gb_flea/paperclip
1
0
Fork 0
forked from farhoodlabs/paperclip
Code Pull Requests Activity
Files
b947a7d76c331b3ce4069d3be0ade25cc89b1b90
paperclip/packages/plugins/sandbox-providers/cloudflare/bridge-template/src/exec.test.ts
T
Devin Foley 486fb88a15 Add Cloudflare sandbox provider plugin (#5687) 
> _Stacked on top of #5685#5686. Diff against master includes commits
from earlier PRs in the stack — review focuses on the two new commits
(`Extend sandbox callback bridge for Worker-hosted plugins` + `Add
Cloudflare sandbox provider plugin`)._

## Thinking Path

> - Paperclip orchestrates AI agents for zero-human companies
> - Each agent runs in a sandbox environment, and operators choose which
provider backs that sandbox — today E2B and Daytona are bundled with the
platform
> - Cloudflare Workers + Durable Objects + the Sandbox SDK offer a
credible new option: globally distributed, cheap idle, and
operator-deployable as a single Worker
> - To plug it in, Paperclip needs (a) a provider plugin that speaks the
`PaperclipPluginManifestV1` lifecycle and (b) a small operator-deployed
Worker — the **bridge** — that adapts Paperclip's runtime RPCs to the
Cloudflare Sandbox SDK
> - The plugin extends the existing sandbox-callback-bridge with a
`bridge.transport: "worker"` discriminator so the platform routes
runtime RPCs through the Worker bridge instead of the in-process runner
> - This pull request adds the plugin, the bridge Worker template, and
the supporting adapter-utils + server hooks the new transport needs
> - The benefit is that operators can run sandboxes on Cloudflare's edge
with no new platform code beyond installing the plugin and deploying the
Worker

## What Changed

**Shared support (`Extend sandbox callback bridge for Worker-hosted
plugins`):**

- `packages/adapter-utils/src/sandbox-callback-bridge.{ts,test.ts}`:
expose `expectedHostHeader` so plugin-side bridge clients can verify the
canonical request envelope before forwarding.
- `packages/adapter-utils/src/command-managed-runtime.{ts,test.ts}`:
relax the always-fresh runner construction so callers can re-use a
runner across exec calls (Worker-hosted bridges hold the runner inside a
Durable Object).
- `server/src/services/environment-runtime.ts` +
`environment-runtime.test.ts`: route Worker-hosted bridges through the
same env-shaping path as E2B and pin the `requestEnv` contract.
- `server/src/services/plugin-environment-driver.ts`: thread an optional
`issueId` through the runtime descriptor so bridges can scope leases to
the originating issue (used by Cloudflare to map a sandbox to the
issue/workflow for billing and audit).
- `packages/plugins/sdk/src/protocol.ts`: add `issueId?` to
`PluginEnvironmentDriverBaseParams` and the new `bridge.transport:
"worker"` discriminator that the new plugin declares.
- `server/__tests__/heartbeat-plugin-environment.test.ts`: pin the
heartbeat path against the new runtime descriptor.

**The Cloudflare plugin itself (`Add Cloudflare sandbox provider
plugin`):**

- `packages/plugins/sandbox-providers/cloudflare/`: plugin entry,
manifest, plugin runtime (lifecycle + bridge client), config parsing,
and Vitest coverage. Manifest declares `bridge.transport: "worker"` so
the platform routes runtime RPCs through the bridge client.
- `bridge-template/`: a Worker template the operator deploys with
`wrangler`. Owns Durable Object-backed sessions (`sessions.ts`),
exec/stream routes (`exec.ts`, `routes.ts`), and an HMAC auth layer
(`auth.ts`) that pins the `Host` header surface. Includes the
SDK-contract-correct exec implementation, lease recovery, and chunked
stdout/stderr streaming.
- Tests cover lease/session handoff (`bridge-template/src/exec.test.ts`,
`routes.test.ts`), bridge client request shaping
(`src/bridge-client.test.ts`), and end-to-end plugin behavior
(`src/plugin.test.ts`) including streamed exec output. 27 tests in
total.
- `README.md` walks the operator through deploying the bridge Worker,
registering the plugin, and configuring the runtime.

## Verification

- `pnpm typecheck`
- `pnpm exec vitest run --no-coverage
packages/adapter-utils/src/sandbox-callback-bridge.test.ts
packages/adapter-utils/src/command-managed-runtime.test.ts
server/src/__tests__/environment-runtime.test.ts
server/src/__tests__/heartbeat-plugin-environment.test.ts`
- `(cd packages/plugins/sandbox-providers/cloudflare && pnpm test)` — 27
passing

For an operator-side smoke test:

1. Deploy the bridge: `cd
packages/plugins/sandbox-providers/cloudflare/bridge-template &&
wrangler deploy`
2. Register the plugin in your Paperclip instance, point its bridge URL
at the deployed Worker, set the HMAC shared secret.
3. Create a sandbox environment whose provider is `cloudflare`, then run
a Codex or Claude job against it.

## Risks

- Adds a new `bridge.transport: "worker"` code path, but the existing
E2B / Daytona transports go through the same shaped helpers and have
explicit test coverage that pins their behavior unchanged.
- The Worker bridge stores session state in a Durable Object; operator
instances must be aware of the corresponding Cloudflare costs (DO
requests, storage). Documented in the README.
- The `issueId` plumbing is optional throughout — existing plugins that
don't supply it continue to work.

## Model Used

- Provider: Anthropic
- Model: Claude Opus 4.7 (1M context)
- Capabilities used: extended reasoning, tool use (Read/Edit/Bash/Grep)

## Checklist

- [x] I have included a thinking path that traces from project context
to this change
- [x] I have specified the model used (with version and capability
details)
- [x] I have checked ROADMAP.md and confirmed this PR does not duplicate
planned core work
- [x] I have run tests locally and they pass
- [x] I have added or updated tests where applicable
- [ ] If this change affects the UI, I have included before/after
screenshots — N/A, no UI change
- [x] I have updated relevant documentation to reflect my changes
(plugin README, bridge-template README)
- [x] I have considered and documented any risks above
- [x] I will address all Greptile and reviewer comments before
requesting merge

---------

Co-authored-by: Paperclip <noreply@paperclip.ing>
2026-05-11 07:33:13 -07:00

152 lines
4.7 KiB
TypeScript
Raw Blame History

import { describe, expect, it, vi } from "vitest";
vi.mock("@cloudflare/sandbox", () => ({
getSandbox: vi.fn(),
}));
import { buildLoginShellScript, executeInSandbox } from "./exec.js";
describe("bridge exec", () => {
it("invokes target.exec with a single shell command string and no args option", async () => {
const exec = vi.fn().mockResolvedValue({
exitCode: 0,
stdout: "claude 1.0.0\n",
stderr: "",
});
const sandbox = {
getSession: vi.fn().mockResolvedValue({ exec }),
writeFile: vi.fn(),
deleteFile: vi.fn(),
} as const;
await executeInSandbox({
sandbox: sandbox as never,
command: "claude",
args: ["--version"],
cwd: "/workspace/paperclip",
env: { PAPERCLIP_TEST_FLAG: "1" },
sessionStrategy: "named",
sessionId: "paperclip",
timeoutMs: 12_345,
});
expect(exec).toHaveBeenCalledTimes(1);
const [commandArg, optionsArg] = exec.mock.calls[0] ?? [];
expect(typeof commandArg).toBe("string");
expect(commandArg).toMatch(/^sh -lc /);
expect(optionsArg).toEqual({ cwd: "/", timeout: 12_345 });
expect(optionsArg).not.toHaveProperty("args");
expect(optionsArg).not.toHaveProperty("stdin");
expect(commandArg).toContain('. /etc/profile');
expect(commandArg).toContain("cd ");
expect(commandArg).toContain("/workspace/paperclip");
expect(commandArg).toContain("PAPERCLIP_TEST_FLAG");
expect(commandArg).toContain("claude");
expect(commandArg).toContain("--version");
});
it("requests streaming callbacks when bridge output forwarding is enabled", async () => {
const exec = vi.fn().mockImplementation(async (_command, options) => {
await options?.onOutput?.("stdout", "hello\n");
return {
exitCode: 0,
stdout: "hello\n",
stderr: "",
};
});
const sandbox = {
getSession: vi.fn().mockResolvedValue({ exec }),
writeFile: vi.fn(),
deleteFile: vi.fn(),
} as const;
const onOutput = vi.fn();
await executeInSandbox({
sandbox: sandbox as never,
command: "echo",
args: ["hello"],
sessionStrategy: "named",
sessionId: "paperclip",
timeoutMs: 5_000,
onOutput,
});
expect(exec).toHaveBeenCalledTimes(1);
expect(exec.mock.calls[0]?.[1]).toMatchObject({
cwd: "/",
timeout: 5_000,
stream: true,
onOutput: expect.any(Function),
});
expect(onOutput).toHaveBeenCalledWith("stdout", "hello\n");
});
it("stages stdin through a sandbox temp file and redirects from it", async () => {
const exec = vi.fn().mockResolvedValue({ exitCode: 0, stdout: "", stderr: "" });
const writeFile = vi.fn().mockResolvedValue(undefined);
const deleteFile = vi.fn().mockResolvedValue(undefined);
// sessionStrategy: "default" routes through the sandbox itself (no
// getSession wrapper), so exec must live directly on the sandbox.
const sandbox = {
exec,
getSession: vi.fn(),
writeFile,
deleteFile,
} as const;
await executeInSandbox({
sandbox: sandbox as never,
command: "cat",
args: [],
sessionStrategy: "default",
timeoutMs: 5_000,
stdin: "payload-bytes",
});
expect(writeFile).toHaveBeenCalledTimes(1);
const [stdinPath, stdinPayload] = writeFile.mock.calls[0] ?? [];
expect(typeof stdinPath).toBe("string");
expect(stdinPath).toMatch(/^\/tmp\/\.paperclip-bridge-stdin-/);
expect(stdinPayload).toBe("payload-bytes");
const commandArg = exec.mock.calls[0]?.[0];
expect(commandArg).toContain(stdinPath);
expect(commandArg).toMatch(/<\s*['"]/);
expect(deleteFile).toHaveBeenCalledWith(stdinPath);
});
it("does not write a stdin file or redirect when stdin is empty", async () => {
const exec = vi.fn().mockResolvedValue({ exitCode: 0, stdout: "", stderr: "" });
const writeFile = vi.fn();
const deleteFile = vi.fn();
const sandbox = {
getSession: vi.fn().mockResolvedValue({ exec }),
writeFile,
deleteFile,
} as const;
await executeInSandbox({
sandbox: sandbox as never,
command: "pwd",
sessionStrategy: "named",
sessionId: "paperclip",
timeoutMs: 5_000,
stdin: null,
});
expect(writeFile).not.toHaveBeenCalled();
expect(deleteFile).not.toHaveBeenCalled();
const commandArg = exec.mock.calls[0]?.[0];
expect(commandArg).not.toContain("<");
});
it("rejects invalid environment variable keys in the login-shell wrapper", () => {
expect(() => buildLoginShellScript({
command: "pwd",
args: [],
env: { "bad-key": "1" },
})).toThrow("Invalid sandbox environment variable key: bad-key");
});
});
View Git Blame Copy Permalink