Add sandbox engine integration and per-job executor overrides#19
Open
interstella5555 wants to merge 11 commits intomainfrom
Open
Add sandbox engine integration and per-job executor overrides#19interstella5555 wants to merge 11 commits intomainfrom
interstella5555 wants to merge 11 commits intomainfrom
Conversation
Contributor
Deploying with
|
| Status | Name | Latest Commit | Updated (UTC) |
|---|---|---|---|
| ✅ Deployment successful! View logs |
opal | db90f0d | Apr 15 2026, 09:07 AM |
PI-Victor
force-pushed
the
feat/srt-per-job-engine-impl
branch
3 times, most recently
from
4e2eed2 to
d69a2d4
Compare
…port Introduce a dedicated sandbox executor path with per-job runtime settings, wire per-job engine selection through planning/execution, and inject service host aliases via container runtime add-host flags for non-privileged jobs. Update CLI/config/runtime docs and MCP/help surfaces for the new behavior and parity notes.
Execute extended-tests and e2e-tests through a temp-repo wrapper to keep fixture writes out of the main checkout. Also harden workspace snapshot handling by skipping synthetic snapshot commits when the copied workspace uses a gitdir file (linked worktree), preventing source-repo HEAD updates from job snapshots.
Skip copying root .git gitdir-pointer files into job snapshots and keep writable permission checks focused on copied entries. This prevents snapshot git activity from resolving to source-repo refs when running from linked worktrees, while preserving GitLab pipeline semantics and updating local-parity docs.
Remove workspace snapshot commit writes during job workspace preparation so local runs do not mutate repository refs. Keep .git pointer-file exclusion for linked worktrees and update parity/storage docs to match the new behavior.
PI-Victor
force-pushed
the
feat/srt-per-job-engine-impl
branch
from
d69a2d4 to
f41e021
Compare
Run the e2e and extended suite copy/execution flow from explicit /tmp roots and remap inherited cargo target paths into the temp repo to avoid writes into the source checkout. Limit sandbox write access in test-pipelines to the tmp run root.
PI-Victor
force-pushed
the
feat/srt-per-job-engine-impl
branch
from
f41e021 to
db90f0d
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
sandboxengine support (Anthropic SRT-backed) in Opal execution engine selection$HOME/.config/opal,$HOME/.local/share/opal) and related testsunit-testsruns unit/bin testse2e-testsruns integration/e2e Rust tests (plus existing pipeline fixture coverage)Validation
gitlab-ci-a405c5319 ok / 0 failed / 0 skippedNotes