Skip to content

Expose explicit sandbox backend modes#206

Merged
seanwevans merged 1 commit into
mainfrom
codex/split-execution-modes-in-api
May 13, 2026
Merged

Expose explicit sandbox backend modes#206
seanwevans merged 1 commit into
mainfrom
codex/split-execution-modes-in-api

Conversation

@seanwevans
Copy link
Copy Markdown
Owner

@seanwevans seanwevans commented May 13, 2026

Motivation

  • Make the isolation backend an explicit API choice so callers cannot confuse an execution cell (subinterpreter) with stronger OS-level boundaries (process / microvm).
  • Fail closed for boundary modes that are not yet implemented so callers can opt into explicit blast-radius semantics without silently changing behavior.

Description

  • Add a BackendMode type and constants DEFAULT_BACKEND, SUPPORTED_BACKENDS, and IMPLEMENTED_BACKENDS and validation helpers _normalize_backend and _require_implemented_backend in pyisolate/supervisor.py.
  • Thread a backend: BackendMode parameter through the public Supervisor.spawn(...) and module-level spawn(...) helpers, pre-validating and fail-closing on unimplemented backends, and store the chosen backend on the sandbox thread as ._backend with a Sandbox.backend property accessor.
  • Wire backend through high-level helpers by adding a backend parameter to the @sandbox(...) decorator and to Pipeline.add_stage(...) and use the value when spawning stages in pyisolate/sdk.py.
  • Export the backend symbols from the package pyisolate (pyisolate/__init__.py) and update the docs (README.md, API.md, docs/execution-model.md) to clearly distinguish backend="subinterpreter", backend="process", and backend="microvm" and to note that only subinterpreter is implemented in this build.
  • Add unit tests in tests/test_supervisor.py that assert backend="subinterpreter" is selectable, that process / microvm fail closed with NotImplementedError, and that unknown backend values raise ValueError.

Testing

  • Ran type/compile checks with python -m py_compile pyisolate/supervisor.py pyisolate/sdk.py pyisolate/__init__.py, which succeeded.
  • Applied formatting with black on the modified files, which completed successfully.
  • Ran targeted unit tests: pytest tests/test_supervisor.py and pytest tests/test_sdk.py tests/test_supervisor.py, and those test runs passed (all tests in those runs succeeded).
  • Ran the full test suite (pytest) and observed many unrelated failures caused by an existing test stub altering the BPFManager.load signature during metrics tests; these failures are not caused by the backend plumbing and indicate a separate test-environment stub interaction that must be addressed independently.

Codex Task

@seanwevans seanwevans merged commit 4e3066a into main May 13, 2026
9 of 19 checks passed
@seanwevans seanwevans deleted the codex/split-execution-modes-in-api branch May 13, 2026 13:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@seanwevans