Skip to content

feat(orion-runner): proxy runner provisioning through mono with d…#2143

Merged
genedna merged 1 commit into
gitmono-dev:mainfrom
benjamin-747:main
Jul 3, 2026
Merged

feat(orion-runner): proxy runner provisioning through mono with d…#2143
genedna merged 1 commit into
gitmono-dev:mainfrom
benjamin-747:main

Conversation

@benjamin-747

Copy link
Copy Markdown
Collaborator

…omain-based env URLs

Add admin-only POST/GET /api/v1/orion/runners that forwards to orion-scheduler
/webhook and /status, plus Mega UI Start Runner with status polling on the OC
page. Mono derives git./orion. URLs from build.runner_connect_domain (TLS for
public domains) instead of UI-side URL stitching or scheduler targets lookup.
Status polling proxies scheduler /status only, without querying orion-server.

…in-based env URLs

    Add admin-only POST/GET /api/v1/orion/runners that forwards to orion-scheduler
    /webhook and /status, plus Mega UI Start Runner with status polling on the OC
    page. Mono derives git./orion. URLs from build.runner_connect_domain (TLS for
    public domains) instead of UI-side URL stitching or scheduler targets lookup.
    Status polling proxies scheduler /status only, without querying orion-server.
@benjamin-747 benjamin-747 requested a review from genedna July 3, 2026 09:38

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 083f0f4126

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment on lines +18 to +22
pub fn validate_runner_env(
server_ws: &str,
scorpio_base_url: &str,
scorpio_lfs_url: &str,
) -> Result<()> {

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Reject shell metacharacters in inline runner URLs

For direct POST /webhook callers, these URL fields are now request-controlled, but this validation only checks that they are non-empty before vm_manager::replace_env_vars_in_vm interpolates them into single-quoted sed shell commands. A value containing a single quote can break out of the sed script and execute arbitrary shell in the provisioned VM; previously these values came from the scheduler's server-side target config. Please parse/validate these as URLs and escape or avoid shell interpolation before passing them to the VM.

Useful? React with 👍 / 👎.

Comment on lines +91 to +93
let digest = payload.image_digest.clone().or_else(|| {
if path.is_some() || url.is_some() {
Some(default.image_digest.clone())

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Require digest when overriding the image source

When a webhook supplies a custom image_url or image_path but omits image_digest, this fallback fills in the default image digest, so build_image_spec no longer catches the missing digest and the custom image is verified against the checksum for a different image. That makes custom-image starts fail unexpectedly, or worse, ties validation to an unrelated default. Only apply the default digest when also using the default image source; explicit source overrides should still require an explicit digest.

Useful? React with 👍 / 👎.

@genedna genedna added this pull request to the merge queue Jul 3, 2026
Merged via the queue into gitmono-dev:main with commit 336c097 Jul 3, 2026
8 of 9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants