kubernetes-sigs/agent-sandbox v0.1.0-rc.0

on GitHub

What's Changed

• Update README with project details by @janetkuo in #1
• Update README to address review comments by @janetkuo in #2
• Clarify memory sharing is a runtime-specific feature by @janetkuo in #3
• Add sandbox API definition by @barney-s in #4
• Implement a simple sandbox controller using controller-runtime by @barney-s in #5
• chore: add tools to apply correct headers by @justinsb in #10
• chore: use tools.mod for generation by @justinsb in #14
• chore: bump controller-runtime to 0.22.1 by @justinsb in #24
• Create headless service to access the sandbox by @barney-s in #9
• chore: remove duplicate header scripts by @justinsb in #15
• chore: add tool to fix gofmt by @justinsb in #25
• chore: harmonize go generate on dev/tools approach by @justinsb in #26
• chore: add presubmit script to verify fix-* scripts have been run by @justinsb in #11
• Sandbox example: Launch Chrome in sandbox with VNC by @justinsb in #20
• remove manifests folder and add k8s folder by @barney-s in #28
• rename sandbox .spec.template -> .spec.podTemplate by @barney-s in #27
• Implement Status for Sandbox by @barney-s in #19
• chore: scripts to deploy to kube by @justinsb in #13
• Ensure a Docker builder is running for multi-platform by @ameukam in #42
• Add metadata labels and annotations support in sandbox podTemplate by @barney-s in #39
• chore: generate RBAC for kube deployment by @justinsb in #16
• chore: fix image rewriting by @justinsb in #40
• Force opting out of API credential automounting by @janetkuo in #48
• fix make build target by @barney-s in #47
• Add kind deployment in makefile by @barney-s in #49
• Small optimization of the Docker image for the controller by @ameukam in #46
• Example: Run vscode and gemini in a sandbox by @barney-s in #45
• Add policy for token automount instead of mutating in the controller by @janetkuo in #55
• ci: add basic boilerplate for invoking unit tests by @sdowell in #57
• ci: implement unit test runner entrypoint by @sdowell in #61
• test: add unit tests for reconcilePod by @sdowell in #64
• Adding SandboxTemplate and SandboxClaim CRDs by @barney-s in #8
• ci: add placeholder entrypoints for lint and e2e by @sdowell in #65
• Add support for volumeClaimTemplates by @barney-s in #56
• feat: Added example of SA binding protection using Kyverno ClusterPolicy by @vicentefb in #67
• Add support for shutdownTime in sandbox.spec by @barney-s in #51
• Example: Composition of Sandbox and NW Policies using KRO by @barney-s in #37
• Example: Run code in an isolated Python runtime sandbox by @tomergee in #54
• Add development guide by @barney-s in #62
• nit: updatd urlPath for Kyverno policy by @vicentefb in #71
• nit: Update example Sandbox CR by @vicentefb in #68
• ci: add go lint tooling and presubmit by @sdowell in #66
• Use sandbox volume claim template instead of creating PVs manually by @barney-s in #73
• chore: do not rely on preserveUnknownFields in CRDs by @justinsb in #69
• examples: chrome-sandbox now checks for debug endpoint by @justinsb in #43
• test: implement e2e test scaffolding and simple test by @sdowell in #74
• fix: Switched from Kyverno to OPA Gatekeeper as Policy Engine by @vicentefb in #77
• Added Netlify config by @janetkuo in #81
• test: add coverage for sandbox top level Reconcile by @sdowell in #80
• feat: Implement .spec.replicas and /scale by @barney-s in #82
• Fix Netlify build failure by @janetkuo in #86
• Change the dev/ci code to not use makefile by @barney-s in #83
• feat: Claim controller - First cut by @barney-s in #72
• ci: create junit file when e2e tests fail by @sdowell in #90
• fix egress schema to take a list of objects. by @barney-s in #91
• Code cleanup: fix comment and add constant by @flpanbin in #89
• test: add test coverage for sandbox shutdown time by @sdowell in #92
• show how to run a prompt in the sandbox by @barney-s in #95
• test: add e2e test for replicas by @sdowell in #96
• feat: added Anthos Policy Controller example by @vicentefb in #87
• Create CRD for sandboxwarmpool by @peterzhongyi in #63
• fix: set replicas status after shutdownTime expires by @sdowell in #99
• Define a Cloudbuild for OCI image build by @ameukam in #101
• tests: add simple benchmark for chrome-sandbox example by @justinsb in #44
• Bump Docker image to Debian 13 by @ameukam in #104
• chore: better logging from docker builds by @justinsb in #111
• tests: include json output from test-e2e by @justinsb in #112
• chrome-sandbox: install chromium to support arm by @justinsb in #110
• Add Sandbox Warm Pool Controller basic logic by @peterzhongyi in #84
• ci: fix image prefix for staging registry by @sdowell in #114
• ci: fix tag definitions for image publishing by @sdowell in #116

New Contributors

• @janetkuo made their first contribution in #1
• @barney-s made their first contribution in #4
• @justinsb made their first contribution in #10
• @ameukam made their first contribution in #42
• @sdowell made their first contribution in #57
• @vicentefb made their first contribution in #67
• @tomergee made their first contribution in #54
• @flpanbin made their first contribution in #89
• @peterzhongyi made their first contribution in #63

Full Changelog: https://github.com/kubernetes-sigs/agent-sandbox/commits/v0.1.0-rc.0