studio/wfe
2
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 3 Activity
66 Commits 1 Branch 4 Tags
d437e6ff369cc2c3a4cc361ec7726891831b35a1
Commit Graph

7 Commits

Author SHA1 Message Date
Sienna Meridian Satterwhite
d437e6ff36 chore: add CHANGELOG.md for v1.5.0 
Full changelog covering v1.0.0, v1.4.0, and v1.5.0 releases.
Also fix containerd integration test default address to handle
Lima socket forwarding gracefully.

879 tests passing. 88.8% coverage on wfe-rustlang.
 2026-03-29 17:13:14 +01:00
Sienna Meridian Satterwhite
93f1b726ce chore: bump version to 1.5.0 
Bump workspace version and all internal crate references to 1.5.0.
Add wfe-rustlang to workspace members and dependencies.
 2026-03-29 17:08:41 +01:00
Sienna Meridian Satterwhite
272ddf17c2 fix(wfe-containerd): fix remote daemon support 
Four bugs fixed in the containerd gRPC executor:

- Snapshot parent: resolve image chain ID from content store instead of
  using empty parent, which created rootless containers with no binaries
- I/O capture: replace FIFOs with regular files for stdout/stderr since
  FIFOs don't work across virtiofs filesystem boundaries (Lima VMs)
- Capabilities: grant Docker-default capability set (SETUID, SETGID,
  CHOWN, etc.) when running as root so apt-get and similar tools work
- Shell path: use /bin/sh instead of sh in process args since container
  PATH may be empty

Also adds WFE_IO_DIR env var for shared filesystem support with remote
daemons, and documents the remote daemon setup in lib.rs.
 2026-03-29 16:56:59 +01:00
Sienna Meridian Satterwhite
a7c2eb1d9b chore: add sunbeam registry annotations for crate publishing 2026-03-27 00:35:42 +00:00
Sienna Meridian Satterwhite
ed9c97ca32 fix: add host_context field to container executor test contexts 2026-03-26 23:37:24 +00:00
Sienna Meridian Satterwhite
27ce28e2ea feat(wfe-containerd): rewrite to use generated containerd gRPC protos 
Replaced nerdctl CLI shell-out with direct gRPC communication via
wfe-containerd-protos (tonic 0.14). Connects to containerd daemon
over Unix socket.

Implementation:
- connect() with tonic Unix socket connector
- ensure_image() via ImagesClient (full pull is TODO)
- build_oci_spec() constructing OCI runtime spec with process args,
  env, user, cwd, mounts, and linux namespaces
- Container lifecycle: create → snapshot → task create → start →
  wait → read FIFOs → cleanup
- containerd-namespace header injection on every request

FIFO-based stdout/stderr capture using named pipes.
40 tests, 88% line coverage (cargo-llvm-cov).
 2026-03-26 12:11:28 +00:00
Sienna Meridian Satterwhite
30b26ca5f0 feat(wfe-buildkit, wfe-containerd): add container executor crates 
Standalone workspace crates for BuildKit image building and containerd
container execution. Config types, YAML schema integration, compiler
dispatch, validation rules, and mock-based unit tests.

Current implementation shells out to buildctl/nerdctl — will be
replaced with proper gRPC clients (buildkit-client, containerd protos)
in a follow-up. Config types, YAML integration, and test infrastructure
are stable and reusable.

wfe-buildkit: 60 tests, 97.9% library coverage
wfe-containerd: 61 tests, 97.8% library coverage
447 total workspace tests.
 2026-03-26 10:28:53 +00:00