dexorder/ai
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sandbox connected and streaming

Browse Source
This commit is contained in:
Tim Olson
2026-03-30 23:29:03 -04:00
parent c3a8fae132
commit 998f69fa1a
130 changed files with 7416 additions and 2123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
deploy/k8s/base/lifecycle-sidecar-rbac.yaml
View File

@@ -1,30 +1,30 @@
# RBAC for lifecycle sidecar - allows self-deletion only
# Each agent pod gets this ServiceAccount and can only delete its own deployment
# Each sandbox pod gets this ServiceAccount and can only delete its own deployment
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: agent-lifecycle
namespace: dexorder-agents
name: sandbox-lifecycle
namespace: dexorder-sandboxes
---
# Role allowing deletion of deployments and PVCs
# This is scoped to the dexorder-agents namespace
# This is scoped to the dexorder-sandboxes namespace
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: agent-self-delete
namespace: dexorder-agents
name: sandbox-self-delete
namespace: dexorder-sandboxes
rules:
# Allow getting and deleting deployments
- apiGroups: ["apps"]
resources: ["deployments"]
verbs: ["get", "delete"]
# Allow getting and deleting PVCs (for anonymous users)
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "delete"]
# Read-only access to pods (for status checking)
- apiGroups: [""]
resources: ["pods"]
@@ -33,15 +33,15 @@ rules:
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: agent-self-delete
namespace: dexorder-agents
name: sandbox-self-delete
namespace: dexorder-sandboxes
subjects:
- kind: ServiceAccount
name: agent-lifecycle
namespace: dexorder-agents
name: sandbox-lifecycle
namespace: dexorder-sandboxes
roleRef:
kind: Role
name: agent-self-delete
name: sandbox-self-delete
apiGroup: rbac.authorization.k8s.io
---
# Additional security: ValidatingWebhookConfiguration to restrict deletion
@@ -49,5 +49,5 @@ roleRef:
# Requires a validating webhook server (can be added later)
# For now, we rely on:
# 1. Sidecar only knowing its own deployment name (from env)
# 2. RBAC limiting to dexorder-agents namespace
# 2. RBAC limiting to dexorder-sandboxes namespace
# 3. Admission policy restricting deployment creation (already defined)