Files
KiloStar/subprojects/stardomain/src/main.rs
T
zhaoxi 32bdbe77ff feat: 新增 stardomain 沙箱子项目脚手架(Docker + Rust 过滤层)
提供统一沙箱运行时,支持 local/sandbox 两种模式切换。Rust 层负责命令和代码的策略过滤,
Docker 层负责实际的进程隔离。包含三种预设策略:agent_exec / tool_run / untrusted。

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-06-04 10:07:30 +00:00

52 lines
1.4 KiB
Rust

/*
* Copyright 2026 zhaoxi826
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
use clap::{Parser, Subcommand};
#[derive(Parser)]
#[command(name = "stardomain", version, about = "KiloStar sandbox runtime")]
struct Cli {
#[command(subcommand)]
command: Commands,
}
#[derive(Subcommand)]
enum Commands {
/// Run a command inside the sandbox
Run {
/// Execution policy: agent_exec, tool_run, untrusted
#[arg(short, long, default_value = "agent_exec")]
policy: String,
/// Working directory inside sandbox
#[arg(short, long, default_value = "/tmp/stardomain_ws")]
workspace: String,
/// Timeout in seconds
#[arg(short, long, default_value_t = 30)]
timeout: u64,
/// The command to execute
#[arg(trailing_var_arg = true)]
cmd: Vec<String>,
},
}
fn main() {
let cli = Cli::parse();
match cli.command {
Commands::Run { policy, workspace, timeout, cmd } => {
println!("[stardomain] policy={policy}, workspace={workspace}, timeout={timeout}s");
println!("[stardomain] cmd: {:?}", cmd);
println!("[stardomain] (stub: execution not yet implemented)");
}
}
}