exectool

package
v0.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 13, 2026 License: MIT Imports: 17 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ExecTool 

type ExecTool struct {
	// contains filtered or unexported fields
}

ExecTool is an instance-owned execution tool runner. It centralizes:

  • path sandboxing (workBaseDir, allowedRoots, blockSymlinks)
  • execution policy (timeouts/output/limits)
  • command blocklist
  • session store for shellcommand
  • runscript policy (optional tool).

func NewExecTool 

func NewExecTool(opts ...ExecToolOption) (*ExecTool, error)

func (*ExecTool) RunScript 

func (et *ExecTool) RunScript(ctx context.Context, args RunScriptArgs) (*RunScriptOut, error)

func (*ExecTool) RunScriptTool 

func (et *ExecTool) RunScriptTool() spec.Tool

func (*ExecTool) ShellCommand 

func (et *ExecTool) ShellCommand(ctx context.Context, args ShellCommandArgs) (*ShellCommandOut, error)

func (*ExecTool) ShellCommandTool 

func (et *ExecTool) ShellCommandTool() spec.Tool

type ExecToolOption 

type ExecToolOption func(*ExecTool) error

func WithAllowedRoots 

func WithAllowedRoots(roots []string) ExecToolOption
func WithBlockSymlinks(block bool) ExecToolOption

WithBlockSymlinks configures whether symlink traversal should be blocked (if supported downstream).

func WithBlockedCommands 

func WithBlockedCommands(cmds []string) ExecToolOption

WithBlockedCommands adds additional commands to the instance blocklist. Entries must be single command names (not full command lines).

func WithExecutionPolicy 

func WithExecutionPolicy(p ExecutionPolicy) ExecToolOption

func WithMaxSessions 

func WithMaxSessions(maxSessions int) ExecToolOption

func WithRunScriptPolicy 

func WithRunScriptPolicy(p RunScriptPolicy) ExecToolOption

func WithSessionTTL 

func WithSessionTTL(ttl time.Duration) ExecToolOption

func WithWorkBaseDir 

func WithWorkBaseDir(base string) ExecToolOption

type ExecutionPolicy 

type ExecutionPolicy struct {
	// If true, skip heuristic checks (fork-bomb/backgrounding).
	// NOTE: hard-blocked commands are ALWAYS blocked.
	AllowDangerous bool

	Timeout          time.Duration
	MaxOutputBytes   int64
	MaxCommands      int
	MaxCommandLength int
}

ExecutionPolicy provides policy / hardening knobs (host-configured). All limits are clamped to executil hard maximums (downstream enforcement).

func DefaultExecutionPolicy 

func DefaultExecutionPolicy() ExecutionPolicy

func (*ExecutionPolicy) Clone added in v0.10.0 

func (p *ExecutionPolicy) Clone() *ExecutionPolicy

Clone returns an independent copy of the ExecutionPolicy. (All fields are value types, so a plain copy is sufficient.)

type RunScriptArgs 

type RunScriptArgs struct {
	Path    string            `json:"path"`
	Args    []string          `json:"args,omitempty"`
	Env     map[string]string `json:"env,omitempty"`
	WorkDir string            `json:"workDir,omitempty"`
}

type RunScriptInterpreter 

type RunScriptInterpreter struct {
	// Shell selects the wrapper shell used to run the *constructed command string*.
	// This affects quoting dialect and which binary is used for "shell -c" / "-Command".
	Shell ShellName

	Mode RunScriptMode

	// Command is required for ModeInterpreter.
	// Examples: "python3", "python", "node", "ruby".
	Command string
	Args    []string
}

type RunScriptMode 

type RunScriptMode string
const (
	// RunScriptModeDirect executes the script path directly (as the "command").
	// This is appropriate for PowerShell scripts executed via "& 'script.ps1' ...".
	RunScriptModeDirect RunScriptMode = "direct"

	// RunScriptModeShell executes the script by invoking the selected wrapper shell as an interpreter:
	//   <shellPath> <script> <args...>
	// This avoids requiring execute bits on Unix shell scripts.
	RunScriptModeShell RunScriptMode = "shell"

	// RunScriptModeInterpreter executes the script via an explicit interpreter command:
	//   <command> <commandArgs...> <script> <args...>
	RunScriptModeInterpreter RunScriptMode = "interpreter"
)

type RunScriptOut added in v0.8.0 

type RunScriptOut struct {
	Path       string `json:"path"`
	ExitCode   int    `json:"exitCode"`
	Stdout     string `json:"stdout,omitempty"`
	Stderr     string `json:"stderr,omitempty"`
	TimedOut   bool   `json:"timedOut,omitempty"`
	DurationMS int64  `json:"durationMS,omitempty"`

	StdoutTruncated bool `json:"stdoutTruncated,omitempty"`
	StderrTruncated bool `json:"stderrTruncated,omitempty"`
}

type RunScriptPolicy 

type RunScriptPolicy struct {
	// AllowedExtensions is an optional lowercase allowlist (e.g. [".sh", ".ps1", ".py"]).
	// If empty/nil, extension is allowed iff InterpreterByExtension has a match (or a "" fallback is configured).
	AllowedExtensions []string

	// InterpreterByExtension controls how scripts are executed based on extension.
	// Keys should be lowercase and include the leading dot (".sh", ".ps1", ".py").
	//
	// If no mapping exists for the script extension:
	//   - if a mapping for "" exists, it is used as a fallback
	//   - otherwise runscript fails with "no interpreter mapping for extension"
	InterpreterByExtension map[string]RunScriptInterpreter

	// ExecutionPolicy overrides the ExecTool-wide defaults for runscript.
	// If left zero-valued, ExecTool.execPolicy is used.
	ExecutionPolicy ExecutionPolicy

	// Arg limits (defense-in-depth).
	MaxArgs     int
	MaxArgBytes int
}

func DefaultRunScriptPolicy 

func DefaultRunScriptPolicy() RunScriptPolicy

func NormalizeRunScriptPolicy added in v0.7.1 

func NormalizeRunScriptPolicy(in RunScriptPolicy) (RunScriptPolicy, error)

NormalizeRunScriptPolicy deep-clones and normalizes a RunScriptPolicy. This is defensive: it prevents shared map/slice backing storage and makes policy behavior deterministic (lowercased extensions, leading dots, etc).

func (*RunScriptPolicy) Clone added in v0.10.0 

func (p *RunScriptPolicy) Clone() *RunScriptPolicy

Clone returns an independent copy of the RunScriptPolicy. It deep-copies reference fields (slice/map). ExecutionPolicy is value-copied.

Note: Map values (RunScriptInterpreter) are copied as-is. If RunScriptInterpreter contains reference types that must be independent, add a Clone() for it and use that in the map copy loop.

type ShellCommandArgs 

type ShellCommandArgs struct {
	Commands        []string          `json:"commands,omitempty"`
	WorkDir         string            `json:"workDir,omitempty"`
	Env             map[string]string `json:"env,omitempty"`
	Shell           ShellName         `json:"shell,omitempty"`
	ExecuteParallel bool              `json:"executeParallel,omitempty"`
	SessionID       string            `json:"sessionID,omitempty"`
}

type ShellCommandExecResult 

type ShellCommandExecResult = executil.ShellCommandExecResult

type ShellCommandOut added in v0.8.0 

type ShellCommandOut struct {
	SessionID string                   `json:"sessionID,omitempty"`
	WorkDir   string                   `json:"workDir,omitempty"`
	Results   []ShellCommandExecResult `json:"results,omitempty"`
}

type ShellName 

type ShellName = executil.ShellName
const (
	ShellNameAuto       ShellName = executil.ShellNameAuto
	ShellNameBash       ShellName = executil.ShellNameBash
	ShellNameZsh        ShellName = executil.ShellNameZsh
	ShellNameSh         ShellName = executil.ShellNameSh
	ShellNameDash       ShellName = executil.ShellNameDash
	ShellNameKsh        ShellName = executil.ShellNameKsh
	ShellNameFish       ShellName = executil.ShellNameFish
	ShellNamePwsh       ShellName = executil.ShellNamePwsh
	ShellNamePowershell ShellName = executil.ShellNamePowershell
	ShellNameCmd        ShellName = executil.ShellNameCmd
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.