Sandbox importing #1187
Sandbox importing #1187
Conversation
… non-passthroughs
|
|
||
| @staticmethod | ||
| @contextmanager | ||
| def sandbox_import_notification_policy( |
There was a problem hiding this comment.
Hrmm, remind me, did we decide not to have a kind of with workflow.intentional_import_reload(): type of thing yet? I know you can do it here with the policy altering, but I think I remember we decided to not do the nicer sugared form at this time, just confirming.
There was a problem hiding this comment.
My thought here was that this could be combined with the pre-defined policies to achieve a similar effect. It's a bit more wordy but feels okay to me to use something like
with workflow.unsafe.sandbox_import_notification_policy(
SandboxRestrictions.import_notification_policy_silent
):
#...That being said, I think it makes just as much sense to have a method like you're suggesting that applies the correct policy. I put a little time into thinking about this before opening the PR but couldn't settle on any wording that would make the behavior being applied immediately obvious. Very happy to add any options you'd recommend and/or remove this one.
There was a problem hiding this comment.
I think we can leave off a with workflow.intentional_import_reload() helper for now, mainly because I don't think it'd be common
There was a problem hiding this comment.
Sounds good. Along these same lines, do you still think it's worth removing the various static helpers per your other comment? I think either way makes sense. IMO they're helpful, but as you pointed out are pretty straightforward to reason about even without them.
There was a problem hiding this comment.
I do think it's still worth removing them. Having static, wordy helper constants just to help you set an enum flag seems a bit off. The ergonomics of setting an enum flag are good enough on their own IMO.
| fully qualified path to the item. | ||
| """ | ||
|
|
||
| import_notification_policy: temporalio.workflow.SandboxImportNotificationPolicy |
There was a problem hiding this comment.
I think we should set the default here, it's a backwards incompatible change to add a new required field here (and then not set it in our tests in the global/general area)
There was a problem hiding this comment.
Good catch. Making this change now.
… rather than requiring it.
What was changed
temporalio.worfklow.SandboxImportNotificationPolicyenum.SandboxRestrictions.import_notification_policysetting to control the notification policy for imports processed by the sandbox.workflow.unsafeto allow overriding theSandboxImportNotificationPolicyset on the configuredSandboxRestritions.RestrictionContext.in_activationfield to indicate if the sandbox is handling an activation so we can differentiate between workflow load time._Importerto respect the override and configured policy to:SandboxRestrictions.defaultto useSandboxImportNotificationPolicy.WARN_ON_DYNAMIC_IMPORTSandboxImportNotificationPolicyflags toSandboxRestrictionsfor ease of use.Why?
The introduction of the new import notification policy aims to tackle two challenges SDK users face that are described in #790. The new behaviors can be combined to provide the desired level of verbosity.
Increase Visibility into Dynamically Imported Modules
Some libraries will import modules as needed or as a result of a function call. In these cases, it may not be obvious to users that this is occurring and can cause unnecessary memory overhead. This new default setting will warn any time an import occurs during workflow task execution. Users may opt out of this warning by configuring the
SandboxRunnerwith aSandboxImportNotificationPolicyor by using the context managerworkflow.unsafe.sandbox_import_notification_policy.Increase Discoverability of Modules Requiring Passthrough
Some users prefer to ensure that imports used by the sandbox are explicitly passed through. The new opt-in settings of
SandboxImportNotificationPolicy.WARN_ON_UNINTENTIONAL_PASSTHROUGHandSandboxImportNotificationPolicy.RAISE_ON_UNINTENTIONAL_PASSTHROUGHallow users to discover any import that occurs in the sandbox that is not explicitly passed through. These settings are mutually exclusive and if both are set on the import notification policy,RAISE_ON_UNINTENTIONAL_PASSTHROUGHwill be respected. Users may opt into this behavior by configuring theSandboxRunnerwith aSandboxImportNotificationPolicyor by using the context managerworkflow.unsafe.sandbox_import_notification_policy.Checklist
Closes #790
How was this tested:
New tests were added to exercise a variety of policy combinations and verify that code run in an interceptor will also respect the new setting.
Any docs updates needed?