Slipstream/auto_review
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases 27 Packages Activity Actions

feat(gateway): launch through embedded OCI runtime #130

Merged
jwilger merged 1 commit from issue-117-oci-gateway-launcher into main 2026-05-06 21:07:29 -07:00
Conversation 1 Commits 1 Files changed 3 +1095 -16
jwilger commented 2026-05-06 21:01:17 -07:00
Owner
Copy link

Summary

  • Wire auto-review gateway to default through a packaged embedded OCI launcher with staged bundle/config generation and fail-closed diagnostics.
  • Wrap the Nix-packaged auto-review binary with packaged rootfs and youki paths, and add OCI config/rootfs/package contract checks.
  • Update the threat model for the embedded OCI launcher boundary, env staging, redaction, and residual risks.

Verification

  • nix develop -c cargo fmt --all -- --check
  • nix develop -c cargo test -p ar-gateway oci -- --nocapture
  • nix develop -c cargo nextest run -p ar-gateway --no-tests=pass
  • nix develop -c cargo test -p ar-cli flake_
  • nix develop -c cargo clippy --workspace --all-targets -- -D warnings
  • nix build .#checks.x86_64-linux.ar-gateway-embedded-oci-config-contract .#checks.x86_64-linux.auto-review-packaged-gateway-launcher-contract .#checks.x86_64-linux.ar-gateway-embedded-oci-rootfs-contents

Closes #117

## Summary - Wire `auto-review gateway` to default through a packaged embedded OCI launcher with staged bundle/config generation and fail-closed diagnostics. - Wrap the Nix-packaged `auto-review` binary with packaged rootfs and `youki` paths, and add OCI config/rootfs/package contract checks. - Update the threat model for the embedded OCI launcher boundary, env staging, redaction, and residual risks. ## Verification - `nix develop -c cargo fmt --all -- --check` - `nix develop -c cargo test -p ar-gateway oci -- --nocapture` - `nix develop -c cargo nextest run -p ar-gateway --no-tests=pass` - `nix develop -c cargo test -p ar-cli flake_` - `nix develop -c cargo clippy --workspace --all-targets -- -D warnings` - `nix build .#checks.x86_64-linux.ar-gateway-embedded-oci-config-contract .#checks.x86_64-linux.auto-review-packaged-gateway-launcher-contract .#checks.x86_64-linux.ar-gateway-embedded-oci-rootfs-contents` Closes #117
feat(gateway): launch through embedded OCI runtime
All checks were successful
CI / Nix flake check (pull_request) Successful in 3m23s
Details
CI / auto_review semantic review (pull_request) Successful in 1s
Details
auto_review auto_review: 2 warnings
Publish release / release-publish (pull_request) Has been skipped
Details
2ca27572b9
auto-review approved these changes 2026-05-06 21:06:07 -07:00
auto-review left a comment
Copy link

This PR introduces an embedded OCI runtime for the auto-review gateway, enhancing security and configurability. The changes include new structs and functions for handling OCI configurations, environment variables, and runtime commands. The PR appears safe to merge, with comprehensive tests ensuring functionality.

Walkthrough

  • crates/ar-gateway/src/startup.rs:
    • Introduced new structs (EmbeddedOciGatewayInputs, EmbeddedOciGatewayEnvValues, PackagedOciRuntimeCommand) to manage OCI configurations and runtime commands.
    • Added constants for environment variable management, ensuring only necessary variables are exposed to the OCI environment.
    • Implemented functions for validating paths, staging OCI bundles, and executing runtime commands, enhancing security by ensuring paths are absolute and within the Nix store.
    • Updated error handling to provide more informative diagnostics while ensuring sensitive information is not leaked.
    • Added extensive tests to verify the new functionality, including path validation, environment variable management, and runtime command execution.
  • docs/THREAT-MODEL.md:
    • Updated the threat model to include the new embedded OCI launcher, detailing the security measures in place to prevent unauthorized access and execution.
  • flake.nix:
    • Modified the Nix configuration to include the new embedded OCI runtime setup, ensuring the correct paths and permissions are set for the runtime environment.
This PR introduces an embedded OCI runtime for the `auto-review gateway`, enhancing security and configurability. The changes include new structs and functions for handling OCI configurations, environment variables, and runtime commands. The PR appears safe to merge, with comprehensive tests ensuring functionality. ## Walkthrough - **crates/ar-gateway/src/startup.rs**: - Introduced new structs (`EmbeddedOciGatewayInputs`, `EmbeddedOciGatewayEnvValues`, `PackagedOciRuntimeCommand`) to manage OCI configurations and runtime commands. - Added constants for environment variable management, ensuring only necessary variables are exposed to the OCI environment. - Implemented functions for validating paths, staging OCI bundles, and executing runtime commands, enhancing security by ensuring paths are absolute and within the Nix store. - Updated error handling to provide more informative diagnostics while ensuring sensitive information is not leaked. - Added extensive tests to verify the new functionality, including path validation, environment variable management, and runtime command execution. - **docs/THREAT-MODEL.md**: - Updated the threat model to include the new embedded OCI launcher, detailing the security measures in place to prevent unauthorized access and execution. - **flake.nix**: - Modified the Nix configuration to include the new embedded OCI runtime setup, ensuring the correct paths and permissions are set for the runtime environment.
crates/ar-gateway/src/startup.rs
@ -94,9 +186,9 @@ fn select_gateway_launcher(
};
auto-review commented 2026-05-06 21:06:07 -07:00
Owner
Copy link

🟡 Warning: The error message for OCI gateway launcher setup failure now includes the diagnostic details, which can help in debugging but may also expose sensitive information. Ensure that the diagnostic details are properly sanitized before being included in error messages.

🟡 **Warning:** The error message for OCI gateway launcher setup failure now includes the diagnostic details, which can help in debugging but may also expose sensitive information. Ensure that the diagnostic details are properly sanitized before being included in error messages.
jwilger marked this conversation as resolved
crates/ar-gateway/src/startup.rs
@ -1063,8 +1495,8 @@ mod tests {
"default gateway launcher failure should identify the OCI launcher path, got: {message}"
auto-review commented 2026-05-06 21:06:07 -07:00
Owner
Copy link

🟡 Warning: The test checks for sanitized OCI setup failure context. Ensure that the diagnostic messages are properly sanitized to avoid leaking sensitive information.

🟡 **Warning:** The test checks for sanitized OCI setup failure context. Ensure that the diagnostic messages are properly sanitized to avoid leaking sensitive information.
jwilger marked this conversation as resolved
Sign in to join this conversation.
Reviewers
No reviewers
auto-review
Labels
Clear labels   
bug

   
discussion

   
enhancement
  
bug
Something is not working

  
duplicate
This issue or pull request already exists

  
enhancement
New feature

  
help wanted
Need some help

  
invalid
Something is wrong

  
question
More information is needed

  
wontfix
This won't be fixed

No labels
bug
discussion
enhancement
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
Slipstream/auto_review!130
No description provided.