as the local drivers.
Drivers really execute now.
Same evidence, any backend.
The handle is provenance, not evidence.
Fail closed; never a fabricated completion.
A real delegated run records the SAME canonical evidence executeLocal produces —
command: / exitCode: / stdoutSha256: — so a container run of a task is
byte-stable against node after stripping provenance. The execution handle
(image@digest, endpoint#jobId) lives in provenance.handle and the sandbox
attestation in provenance.attestation — never in evidence. Eval/replay, the
verifier gates, the v0.1.28 registry, and the Workbench stay backend-agnostic.
-
container — real
docker/podman rununder the sandbox contract:--network nonewhen the profile restricts it, read-only workspace mount, filtered env (only the profile's exposed names; the image supplies its ownPATH/HOME). -
Daemon pre-flight (load-bearing fail-closed) — a present CLI with an
unreachable daemon must fail closed.
version --format {{.Server.Version}}returns the server version only when reachable; the container run's own exit code is not a reliable daemon-down signal across runtimes, so it is not relied upon. -
remote / ci — real HTTP POST-and-poll via a self-contained Node child
(global
fetch; portable, synchronous from CW's view). The runner's{exitCode, stdout}becomes the canonical evidence. -
Fail closed —
delegation-target-missing/no-command/runtime-unavailable/delegation-failed→status: "refused"with arefused:<code>line and nostdoutSha256:. A container command that genuinely runs and exits non-zero isfailed(a real result), distinct fromrefused(never ran). - CW delegates; it is not the executor — it drives docker/podman, a remote runner, or a CI job through a thin adapter and captures verifiable evidence; it never reimplements a container runtime or a CI system.
-
Backward compatible —
nodestays the default and reproduces pre-v0.1.29 behavior; real execution is strictly opt-in (explicit backend + a configured, available target). TheResultEnvelopeschema is unchanged.
This is what makes the v0.1.29 driver layer real without breaking its invariant:
because evidence is identical across backends, you can move a workload onto a
container or a remote/CI runner and every downstream system — replay, verifier,
registry, Workbench — behaves exactly the same. Verified live: CW's own
node dist/cli.js list through a real container produced byte-identical evidence
to the node backend.
- Execution Backends
- Architecture Principles
- Run Registry Control Plane
- CLI MCP Parity
- Repo doc:
plugins/cool-workflow/docs/real-execution-backends.7.md
Organized from local Obsidian notes and reconciled with the current
coo1white/cool-workflow repository state.
Start here
Go deeper
- Workflow Apps
- Architecture
- Trust And Audit
- Recovery And Restore
- Commands or API
- MCP And Manifests
- Operations
- FAQ
Source docs