Skip to content

Feat: Firejail sandbox for source-declarative-manifest (do not merge)#403

Closed
aaronsteers wants to merge 8 commits intomainfrom
aj/feat/sdm-firejail-sandbox
Closed

Feat: Firejail sandbox for source-declarative-manifest (do not merge)#403
aaronsteers wants to merge 8 commits intomainfrom
aj/feat/sdm-firejail-sandbox

Conversation

@aaronsteers
Copy link
Contributor

@aaronsteers aaronsteers commented Mar 10, 2025
edited
Loading

Adds a sandbox wrapper and integrates the Sandboxed runner as the Docker image entrypoint for source-declarative-manifest docker image. Optionally, we can consider making this it's own image.

Usage info is available via source-declarative-manifest-sandboxed --help.

Sandboxed execution of the source-declarative-manifest connector. By default, this script
wraps the source-declarative-manifest command in Firejail to run the connector in a sandboxed
environment. If Firejail is not available, the connector will run without sandboxing.

Environment variable 'AIRBYTE_CONNECTOR_SANDBOX_MODE' controls the sandboxing behavior. The following values
are supported:
    - 'FIREJAIL': Use Firejail to run the connector in a sandboxed environment.
    - 'AUTO': Use Firejail if available, otherwise run without sandboxing.
    - 'NONE': Disable sandboxing and run the connector without Firejail.

Usage: source-declarative-manifest-sandboxed [OPTIONS] [CMD]

Options:
  --help           Show this help message and exit.
  --check-sandbox  Check Firejail availability and exit.

CMD:
  The command to run in the sandboxed environment. This should be the command
  that would normally be run to start the connector. E.g. "check", "read", etc.

  The command is ignored if specifying --check-sandbox or --help.

Notes:

  • Firejail doesn't run natively on Mac.
  • The wrapper script will gracefully fail over to non-sandboxed mode unless you explicitly request it not to by specifying the env var value AIRBYTE_CONNECTOR_SANDBOX_MODE=FIREJAIL.
  • In theory, we can test when running on Mac by using Docker or another tool, although I haven't succeeded yet in a full test.
  • In the connector-builder-server, we can invoke via the CLI instead of the Docker image, and by using the source-declarative-manifest-sandboxed CLI, the invocation should (in theory) still be properly sandboxed.

@github-actions github-actions bot added the enhancement New feature or request label Mar 10, 2025
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Mar 10, 2025

📝 Walkthrough

Walkthrough

This pull request enhances the container's security and updates the command-line interface for the source-declarative-manifest connector. The Dockerfile now installs Firejail to sandbox the environment, removes a fallback during dependency installation to ensure build strictness, and updates the entrypoint and environment variable to invoke the new sandboxed command. Corresponding changes are made in the connector’s Python modules by adding and exporting a new sandboxed_run function along with its helper functions. A new script entry in the project configuration maps the command to the sandboxed run function.

Does this accurately capture the overall changes, wdyt?

Changes

Files Change Summary
Dockerfile Added a new step to install Firejail, removed the fallback during Poetry dependency installation, and updated both the environment variable (AIRBYTE_ENTRYPOINT) and the ENTRYPOINT directive to use source-declarative-manifest-sandboxed.
airbyte_cdk/cli/source_declarative_manifest/... Updated the public API by adding an import of sandboxed_run in the __init__.py and introducing a new file (_sandboxed_run.py) that provides functions (_wrap_in_sandbox, sandboxed_run, _print_help, and _print_sandbox_check) to run the connector in a sandboxed environment.
pyproject.toml Added a new script entry source-declarative-manifest-sandboxed that maps to the sandboxed_run function, enabling CLI execution of the connector in a sandboxed mode.

Sequence Diagram(s)

sequenceDiagram
    participant User as User
    participant CLI as CLI Command
    participant SR as sandboxed_run
    participant FJ as Firejail Check

    User->>CLI: Run "source-declarative-manifest-sandboxed"
    CLI->>SR: Invoke sandboxed_run()
    SR->>FJ: Check for Firejail availability and options
    FJ-->>SR: Return result (available or error)
    SR->>CLI: Execute command wrapped with Firejail if enabled
Loading

Does this flow capture the new control flow clearly, wdyt?

Possibly related PRs

Suggested labels

enhancement, security

Suggested reviewers

  • erohmensing

Would you like to add or adjust any of these details, wdyt?

✨ Finishing Touches
  • 📝 Generate Docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

‼️ IMPORTANT
Auto-reply has been disabled for this repository in the CodeRabbit settings. The CodeRabbit bot will not respond to your replies unless it is explicitly tagged.

  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot reviewed Mar 10, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (4)
airbyte_cdk/cli/source_declarative_manifest/_sandboxed_run.py (4)

1-95: LGTM! Well-structured implementation of sandboxed execution

The implementation properly handles different sandbox modes based on the environment variable and gracefully handles cases where Firejail is not available. The code structure is clean, with clear separation of concerns.

There's a formatting issue reported by the pipeline. Would you like to fix it using Ruff format?

# Make sure to run:
# ruff format airbyte_cdk/cli/source_declarative_manifest/_sandboxed_run.py
🧰 Tools
🪛 GitHub Actions: Linters

[error] 1-1: Ruff formatting check failed. 1 file would be reformatted. Run 'ruff format' to fix code style issues in this file.

28-57: Consider enhancing the sandbox security configuration

The current Firejail configuration uses basic isolation with --private and --net=none, which is a good start for sandboxing. However, you might want to consider additional security flags to further restrict the sandbox environment. Would something like this be useful? wdyt?

-    return ["firejail", "--private", "--net=none"] + cmd
+    return ["firejail", "--private", "--net=none", "--seccomp", "--no-u2f", "--x11=none"] + cmd

41-53: Consider adding installation instructions for Firejail

When Firejail is not found but required, it might be helpful to provide installation instructions in the error message, especially for users who are unfamiliar with Firejail. This would improve the user experience. wdyt?

-        print("Firejail not found. Running without sandboxing.")
+        print("Firejail not found. Running without sandboxing. To enable sandboxing, install Firejail (e.g., 'apt-get install firejail' on Debian/Ubuntu).")

72-72: Consider handling the case when source-declarative-manifest is not found

The code assumes that the base source-declarative-manifest entrypoint is installed and on the PATH. Consider adding a check for this and providing a helpful error message if it's not found. wdyt?

-    executable = "source-declarative-manifest"  # Assume base SDM entrypoint is installed and on PATH
+    executable = "source-declarative-manifest"  # Assume base SDM entrypoint is installed and on PATH
+    try:
+        subprocess.run([executable, "--help"], check=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    except FileNotFoundError:
+        print(f"Error: {executable} not found. Please ensure it is installed and on your PATH.")
+        sys.exit(1)
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 969dec1 and 642a1c0.

📒 Files selected for processing (4)
  • Dockerfile (2 hunks)
  • airbyte_cdk/cli/source_declarative_manifest/__init__.py (1 hunks)
  • airbyte_cdk/cli/source_declarative_manifest/_sandboxed_run.py (1 hunks)
  • pyproject.toml (1 hunks)
🧰 Additional context used
🪛 GitHub Actions: Linters
airbyte_cdk/cli/source_declarative_manifest/_sandboxed_run.py

[error] 1-1: Ruff formatting check failed. 1 file would be reformatted. Run 'ruff format' to fix code style issues in this file.

⏰ Context from checks skipped due to timeout of 90000ms (9)
  • GitHub Check: Check: 'source-pokeapi' (skip=false)
  • GitHub Check: Check: 'source-amplitude' (skip=false)
  • GitHub Check: Check: 'source-shopify' (skip=false)
  • GitHub Check: Check: 'source-hardcoded-records' (skip=false)
  • GitHub Check: Pytest (Fast)
  • GitHub Check: Pytest (All, Python 3.11, Ubuntu)
  • GitHub Check: SDM Docker Image Build
  • GitHub Check: Pytest (All, Python 3.10, Ubuntu)
  • GitHub Check: Analyze (python)
🔇 Additional comments (5)
airbyte_cdk/cli/source_declarative_manifest/__init__.py (1)

2-2: LGTM! Properly exports the new sandboxed_run function

The changes correctly import and expose the new sandboxed_run function as part of the public API of this module, which aligns well with the PR objectives to implement sandboxed execution for the source-declarative-manifest connector.

Also applies to: 6-6

pyproject.toml (1)

114-114: LGTM! Script entry properly defined

The new script entry correctly maps the source-declarative-manifest-sandboxed command to the sandboxed_run function, making it available as a CLI command. This matches the PR objectives for providing a sandboxed execution option.

Dockerfile (3)

12-16: LGTM! Firejail installation looks good

The installation of Firejail is properly implemented with cleanup steps to minimize the image size. This is essential for the sandboxed execution feature.

24-24: Removed fallback for poetry install - intentional change?

I noticed that the fallback mechanism (|| true) was removed from the poetry install command. This makes the build more strict, which is generally good for reliability, but could potentially break builds that previously succeeded with warnings. Was this change intentional? wdyt?

43-44: LGTM! Entrypoint updated to use sandboxed execution

The entrypoint has been correctly updated to use the new sandboxed command, which aligns with the PR objectives.

@aaronsteers aaronsteers changed the title Feat: Firejail sandbox for source-declarative-manifest Feat: Firejail sandbox for source-declarative-manifest (do not merge) Mar 10, 2025
@aaronsteers aaronsteers marked this pull request as draft March 10, 2025 19:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aaronsteers @natikgadzhi