build: integrate OpenSandbox as Agent Execution Sandbox

.github/workflows/preview-docs-build.yml

@@ -5,18 +5,9 @@ on:
     paths:
       - 'document/**'
     types: [opened, synchronize, reopened]
-  pull_request_target:
-    paths:
-      - 'document/**'
-    types: [opened, synchronize, reopened]
 
 jobs:
   build-docs-image:
-    # 内部和外部贡献者都可以触发构建
-    if: |
-      (github.event_name == 'pull_request') ||
-      (github.event_name == 'pull_request_target')
-
     permissions:
       contents: read
       pull-requests: write
@@ -26,20 +17,11 @@ jobs:
     steps:
       - name: Checkout PR code
         uses: actions/checkout@v4
-        with:
-          # 对于 pull_request_target，检出 PR 的代码
-          ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
 
       - name: Get current datetime
         id: datetime
         run: echo "datetime=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT
 
-      - name: Save PR metadata
-        run: |
-          mkdir -p /tmp/pr-metadata
-          echo "${{ github.event.pull_request.number }}" > /tmp/pr-metadata/pr-number.txt
-          echo "${{ github.event.pull_request.head.sha }}" > /tmp/pr-metadata/pr-sha.txt
-
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
@@ -64,21 +46,21 @@ jobs:
           path: /tmp/fastgpt-docs-${{ steps.datetime.outputs.datetime }}.tar
           retention-days: 1
 
-      - name: Upload PR metadata
-        uses: actions/upload-artifact@v4
-        with:
-          name: pr-metadata-docs-${{ steps.datetime.outputs.datetime }}
-          path: /tmp/pr-metadata/
-          retention-days: 1
+    outputs:
+      datetime: ${{ steps.datetime.outputs.datetime }}
 
   call-push-workflow:
     needs: build-docs-image
+    permissions:
+      contents: read
+      packages: write
+      attestations: write
+      id-token: write
+      pull-requests: write
+      issues: write
     uses: ./.github/workflows/preview-docs-push.yml
     secrets: inherit
     with:
-      pr_number: ${{ github.event.pull_request.number }}
+      pr_number: ${{ format('{0}', github.event.pull_request.number) }}
       datetime: ${{ needs.build-docs-image.outputs.datetime }}
-      run_id: ${{ github.run_id }}
-
-    outputs:
-      datetime: ${{ steps.datetime.outputs.datetime }}
+      run_id: ${{ format('{0}', github.run_id) }}

.github/workflows/preview-docs-push.yml

@@ -26,14 +26,6 @@ jobs:
     runs-on: ubuntu-24.04
 
     steps:
-      - name: Download PR metadata
-        uses: actions/download-artifact@v4
-        with:
-          name: pr-metadata-docs-${{ inputs.datetime }}
-          path: /tmp/pr-metadata/
-          run-id: ${{ inputs.run_id }}
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-
       - name: Read PR information
         id: pr
         run: |

.github/workflows/preview-fastgpt-build.yml

@@ -2,19 +2,10 @@ name: Preview fastgpt build
 
 on:
   pull_request:
-    # 支持所有分支
-    types: [opened, synchronize, reopened]
-  pull_request_target:
-    # 外部贡献者也支持自动构建
     types: [opened, synchronize, reopened]
 
 jobs:
   build-preview-images:
-    # 内部和外部贡献者都可以触发构建
-    if: |
-      (github.event_name == 'pull_request') ||
-      (github.event_name == 'pull_request_target')
-
     permissions:
       contents: read
       pull-requests: write
@@ -29,16 +20,8 @@ jobs:
       - name: Checkout PR code
         uses: actions/checkout@v4
         with:
-          # 对于 pull_request_target，检出 PR 的代码
-          ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }}
           fetch-depth: 0
 
-      - name: Save PR metadata
-        run: |
-          mkdir -p /tmp/pr-metadata
-          echo "${{ github.event.pull_request.number }}" > /tmp/pr-metadata/pr-number.txt
-          echo "${{ github.event.pull_request.head.sha }}" > /tmp/pr-metadata/pr-sha.txt
-
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
         with:
@@ -95,23 +78,23 @@ jobs:
           path: /tmp/${{ steps.config.outputs.IMAGE_NAME }}-${{ github.sha }}.tar
           retention-days: 1
 
-      - name: Upload PR metadata
-        uses: actions/upload-artifact@v4
-        with:
-          name: pr-metadata-${{ matrix.image }}-${{ github.sha }}
-          path: /tmp/pr-metadata/
-          retention-days: 1
-
   call-push-workflow:
     needs: build-preview-images
     strategy:
       matrix:
         image: [fastgpt, sandbox, mcp_server]
       fail-fast: false
+    permissions:
+      contents: read
+      packages: write
+      attestations: write
+      id-token: write
+      pull-requests: write
+      issues: write
     uses: ./.github/workflows/preview-fastgpt-push.yml
     secrets: inherit
     with:
-      pr_number: ${{ github.event.pull_request.number }}
+      pr_number: ${{ format('{0}', github.event.pull_request.number) }}
       pr_sha: ${{ github.sha }}
-      run_id: ${{ github.run_id }}
+      run_id: ${{ format('{0}', github.run_id) }}
       image: ${{ matrix.image }}

.github/workflows/preview-fastgpt-push.yml

@@ -16,15 +16,16 @@ on:
         required: true
         type: string
 
+permissions:
+  contents: read
+  packages: write
+  attestations: write
+  id-token: write
+  pull-requests: write
+  issues: write
+
 jobs:
   push-preview-images:
-    permissions:
-      contents: read
-      packages: write
-      attestations: write
-      id-token: write
-      pull-requests: write
-      issues: write # Required for issue-comment (PR comments use Issues API)
 
     runs-on: ubuntu-24.04
 

deploy/args.json

@@ -14,7 +14,10 @@
     "milvus-etcd": "v3.5.5",
     "milvus-standalone": "v2.4.3",
     "oceanbase": "4.3.5-lts",
-    "seekdb": "1.0.1.0-100000392025122619"
+    "seekdb": "1.0.1.0-100000392025122619",
+    "opensandbox-server": "v0.1.7",
+    "opensandbox-execd": "v1.0.7",
+    "opensandbox-egress": "v1.0.1"
   },
   "images": {
     "cn": {
@@ -32,7 +35,10 @@
       "milvus-etcd": "quay.io/coreos/etcd",
       "milvus-standalone": "milvusdb/milvus",
       "oceanbase": "oceanbase/oceanbase-ce",
-      "seekdb": "oceanbase/seekdb"
+      "seekdb": "oceanbase/seekdb",
+      "opensandbox-server": "sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/server",
+      "opensandbox-execd": "sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/execd",
+      "opensandbox-egress": "sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/egress"
     },
     "global": {
       "fastgpt": "ghcr.io/labring/fastgpt",
@@ -49,7 +55,10 @@
       "milvus-etcd": "quay.io/coreos/etcd",
       "milvus-standalone": "milvusdb/milvus",
       "oceanbase": "oceanbase/oceanbase-ce",
-      "seekdb": "oceanbase/seekdb"
+      "seekdb": "oceanbase/seekdb",
+      "opensandbox-server": "opensandbox/server",
+      "opensandbox-execd": "opensandbox/execd",
+      "opensandbox-egress": "opensandbox/egress"
     }
   }
 }

deploy/docker/cn/docker-compose.milvus.yml

@@ -183,17 +183,41 @@ services:
       timeout: 20s
       retries: 3
 
+  opensandbox-server:
+    image: sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/server:v0.1.7
+    container_name: opensandbox-server
+    restart: always
+    networks:
+      - fastgpt
+    extra_hosts:
+      - 'host.docker.internal:host-gateway' # Enable access to host machine
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    configs:
+      - source: opensandbox-config
+        target: /etc/opensandbox/config.toml
+    environment:
+      - SANDBOX_CONFIG_PATH=/etc/opensandbox/config.toml
+    healthcheck:
+      test: ['CMD', 'curl', '-f', 'http://localhost:8090/health']
+      interval: 10s
+      timeout: 5s
+      retries: 5
+
   fastgpt:
     container_name: fastgpt
     image: registry.cn-hangzhou.aliyuncs.com/fastgpt/fastgpt:v4.14.8 # git
     ports:
       - 3000:3000
     networks:
       - fastgpt
+    extra_hosts:
+      - 'host.docker.internal:host-gateway' # Enable access to host machine
     depends_on:
       - mongo
       - sandbox
       - vectorDB
+      - opensandbox-server
     restart: always
     environment:
       <<: [*x-share-db-config, *x-vec-config, *x-log-config]
@@ -215,6 +239,8 @@ services:
       PLUGIN_TOKEN: *x-plugin-auth-token
       # sandbox 地址
       CODE_SANDBOX_URL: http://sandbox:3000
+      # opensandbox server 地址
+      OPENSANDBOX_SERVER_URL: http://opensandbox-server:8090
       # AI Proxy 的地址，如果配了该地址，优先使用
       AIPROXY_API_ENDPOINT: http://aiproxy:3000
       # AI Proxy 的 Admin Token，与 AI Proxy 中的环境变量 ADMIN_KEY
@@ -335,3 +361,28 @@ networks:
   aiproxy:
   vector:
 
+configs:
+  # opensandbox config
+  opensandbox-config:
+    content: |
+      [server]
+      host = "0.0.0.0"
+      port = 8090
+      log_level = "INFO"
+
+      [runtime]
+      type = "docker"
+      execd_image = "sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/execd:v1.0.7"
+
+      [egress]
+      image = "sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/egress:v1.0.1"
+
+      [docker]
+      network_mode = "bridge"
+      host_ip = "host.docker.internal"
+      drop_capabilities = ["AUDIT_WRITE", "MKNOD", "NET_ADMIN", "NET_RAW", "SYS_ADMIN", "SYS_MODULE", "SYS_PTRACE", "SYS_TIME", "SYS_TTY_CONFIG"]
+      no_new_privileges = true
+      pids_limit = 512
+
+      [ingress]
+      mode = "direct"

deploy/docker/cn/docker-compose.oceanbase.yml

@@ -160,17 +160,41 @@ services:
       timeout: 20s
       retries: 3
 
+  opensandbox-server:
+    image: sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/server:v0.1.7
+    container_name: opensandbox-server
+    restart: always
+    networks:
+      - fastgpt
+    extra_hosts:
+      - 'host.docker.internal:host-gateway' # Enable access to host machine
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    configs:
+      - source: opensandbox-config
+        target: /etc/opensandbox/config.toml
+    environment:
+      - SANDBOX_CONFIG_PATH=/etc/opensandbox/config.toml
+    healthcheck:
+      test: ['CMD', 'curl', '-f', 'http://localhost:8090/health']
+      interval: 10s
+      timeout: 5s
+      retries: 5
+
   fastgpt:
     container_name: fastgpt
     image: registry.cn-hangzhou.aliyuncs.com/fastgpt/fastgpt:v4.14.8 # git
     ports:
       - 3000:3000
     networks:
       - fastgpt
+    extra_hosts:
+      - 'host.docker.internal:host-gateway' # Enable access to host machine
     depends_on:
       - mongo
       - sandbox
       - vectorDB
+      - opensandbox-server
     restart: always
     environment:
       <<: [*x-share-db-config, *x-vec-config, *x-log-config]
@@ -192,6 +216,8 @@ services:
       PLUGIN_TOKEN: *x-plugin-auth-token
       # sandbox 地址
       CODE_SANDBOX_URL: http://sandbox:3000
+      # opensandbox server 地址
+      OPENSANDBOX_SERVER_URL: http://opensandbox-server:8090
       # AI Proxy 的地址，如果配了该地址，优先使用
       AIPROXY_API_ENDPOINT: http://aiproxy:3000
       # AI Proxy 的 Admin Token，与 AI Proxy 中的环境变量 ADMIN_KEY
@@ -316,4 +342,28 @@ configs:
     name: init_sql
     content: |
       ALTER SYSTEM SET ob_vector_memory_limit_percentage = 30;
-
+  # opensandbox config
+  opensandbox-config:
+    content: |
+      [server]
+      host = "0.0.0.0"
+      port = 8090
+      log_level = "INFO"
+
+      [runtime]
+      type = "docker"
+      execd_image = "sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/execd:v1.0.7"
+
+      [egress]
+      image = "sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/egress:v1.0.1"
+
+      [docker]
+      network_mode = "bridge"
+      host_ip = "host.docker.internal"
+      drop_capabilities = ["AUDIT_WRITE", "MKNOD", "NET_ADMIN", "NET_RAW", "SYS_ADMIN", "SYS_MODULE", "SYS_PTRACE", "SYS_TIME", "SYS_TTY_CONFIG"]
+      no_new_privileges = true
+      pids_limit = 512
+
+      [ingress]
+      mode = "direct"
+