Skip to content

[008] Support attach socket and --stdin #11

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jankaluza wants to merge 3 commits into
base: main
Choose a base branch
from
Open

[008] Support attach socket and --stdin #11

jankaluza wants to merge 3 commits into from

Conversation

@jankaluza
Copy link
Member

@jankaluza jankaluza commented Nov 11, 2025

This commits does the following:

  • Adds new UnixSocket struct to create new Unix socket, bind it to
    local directory and accept new connections.
  • Adds new RemoteSocket struct representing the UnixSocket clients.
  • Creates attach UnixSocket in the RuntimeSession.
  • Handles the attach socket in the the handle_stdio - accepting new
    clients and handling their RemoteSockets.
  • Handles the --stdin option by creating the stdin pipe for a container
    and sending data to it when available.

Signed-off-by: Jan Kaluza [email protected]

@jankaluza jankaluza changed the title Support attach socket and --stdin [008] Support attach socket and --stdin Nov 11, 2025
@gemini-code-assist
Copy link

gemini-code-assist bot commented Nov 11, 2025

Summary of Changes

Hello @jankaluza, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances Conmon's capabilities by integrating robust Unix domain socket support for container attachment and standard input handling. It involves a substantial refactoring of the command-line interface and internal command execution logic, introducing new abstractions for runtime argument generation and session management. Additionally, a file-based logging mechanism has been added, providing more flexible output management for container processes.

Highlights

  • Unix Socket Support: Introduced new UnixSocket and RemoteSocket structs to manage Unix domain sockets, enabling attach functionality for containers. This includes binding sockets, accepting connections, and handling client communication.
  • Stdin Handling: Added support for the --stdin option, allowing data to be piped directly into a container's standard input via the newly implemented Unix sockets.
  • Command Refactoring: The run command has been replaced with create, and the command-line argument parsing (cli) and command execution (commands) modules have undergone significant refactoring to accommodate new configurations and a more structured approach to generating runtime arguments.
  • Runtime Session Management: A new RuntimeSession struct now encapsulates the lifecycle of a runtime process, handling its spawning, stdio redirection, synchronization pipes, PID file writing, and exit code reporting.
  • File-based Logging: Implemented a FileLogger plugin, allowing container output (stdout/stderr) to be written to specified log files, enhancing logging flexibility.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Nov 11, 2025
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces significant new functionality for handling container attach and stdin via Unix sockets. The refactoring of the command structure from run to create is a good clarification of intent. The introduction of RuntimeSession and RuntimeProcess provides a solid foundation for managing the OCI runtime lifecycle. The code is generally well-structured, with good separation of concerns. I've identified a few issues, including a critical bug in the restore command's argument generation, potential mishandling of multiple log paths, and some areas where robustness and safety could be improved. My detailed comments and suggestions are below.

@jankaluza jankaluza force-pushed the attach branch 4 times, most recently from 40340b5 to 26daba0 Compare November 18, 2025 11:43
@jankaluza jankaluza mentioned this pull request Nov 18, 2025
Merged
@jankaluza jankaluza force-pushed the attach branch 2 times, most recently from d025100 to 21dd7ff Compare November 18, 2025 13:07
@jankaluza
Support for basic runtime exec command
78203e9 
This commit does the following:
- Moves the code to run the `runtime` process from `run.rs` to
  `process.rs` into the `RuntimeProcess` struct.
- Moves the common code shared between `create` and `exec` commands to
  `session.rs` into the `RuntimeSession` struct.
- The `RuntimeSession` uses the `RuntimeProcess` in high-level way.
- The basic `exec.rs` is implemented using `RuntimeSession`.
- The exit code is now passed from the commands to the `main` and
  returned there.

Signed-off-by: Jan Kaluza <[email protected]>
@jankaluza
Support for _OCI_ATTACHPIPE and _OCI_STARTPIPE
84556ba 
This commit does the following:
- Handles the `--exec-attach` option.
- Handles the _OCI_ATTACHPIPE and _OCI_STARTPIPE.

It is tested by the conmon-v2 tests run as part of `make test`.

Signed-off-by: Jan Kaluza <[email protected]>
@jankaluza jankaluza force-pushed the attach branch 2 times, most recently from 9452a11 to 92f8aac Compare November 20, 2025 09:30
@jankaluza
Support attach socket and --stdin
e0834ed 
This commits does the following:
- Adds new `UnixSocket` struct to create new Unix socket, bind it to
  local directory and accept new connections.
- Adds new `RemoteSocket` struct representing the UnixSocket clients.
- Creates `attach` UnixSocket in the `RuntimeSession`.
- Handles the `attach` socket in the the `handle_stdio` - accepting new
  clients and handling their RemoteSockets.
- Handles the `--stdin` option by creating the stdin pipe for a container
  and sending data to it when available.
- Disables #![allow(clippy::collapsible_if)] lint globally. The Rust
  version in CI does not support collapsible ifs with `let =` expressions.

Signed-off-by: Jan Kaluza <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jankaluza