mirror of
https://github.com/bytedance/deer-flow.git
synced 2026-05-25 17:36:00 +00:00
Willem Jiang
f9b7071304
* fix(sandbox): add group/other read permissions to uploaded files for Docker sandbox (#3127) When using AIO sandbox with LocalContainerBackend, uploaded files are created with 0o600 (owner-only) permissions by the gateway process running as root. The sandbox process inside the Docker container runs as a non-root user and cannot read these bind-mounted files, causing a "Permission denied" error on read_file. Add `needs_upload_permission_adjustment` attribute to SandboxProvider (default True) to indicate that uploaded files need chmod adjustment. LocalSandboxProvider opts out (same user). A new `_make_file_sandbox_readable` function adds S_IRGRP | S_IROTH bits after files are written, changing permissions from 0o600 to 0o644 so the sandbox can read the uploads. fixes #3127 * fix(uploads): unconditionally adjust file permissions for sandbox access The conditional check meant uploaded files retained 0o600 permissions in some Docker sandbox configurations, preventing the sandbox process (UID 1000) from reading them. Always add group/other read bits so every sandbox setup can access uploaded content. Also add read bits to the sync-path writable helper as defense in depth.
122 lines
3.9 KiB
Python
122 lines
3.9 KiB
Python
import asyncio
|
|
from abc import ABC, abstractmethod
|
|
|
|
from deerflow.config import get_app_config
|
|
from deerflow.reflection import resolve_class
|
|
from deerflow.sandbox.sandbox import Sandbox
|
|
|
|
|
|
class SandboxProvider(ABC):
|
|
"""Abstract base class for sandbox providers"""
|
|
|
|
uses_thread_data_mounts: bool = False
|
|
needs_upload_permission_adjustment: bool = True
|
|
|
|
@abstractmethod
|
|
def acquire(self, thread_id: str | None = None) -> str:
|
|
"""Acquire a sandbox environment and return its ID.
|
|
|
|
Returns:
|
|
The ID of the acquired sandbox environment.
|
|
"""
|
|
pass
|
|
|
|
async def acquire_async(self, thread_id: str | None = None) -> str:
|
|
"""Acquire a sandbox without blocking the event loop.
|
|
|
|
Most sandbox providers expose a synchronous lifecycle API because local
|
|
Docker/provisioner operations are blocking. Async runtimes should call
|
|
this method so those blocking operations run in a worker thread instead
|
|
of stalling the event loop.
|
|
"""
|
|
return await asyncio.to_thread(self.acquire, thread_id)
|
|
|
|
@abstractmethod
|
|
def get(self, sandbox_id: str) -> Sandbox | None:
|
|
"""Get a sandbox environment by ID.
|
|
|
|
Args:
|
|
sandbox_id: The ID of the sandbox environment to retain.
|
|
"""
|
|
pass
|
|
|
|
@abstractmethod
|
|
def release(self, sandbox_id: str) -> None:
|
|
"""Release a sandbox environment.
|
|
|
|
Args:
|
|
sandbox_id: The ID of the sandbox environment to destroy.
|
|
"""
|
|
pass
|
|
|
|
def reset(self) -> None:
|
|
"""Clear cached state that survives provider instance replacement."""
|
|
pass
|
|
|
|
|
|
_default_sandbox_provider: SandboxProvider | None = None
|
|
|
|
|
|
def get_sandbox_provider(**kwargs) -> SandboxProvider:
|
|
"""Get the sandbox provider singleton.
|
|
|
|
Returns a cached singleton instance. Use `reset_sandbox_provider()` to clear
|
|
the cache, or `shutdown_sandbox_provider()` to properly shutdown and clear.
|
|
|
|
Returns:
|
|
A sandbox provider instance.
|
|
"""
|
|
global _default_sandbox_provider
|
|
if _default_sandbox_provider is None:
|
|
config = get_app_config()
|
|
cls = resolve_class(config.sandbox.use, SandboxProvider)
|
|
_default_sandbox_provider = cls(**kwargs)
|
|
return _default_sandbox_provider
|
|
|
|
|
|
def reset_sandbox_provider() -> None:
|
|
"""Reset the sandbox provider singleton.
|
|
|
|
This clears the cached instance without calling shutdown.
|
|
The next call to `get_sandbox_provider()` will create a new instance.
|
|
Useful for testing or when switching configurations.
|
|
|
|
Providers can override `reset()` to clear any module-level state they keep
|
|
alive across instances (for example, `LocalSandboxProvider`'s cached
|
|
`LocalSandbox` singleton). Without it, config/mount changes would not take
|
|
effect on the next acquire().
|
|
|
|
Note: If the provider has active sandboxes, they will be orphaned.
|
|
Use `shutdown_sandbox_provider()` for proper cleanup.
|
|
"""
|
|
global _default_sandbox_provider
|
|
if _default_sandbox_provider is not None:
|
|
_default_sandbox_provider.reset()
|
|
_default_sandbox_provider = None
|
|
|
|
|
|
def shutdown_sandbox_provider() -> None:
|
|
"""Shutdown and reset the sandbox provider.
|
|
|
|
This properly shuts down the provider (releasing all sandboxes)
|
|
before clearing the singleton. Call this when the application
|
|
is shutting down or when you need to completely reset the sandbox system.
|
|
"""
|
|
global _default_sandbox_provider
|
|
if _default_sandbox_provider is not None:
|
|
if hasattr(_default_sandbox_provider, "shutdown"):
|
|
_default_sandbox_provider.shutdown()
|
|
_default_sandbox_provider = None
|
|
|
|
|
|
def set_sandbox_provider(provider: SandboxProvider) -> None:
|
|
"""Set a custom sandbox provider instance.
|
|
|
|
This allows injecting a custom or mock provider for testing purposes.
|
|
|
|
Args:
|
|
provider: The SandboxProvider instance to use.
|
|
"""
|
|
global _default_sandbox_provider
|
|
_default_sandbox_provider = provider
|