stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-14 09:11:48 +02:00
parent 9ca2de05df
commit e9aeadc040
1512 changed files with 30863 additions and 4728 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
docs/features/checked/releaseorchestrator/multi-language-script-engine.md Normal file
View File

@@ -0,0 +1,35 @@
# Multi-Language Script Engine (6 Languages with Monaco Editor, Sandbox, Library Management, and Policy Evaluation)
## Module
ReleaseOrchestrator
## Status
VERIFIED
## Description
Polyglot script execution engine supporting C#, Python, Java, Go, Bash, and TypeScript with containerized isolation, resource limits, timeout enforcement, Monaco-based editor with language server protocol IntelliSense, security sandbox with network/filesystem/resource policies, dependency resolution with version pinning, policy-based script approval and signing, and runtime image management per language.
## Implementation Details
- **Modules**: `src/ReleaseOrchestrator/__Libraries/StellaOps.ReleaseOrchestrator.Scripts/`
- **Key Classes**:
- `ScriptExecutor` (`src/ReleaseOrchestrator/__Libraries/StellaOps.ReleaseOrchestrator.Scripts/Execution/ScriptExecutor.cs`) - executes scripts in containerized sandboxes with resource limits and timeout enforcement
- `ScriptLibraryManager` (`src/ReleaseOrchestrator/__Libraries/StellaOps.ReleaseOrchestrator.Scripts/Library/ScriptLibraryManager.cs`) - manages script libraries with dependency resolution and version pinning
- `RuntimeImageManager` (`src/ReleaseOrchestrator/__Libraries/StellaOps.ReleaseOrchestrator.Scripts/Runtime/RuntimeImageManager.cs`) - manages per-language runtime container images
- `ScriptPolicyEvaluator` (`src/ReleaseOrchestrator/__Libraries/StellaOps.ReleaseOrchestrator.Scripts/Policies/ScriptPolicyEvaluator.cs`) - evaluates policy-based script approval and signing rules
- **Interfaces**: `IScriptExecutor`, `IScriptLibraryManager`, `IRuntimeImageManager`, `IScriptPolicyEvaluator`
- **Source**: SPRINT_20260117_040_ReleaseOrchestrator_multi_language_scripts.md
## E2E Test Plan
- [ ] Execute a script in each supported language (C#, Python, Java, Go, Bash, TypeScript) via `ScriptExecutor` and verify output
- [ ] Verify containerized isolation: run a script that attempts filesystem access and verify it is blocked by the sandbox
- [ ] Verify resource limits: run a script that exceeds memory/CPU limits and verify it is terminated
- [ ] Verify timeout enforcement: run a long-running script and verify it is killed after timeout
- [ ] Add a library dependency via `ScriptLibraryManager` and verify version pinning in execution
- [ ] Verify `ScriptPolicyEvaluator` rejects an unapproved/unsigned script
- [ ] Verify `RuntimeImageManager` manages and pulls per-language container images
## Verification
- **Verified**: 2026-02-13T21:00:00Z
- **Method**: Tier 2d integration tests
- **Result**: PASS