stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

semi implemented and features implemented save checkpoint

Browse Source
This commit is contained in:
master
2026-02-08 18:00:49 +02:00
parent 04360dff63
commit 1bf6bbf395
20895 changed files with 716795 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
docs/features/unchecked/releaseorchestrator/multi-language-script-engine.md Normal file
View File

@@ -0,0 +1,29 @@
# Multi-Language Script Engine (6 Languages with Monaco Editor, Sandbox, Library Management, and Policy Evaluation)
## Module
ReleaseOrchestrator
## Status
IMPLEMENTED
## Description
Polyglot script execution engine supporting C#, Python, Java, Go, Bash, and TypeScript with containerized isolation, resource limits, timeout enforcement, Monaco-based editor with language server protocol IntelliSense, security sandbox with network/filesystem/resource policies, dependency resolution with version pinning, policy-based script approval and signing, and runtime image management per language.
## Implementation Details
- **Modules**: `src/ReleaseOrchestrator/__Libraries/StellaOps.ReleaseOrchestrator.Scripts/`
- **Key Classes**:
- `ScriptExecutor` (`src/ReleaseOrchestrator/__Libraries/StellaOps.ReleaseOrchestrator.Scripts/Execution/ScriptExecutor.cs`) - executes scripts in containerized sandboxes with resource limits and timeout enforcement
- `ScriptLibraryManager` (`src/ReleaseOrchestrator/__Libraries/StellaOps.ReleaseOrchestrator.Scripts/Library/ScriptLibraryManager.cs`) - manages script libraries with dependency resolution and version pinning
- `RuntimeImageManager` (`src/ReleaseOrchestrator/__Libraries/StellaOps.ReleaseOrchestrator.Scripts/Runtime/RuntimeImageManager.cs`) - manages per-language runtime container images
- `ScriptPolicyEvaluator` (`src/ReleaseOrchestrator/__Libraries/StellaOps.ReleaseOrchestrator.Scripts/Policies/ScriptPolicyEvaluator.cs`) - evaluates policy-based script approval and signing rules
- **Interfaces**: `IScriptExecutor`, `IScriptLibraryManager`, `IRuntimeImageManager`, `IScriptPolicyEvaluator`
- **Source**: SPRINT_20260117_040_ReleaseOrchestrator_multi_language_scripts.md
## E2E Test Plan
- [ ] Execute a script in each supported language (C#, Python, Java, Go, Bash, TypeScript) via `ScriptExecutor` and verify output
- [ ] Verify containerized isolation: run a script that attempts filesystem access and verify it is blocked by the sandbox
- [ ] Verify resource limits: run a script that exceeds memory/CPU limits and verify it is terminated
- [ ] Verify timeout enforcement: run a long-running script and verify it is killed after timeout
- [ ] Add a library dependency via `ScriptLibraryManager` and verify version pinning in execution
- [ ] Verify `ScriptPolicyEvaluator` rejects an unapproved/unsigned script
- [ ] Verify `RuntimeImageManager` manages and pulls per-language container images