Implement embedded youki OCI gateway launcher #117

New issue

Closed

opened 2026-05-06 11:57:45 -07:00 by jwilger · 0 comments

jwilger commented 2026-05-06 11:57:45 -07:00

Owner

Copy link

Follow-up implementation slice from #115.

Decision context

The accepted sandbox ADR will make OCI isolation the default for auto-review gateway. The host process should act as an outer launcher and run the real gateway as an inner process inside an embedded youki/OCI runtime boundary.

Scope

• Add the outer-launcher/inner-gateway architecture for auto-review gateway.
• Embed or link the required youki runtime capability so operators do not install a separate youki executable.
• Make OCI isolation the default gateway startup mode.
• Add an explicit opt-out for bare-process gateway mode.
• Fail closed when OCI setup fails and the operator has not opted out.
• Preserve existing application-level controls: no repo-controlled execution, hermetic Git, path confinement, caps, HMAC/CI auth, and secret redaction.

Acceptance criteria

• Default auto-review gateway launches the inner gateway through the embedded OCI runtime path on supported Linux hosts.
• Bare mode requires an explicit opt-out flag/env var and emits prominent warnings.
• OCI setup failures stop startup unless bare mode was explicitly requested.
• Rootless behavior, cgroup requirements, bind mounts, port binding, state paths, and cleanup semantics are documented in code/tests.

Required tests

• Focused tests for default/fail-closed/explicit-bare decision logic.
• Integration or harness tests for OCI launch success/failure where feasible under Nix/CI constraints.
• Regression tests that secrets do not appear in launcher diagnostics.

Follow-up implementation slice from #115. ## Decision context The accepted sandbox ADR will make OCI isolation the default for `auto-review gateway`. The host process should act as an outer launcher and run the real gateway as an inner process inside an embedded `youki`/OCI runtime boundary. ## Scope - Add the outer-launcher/inner-gateway architecture for `auto-review gateway`. - Embed or link the required `youki` runtime capability so operators do not install a separate `youki` executable. - Make OCI isolation the default gateway startup mode. - Add an explicit opt-out for bare-process gateway mode. - Fail closed when OCI setup fails and the operator has not opted out. - Preserve existing application-level controls: no repo-controlled execution, hermetic Git, path confinement, caps, HMAC/CI auth, and secret redaction. ## Acceptance criteria - Default `auto-review gateway` launches the inner gateway through the embedded OCI runtime path on supported Linux hosts. - Bare mode requires an explicit opt-out flag/env var and emits prominent warnings. - OCI setup failures stop startup unless bare mode was explicitly requested. - Rootless behavior, cgroup requirements, bind mounts, port binding, state paths, and cleanup semantics are documented in code/tests. ## Required tests - Focused tests for default/fail-closed/explicit-bare decision logic. - Integration or harness tests for OCI launch success/failure where feasible under Nix/CI constraints. - Regression tests that secrets do not appear in launcher diagnostics.

jwilger added a new dependency 2026-05-06 12:14:05 -07:00

#118 Build embedded minimal OCI rootfs for auto-review gateway

jwilger added a new dependency 2026-05-06 12:14:06 -07:00

#122 Report runtime isolation posture in gateway and CLI diagnostics

jwilger added this to the 1.0 milestone 2026-05-06 12:17:50 -07:00

jwilger referenced this issue from a pull request that will close it, 2026-05-06 14:52:03 -07:00

feat(gateway): add fail-closed OCI launcher seam #127

jwilger referenced this issue from a commit 2026-05-06 15:26:56 -07:00

feat(gateway): add fail-closed OCI launcher seam (#127)

jwilger referenced this issue from a pull request that will close it, 2026-05-06 21:01:17 -07:00

feat(gateway): launch through embedded OCI runtime #130

jwilger closed this issue 2026-05-06 21:07:30 -07:00

jwilger referenced this issue from a commit 2026-05-06 21:07:30 -07:00

feat(gateway): launch through embedded OCI runtime (#130)

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

issue-287-release-metadata-and-nl-corrections

issue-277-pr-metadata-controls

release/v0.15.0

issue-28-cost-per-review

release/v0.14.2

config-issue-command

issue-248-opencode-plugin-tests

fix-agent-variant-effort

issue-220-binary-only-release-artifacts

fix/release-prepare-json-isolation

fix/release-prepare-skip-checks

issue-219-remove-official-docker-image

issue-226-rgr-cycle-guard

issue-217-retain-nix-boundary

bdd-tdd-guardrails

opencode-migration

add-some-tools

chore/pi-safe-branch-switch

fix/issue-207-spawnsync-guardrails

docs-threat-model-formatting

issue-149-oci-env-errors

pi-safe-tools-review

process-pilens-deferred-format-guardrail

issue-150-threat-model-release-scope

fix-release-publish-install-tools

pi-migration

update-release-image-promotion

issue-15-pr-metadata-check

release/v0.8.4

issue-134-docs-test-guidance

issue-176-pr-discussion-history

fix-release-publish-release-upload

fix-linux-artifact-build

issue-121-linux-binary-provenance

issue-135-nixos-deployment

issue-120-single-binary-docs-tests

issue-122-runtime-isolation-posture

issue-119-unified-docker-binary

issue-117-oci-gateway-launcher

issue-118-embedded-oci-rootfs

issue-117-embedded-youki-oci-launcher

issue-116-unified-auto-review-cli

release/v0.2.1

issue-115-single-binary-exploration

release-pr-supersede-hybrid-bump

fix-release-prep-run-on-release-fixes

fix-release-prep-package-verify

issue-14-incremental-walkthrough

fix-release-publish-dispatch-input-type

fix-release-publish-rerun

fix-release-publish-detached-head

release-plz-2026-05-05T18-58-15Z

fix-release-plz-push-auth

fix-release-plz-git-identity

fix-release-plz-repo-url

semantic-release-bump

fix-release-changelog-duplication

fix-release-workflow-loop

release-generated-changelog

fix-release-prepare-stages-lockfile

fix-release-prepare-lockfile

fix-release-tests-after-prepare

fix-release-prep-explicit-token

fix-release-prep-token-fallback

fix-release-prep-token-env

fix-release-prep-auth

fix-release-prepare-trigger

issue-66-release-pr-workflow

issue-43-ci-review-action

issue-43-forgejo-ci-review-action

issue-46-sandbox-rescope

issue-51-ci-linter-advisories

repo-maintenance

issue-45-remove-bundled-linters

issue-10-mandatory-sandbox

v1.3.0

v1.0.2

v1.0.1

v1.0.0

v0.14.1

v0.14.0

v0.8.0

0.8.0-rc.329

0.8.0-rc.325

0.7.0-rc.318

0.6.0-rc.305

0.5.0-rc.299

0.4.0-rc.293

0.4.0-rc.289

0.3.0-rc.279

0.3.0-rc.273

0.3.0-rc.269

0.3.0-rc.263

0.3.0-rc.259

0.3.0-rc.255

0.3.0-rc.251

0.3.0-rc.247

0.3.0-rc.242

0.2.1-rc.238

v0.2.0

0.2.0-rc.232

v0.1.3

Labels

Clear labels   

bug

  

discussion

  

enhancement

  

bug

Something is not working

  

duplicate

This issue or pull request already exists

  

enhancement

New feature

  

help wanted

Need some help

  

invalid

Something is wrong

  

question

More information is needed

  

wontfix

This won't be fixed

No labels

bug

discussion

enhancement

bug

duplicate

enhancement

help wanted

invalid

question

wontfix

Milestone

Clear milestone

No items

No milestone

1.0

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Blocks

#122 Report runtime isolation posture in gateway and CLI diagnostics

Slipstream/auto_review

Depends on

#118 Build embedded minimal OCI rootfs for auto-review gateway

Slipstream/auto_review

Reference

Slipstream/auto_review#117

No description provided.