tksadik92/wrenn-releases
1
0
Fork 0
forked from wrenn/wrenn
Code Pull Requests Activity

WIP: Add sandbox proxy catch-all to control plane

Browse Source 
Add SandboxProxyWrapper that intercepts requests with Host headers
matching {port}-{sandbox_id}.{domain} and proxies them through the
owning host agent's /proxy endpoint.

Authentication is via X-API-Key only (no JWT). The API key's team must
own the sandbox. Export EnsureScheme from lifecycle package for reuse.

Request flow: SDK -> Caddy -> CP catch-all -> Host Agent -> sandbox VM.

This is an intermediate state — needs further work for the full code
interpreter feature.
This commit is contained in:
Rafeed M. Bhuiyan
2026-03-26 02:12:10 +06:00
parent f4675ebfc0
commit 4be65b0abb
3 changed files with 158 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
cmd/control-plane/main.go
View File

@ -98,9 +98,14 @@ func main() {
sampler := api.NewMetricsSampler(queries, 10*time.Second)
sampler.Start(ctx)
// Wrap the API handler with the sandbox proxy so that requests with
// {port}-{sandbox_id}.{domain} Host headers are routed to the sandbox's
// host agent. All other requests pass through to the normal API router.
proxyWrapper := api.NewSandboxProxyWrapper(srv.Handler(), queries, hostPool)
httpServer := &http.Server{
Addr: cfg.ListenAddr,
Handler: srv.Handler(),
Handler: proxyWrapper,
}
// Graceful shutdown on signal.