Conversation
Add backend-agnostic interfaces (Backend, Exec, NetworkPolicy) composed into a Sandbox interface, along with value types and a registry for plugin discovery. This is the first step toward decoupling cmd/ from truenas-go types. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
⬆️ Go test coverage increased from 25.4% to 47.0% compared to 14e472e
|
Add sandbox/truenas package wrapping internal/truenas, ssh, cache, and egress packages behind the backend-agnostic Sandbox interface. Exports sshArgs as Args in internal/ssh for custom exec.Cmd construction. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Convert list, start, stop, destroy, checkpoint, and network commands to use openSandbox() instead of directly calling internal packages. Commands that need complex flows (create, console, exec, sessions, status) remain on the old path for now. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
exec previously ran commands via a bare SSH session (non-login, non-interactive), so ~/.profile wasn't sourced and mise-managed tools (claude, opencode, codex, node) were invisible to PATH. Wrap the user's command in `bash -lc` with explicit mise activation so the environment matches what `pixels console` provides. Uses shellescape for proper POSIX quoting across SSH's argument concatenation. Falls back gracefully when mise isn't installed. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
apt-get install nftables hit an interactive conffile prompt because /etc/nftables.conf was already written by the egress file setup step. With no stdin attached, dpkg errored out with exit code 100. Set DEBIAN_FRONTEND=noninteractive and --force-confold to keep the existing config without prompting. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
sandboxpackage withBackend,Exec, andNetworkPolicyinterfaces composed intoSandboxInstance,Snapshot,CreateOpts, etc.) replacing direct truenas-go type leaksRegister/Openregistry for backend plugin discoveryTrueNAS backend extraction behind this interface will follow in this same PR.
Ref: #6
Test plan
go build ./sandbox/...compilesgo vet ./sandbox/...cleango test ./...all existing tests pass🤖 Generated with Claude Code