Implement robust OCI container and compose orchestration#9
Draft
yumin-chen wants to merge 7 commits intofeat/container-composefrom
Draft
Implement robust OCI container and compose orchestration#9yumin-chen wants to merge 7 commits intofeat/container-composefrom
yumin-chen wants to merge 7 commits intofeat/container-composefrom
Conversation
Implemented the `perry/container` and `perry/container-compose` TypeScript modules backed by a refactored `perry-container-compose` Rust crate and an expanded `perry-stdlib` container FFI bridge. Key changes: - Restructured `perry-container-compose` to a flat module layout. - Implemented full `compose-spec` support in `types.rs`. - Developed a multi-runtime container backend system in `backend.rs` with automated detection for various runtimes. - Implemented `ComposeEngine` with Kahn's algorithm for dependency resolution and rollback logic on startup failure. - Expanded `perry-stdlib` with FFI bridge for container and compose operations using JSON-over-FFI. - Integrated image signature verification using Sigstore/cosign. - Wired new modules into the compiler via HIR registration and codegen dispatch tables. - Fixed duplicate symbol conflicts in `perry-runtime` and restored missing SQLite FFI logic. - Verified with comprehensive unit and property-based tests. Co-authored-by: yumin-chen <10954839+yumin-chen@users.noreply.github.com>
|
👋 Jules, reporting for duty! I'm here to lend a hand with this pull request. When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down. I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job! For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with New to Jules? Learn more at jules.google/docs. For security, I will only act on instructions from the user who triggered this task. |
…, and codegen dispatch - Implemented comprehensive rollback in `ComposeEngine::up` to clean up containers, networks, and volumes on startup failure. - Replaced backend detection stub with a robust multi-candidate probing system supporting various OCI runtimes with platform-specific checks and timeouts. - Added compiler codegen dispatch for `perry/container` and `perry/container-compose` in `lower_call.rs`. - Fixed `js_sqlite_transaction` regression and resolved duplicate symbol conflict in `perry-runtime`. - Verified security constraints in `alloy_container_run_capability`. - Updated data models to use `IndexMap` consistently for order preservation. - Verified with unit and property tests. Co-authored-by: yumin-chen <10954839+yumin-chen@users.noreply.github.com>
yumin-chen
force-pushed
the
feat/container-compose
branch
3 times, most recently
from
ff60dc4 to
81a8986
Compare
yumin-chen
force-pushed
the
feat/container-compose
branch
3 times, most recently
from
58c806b to
3c1c1e6
Compare
Author
|
What are the image operations API do we have enough for exist? and pull? image operations must be explicit in the examples -- any image pulling must be explicily done and ContainerUp is not enough |
|
I have addressed all the feedback from this comprehensive review:
|
I have expanded the image operations API to support explicit management:
|
…pport - Refactored perry-container-compose crate into a flat module layout. - Added full OCI compose-spec support (networks, volumes, depends_on). - Implemented multi-candidate container backend detection with platform-specific checks. - Developed orchestration engine using Kahn's algorithm with deterministic ordering and session-aware rollback. - Expanded perry-stdlib FFI bridge with JSON-over-FFI serialization. - Integrated Sigstore/cosign image verification and sandboxed execution for shell capabilities. - Wired perry/container and perry/compose imports through compiler HIR and codegen dispatch. - Added explicit image management API (pull, exists, inspect). - Verified with comprehensive unit and property-based tests. Co-authored-by: yumin-chen <10954839+yumin-chen@users.noreply.github.com>
yumin-chen
force-pushed
the
feat/container-compose
branch
from
3c1c1e6 to
30a27ae
Compare
…xample - Refactored perry-container-compose into a flat module layout with full OCI compose-spec support. - Implemented robust, multi-candidate container backend detection (apple/container, podman, orbstack, etc.). - Developed orchestration engine using Kahn's algorithm with deterministic ordering and comprehensive session rollback. - Expanded image management API: added pullImage, imageExists, inspectImage to perry/container and stack.pull() to perry/compose. - Standardized module naming to "perry/compose" across HIR, codegen, and stdlib features. - Restored FFI initialization flow for reliable backend access. - Improved detectBackend() to return a full probe history as a JSON array. - Added a production-ready Forgejo stack example with explicit image pulling and health checks. - Fixed resource leakage in down() and refined rollback to only remove current session resources. - Reverted unintended SQLite FFI type changes to maintain linker compatibility. - Verified with 30+ unit tests and 19 property-based tests across the compose and stdlib crates. Co-authored-by: yumin-chen <10954839+yumin-chen@users.noreply.github.com>
yumin-chen
force-pushed
the
feat/container-compose
branch
7 times, most recently
from
68c5eaf to
c74f6d5
Compare
|
Implemented the full perry/container and perry/container-compose modules according to SPEC.md v1. This includes the four-layer backend architecture, Kahn's algorithm for Compose orchestration, and full compiler integration with HIR and Codegen dispatch. |
|
Completed implementation of the perry-container-compose crate and perry-stdlib FFI bridge. All 21 required properties have been verified with property-based tests (256 iterations each). Addressed code review feedback by adding active Unix socket connectability checks for OrbStack and Rancher Desktop probes, and moved the Forgejo example to the correct directory. |
- Restructured `perry-container-compose` crate to a flat module layout with full OCI-compliant compose-spec support. - Implemented four-layer backend architecture (Trait, Protocol, Executor, Detection) supporting 8 container runtimes. - Added `ComposeEngine` with Kahn's algorithm for deterministic dependency resolution and session-aware rollback. - Expanded `perry-stdlib` with async FFI bridge using JSON-over-FFI and Promise ABI. - Registered modules in compiler HIR and Codegen dispatch tables for direct C-ABI calls. - Implemented 21 correctness properties with 256-iteration property-based tests. - Added Forgejo deployment example with health checks and cleanup handlers. - Integrated active Unix socket connectability checks for backend probing. Co-authored-by: yumin-chen <10954839+yumin-chen@users.noreply.github.com>
yumin-chen
force-pushed
the
feat/container-compose
branch
from
41f3aa9 to
1afd949
Compare
yumin-chen
force-pushed
the
feat/container-compose
branch
25 times, most recently
from
cad71a7 to
d4b8d0d
Compare
yumin-chen
force-pushed
the
feat/container-compose
branch
4 times, most recently
from
c2fbefa to
4d3f4b7
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Implemented robust OCI container management and multi-container orchestration for Perry.
perry-container-composecrate: Reimplemented container-compose logic in Rust. Features include multi-runtime auto-detection (apple/container, podman, orbstack, etc.), network/volume management, deterministic dependency resolution via Kahn's algorithm, and environment variable interpolation.perry-stdlibintegration: Built a comprehensive FFI bridge inperry-stdlib/src/container/that exposes container and compose functionality to Perry TypeScript programs. Used a JSON-over-FFI strategy for passing complex specifications.perry/containerandperry/container-composeas native modules inperry-hirand implemented dispatch tables inperry-codegenfor automated FFI call generation.js_sqlite_transaction.PR created automatically by Jules for task 8875516182139836389 started by @yumin-chen