Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Changing the build process #26

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 73 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
# Makefile to install dependencies and build the project for amd64 and arm64 architectures

.PHONY: all install clean build_amd64 build_arm64

all: install detect-arch

install: detect-distro

detect-distro:
@if [ -f /etc/debian_version ]; then \
$(MAKE) install_ubuntu; \
elif [ -f /etc/fedora-release ]; then \
$(MAKE) install_fedora; \
elif [ -f /etc/arch-release ]; then \
$(MAKE) install_arch; \
elif [ -f /etc/alpine-release ]; then \
$(MAKE) install_alpine; \
elif [ -f /etc/centos-release ]; then \
$(MAKE) install_centos; \
else \
$(MAKE) unsupported; \
fi

install_ubuntu:
sudo apt-get install -y pkg-config gcc libseccomp-dev

install_fedora:
sudo dnf install -y pkgconfig gcc libseccomp-devel

install_arch:
sudo pacman -S --noconfirm pkg-config gcc libseccomp

install_alpine:
sudo apk add pkgconfig gcc libseccomp-dev

install_centos:
sudo yum install -y pkgconfig gcc libseccomp-devel

unsupported:
@echo "Unsupported distribution"
@exit 1

detect-arch:
@if [ "$$(uname -m)" = "x86_64" ]; then \
$(MAKE) build_amd64; \
elif [ "$$(uname -m)" = "aarch64" ]; then \
$(MAKE) build_arm64; \
else \
@echo "Unsupported architecture"; \
@exit 1; \
fi

clean:
rm -f internal/core/runner/python/python.so
rm -f internal/core/runner/nodejs/nodejs.so
rm -f /tmp/sandbox-python/python.so
rm -f /tmp/sandbox-nodejs/nodejs.so

build_amd64: clean
@echo "Building Python lib for amd64"
CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build -o internal/core/runner/python/python.so -buildmode=c-shared -ldflags="-s -w" cmd/lib/python/main.go
@echo "Building Nodejs lib for amd64"
CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build -o internal/core/runner/nodejs/nodejs.so -buildmode=c-shared -ldflags="-s -w" cmd/lib/nodejs/main.go
@echo "Building main for amd64"
GOOS=linux GOARCH=amd64 go build -o main -ldflags="-s -w" cmd/server/main.go

build_arm64: clean
@echo "Building Python lib for arm64"
CGO_ENABLED=1 GOOS=linux GOARCH=arm64 go build -o internal/core/runner/python/python.so -buildmode=c-shared -ldflags="-s -w" cmd/lib/python/main.go
@echo "Building Nodejs lib for arm64"
CGO_ENABLED=1 GOOS=linux GOARCH=arm64 go build -o internal/core/runner/nodejs/nodejs.so -buildmode=c-shared -ldflags="-s -w" cmd/lib/nodejs/main.go
@echo "Building main for arm64"
GOOS=linux GOARCH=arm64 go build -o main -ldflags="-s -w" cmd/server/main.go
14 changes: 9 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,24 +1,28 @@
# Dify-Sandbox

## Introduction

Dify-Sandbox offers a simple way to run untrusted code in a secure environment. It is designed to be used in a multi-tenant environment, where multiple users can submit code to be executed. The code is executed in a sandboxed environment, which restricts the resources and system calls that the code can access.

## Use

### Requirements

DifySandbox currently only supports Linux, as it's designed for docker containers. It requires the following dependencies:

- libseccomp
- pkg-config
- gcc
- golang 1.20.6

### Steps

1. Clone the repository using `git clone https://github.com/langgenius/dify-sandbox` and navigate to the project directory.
2. Run ./install.sh to install the necessary dependencies.
3. Run ./build/build_[amd64|arm64].sh to build the sandbox binary.
4. Run ./main to start the server.
2. Run `make` to build the sandbox library binaries.
3. Run `./main` to start the server.

If you want to debug the server, firstly use build script to build the sandbox library binaries, then debug as you want with your IDE.


## FAQ

Refer to the [FAQ document](FAQ.md)
Refer to the [FAQ document](FAQ.md)