185 lines
6.8 KiB
Python
185 lines
6.8 KiB
Python
"""Modal cloud execution environment wrapping mini-swe-agent's SwerexModalEnvironment.
|
|
|
|
Supports persistent filesystem snapshots: when enabled, the sandbox's filesystem
|
|
is snapshotted on cleanup and restored on next creation, so installed packages,
|
|
project files, and config changes survive across sessions.
|
|
"""
|
|
|
|
import json
|
|
import logging
|
|
import threading
|
|
import time
|
|
import uuid
|
|
from pathlib import Path
|
|
from typing import Any, Dict, Optional
|
|
|
|
from tools.environments.base import BaseEnvironment
|
|
from tools.interrupt import is_interrupted
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
_SNAPSHOT_STORE = Path.home() / ".hermes" / "modal_snapshots.json"
|
|
|
|
|
|
def _load_snapshots() -> Dict[str, str]:
|
|
"""Load snapshot ID mapping from disk."""
|
|
if _SNAPSHOT_STORE.exists():
|
|
try:
|
|
return json.loads(_SNAPSHOT_STORE.read_text())
|
|
except Exception:
|
|
pass
|
|
return {}
|
|
|
|
|
|
def _save_snapshots(data: Dict[str, str]) -> None:
|
|
"""Persist snapshot ID mapping to disk."""
|
|
_SNAPSHOT_STORE.parent.mkdir(parents=True, exist_ok=True)
|
|
_SNAPSHOT_STORE.write_text(json.dumps(data, indent=2))
|
|
|
|
|
|
class ModalEnvironment(BaseEnvironment):
|
|
"""Modal cloud execution via mini-swe-agent.
|
|
|
|
Wraps SwerexModalEnvironment and adds sudo -S support, configurable
|
|
resources (CPU, memory, disk), and optional filesystem persistence
|
|
via Modal's snapshot_filesystem() API.
|
|
"""
|
|
|
|
_patches_applied = False
|
|
|
|
def __init__(
|
|
self,
|
|
image: str,
|
|
cwd: str = "~",
|
|
timeout: int = 60,
|
|
modal_sandbox_kwargs: Optional[Dict[str, Any]] = None,
|
|
persistent_filesystem: bool = True,
|
|
task_id: str = "default",
|
|
):
|
|
super().__init__(cwd=cwd, timeout=timeout)
|
|
|
|
if not ModalEnvironment._patches_applied:
|
|
try:
|
|
from environments.patches import apply_patches
|
|
apply_patches()
|
|
except ImportError:
|
|
pass
|
|
ModalEnvironment._patches_applied = True
|
|
|
|
self._persistent = persistent_filesystem
|
|
self._task_id = task_id
|
|
self._base_image = image
|
|
|
|
sandbox_kwargs = dict(modal_sandbox_kwargs or {})
|
|
|
|
# If persistent, try to restore from a previous snapshot
|
|
restored_image = None
|
|
if self._persistent:
|
|
snapshot_id = _load_snapshots().get(self._task_id)
|
|
if snapshot_id:
|
|
try:
|
|
import modal
|
|
restored_image = modal.Image.from_id(snapshot_id)
|
|
logger.info("Modal: restoring from snapshot %s", snapshot_id[:20])
|
|
except Exception as e:
|
|
logger.warning("Modal: failed to restore snapshot, using base image: %s", e)
|
|
restored_image = None
|
|
|
|
effective_image = restored_image if restored_image else image
|
|
|
|
from minisweagent.environments.extra.swerex_modal import SwerexModalEnvironment
|
|
self._inner = SwerexModalEnvironment(
|
|
image=effective_image,
|
|
cwd=cwd,
|
|
timeout=timeout,
|
|
startup_timeout=180.0,
|
|
runtime_timeout=3600.0,
|
|
modal_sandbox_kwargs=sandbox_kwargs,
|
|
)
|
|
|
|
def execute(self, command: str, cwd: str = "", *,
|
|
timeout: int | None = None,
|
|
stdin_data: str | None = None) -> dict:
|
|
if stdin_data is not None:
|
|
marker = f"HERMES_EOF_{uuid.uuid4().hex[:8]}"
|
|
while marker in stdin_data:
|
|
marker = f"HERMES_EOF_{uuid.uuid4().hex[:8]}"
|
|
command = f"{command} << '{marker}'\n{stdin_data}\n{marker}"
|
|
|
|
exec_command, sudo_stdin = self._prepare_command(command)
|
|
|
|
# Modal sandboxes execute commands via the Modal SDK and cannot pipe
|
|
# subprocess stdin directly the way a local Popen can. When a sudo
|
|
# password is present, use a shell-level pipe from printf so that the
|
|
# password feeds sudo -S without appearing as an echo argument embedded
|
|
# in the shell string. The password is still visible in the remote
|
|
# sandbox's command line, but it is not exposed on the user's local
|
|
# machine — which is the primary threat being mitigated.
|
|
if sudo_stdin is not None:
|
|
import shlex
|
|
exec_command = (
|
|
f"printf '%s\\n' {shlex.quote(sudo_stdin.rstrip())} | {exec_command}"
|
|
)
|
|
|
|
# Run in a background thread so we can poll for interrupts
|
|
result_holder = {"value": None, "error": None}
|
|
|
|
def _run():
|
|
try:
|
|
result_holder["value"] = self._inner.execute(exec_command, cwd=cwd, timeout=timeout)
|
|
except Exception as e:
|
|
result_holder["error"] = e
|
|
|
|
t = threading.Thread(target=_run, daemon=True)
|
|
t.start()
|
|
while t.is_alive():
|
|
t.join(timeout=0.2)
|
|
if is_interrupted():
|
|
try:
|
|
self._inner.stop()
|
|
except Exception:
|
|
pass
|
|
return {
|
|
"output": "[Command interrupted - Modal sandbox terminated]",
|
|
"returncode": 130,
|
|
}
|
|
|
|
if result_holder["error"]:
|
|
return {"output": f"Modal execution error: {result_holder['error']}", "returncode": 1}
|
|
return result_holder["value"]
|
|
|
|
def cleanup(self):
|
|
"""Snapshot the filesystem (if persistent) then stop the sandbox."""
|
|
# Check if _inner was ever set (init may have failed)
|
|
if not hasattr(self, '_inner') or self._inner is None:
|
|
return
|
|
|
|
if self._persistent:
|
|
try:
|
|
sandbox = getattr(self._inner, 'deployment', None)
|
|
sandbox = getattr(sandbox, '_sandbox', None) if sandbox else None
|
|
if sandbox:
|
|
import asyncio
|
|
async def _snapshot():
|
|
img = await sandbox.snapshot_filesystem.aio()
|
|
return img.object_id
|
|
try:
|
|
snapshot_id = asyncio.run(_snapshot())
|
|
except RuntimeError:
|
|
import concurrent.futures
|
|
with concurrent.futures.ThreadPoolExecutor(max_workers=1) as pool:
|
|
snapshot_id = pool.submit(
|
|
asyncio.run, _snapshot()
|
|
).result(timeout=60)
|
|
|
|
snapshots = _load_snapshots()
|
|
snapshots[self._task_id] = snapshot_id
|
|
_save_snapshots(snapshots)
|
|
logger.info("Modal: saved filesystem snapshot %s for task %s",
|
|
snapshot_id[:20], self._task_id)
|
|
except Exception as e:
|
|
logger.warning("Modal: filesystem snapshot failed: %s", e)
|
|
|
|
if hasattr(self._inner, 'stop'):
|
|
self._inner.stop()
|