cellos-supervisor 0.5.1

CellOS execution-cell runner — boots cells in Firecracker microVMs or gVisor, enforces narrow typed authority, emits signed CloudEvents.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120

//! Supervisor exits non-zero when the cell command fails.

#[cfg(unix)]
mod unix {
    use std::fs::File;
    use std::io::Write;
    use std::path::{Path, PathBuf};
    use std::process::Command;

    fn supervisor_exe() -> PathBuf {
        if let Some(p) = std::env::var_os("CARGO_BIN_EXE_cellos_supervisor") {
            return PathBuf::from(p);
        }
        let root = Path::new(env!("CARGO_MANIFEST_DIR"))
            .parent()
            .and_then(|p| p.parent())
            .expect("cellos-supervisor crate under workspace root");
        let profile = std::env::var("PROFILE").unwrap_or_else(|_| "debug".into());
        root.join("target").join(profile).join("cellos-supervisor")
    }

    #[test]
    fn command_exits_nonzero_supervisor_fails() {
        let dir = tempfile::tempdir().expect("tempdir");
        let spec_path = dir.path().join("spec.json");
        // `false` always exits with code 1
        let json = r#"{"apiVersion":"cellos.io/v1","kind":"ExecutionCell","spec":{"id":"t-fail","authority":{"secretRefs":[]},"lifetime":{"ttlSeconds":60},"run":{
"secretDelivery": "env","argv":["false"]}}}"#;
        let mut f = File::create(&spec_path).expect("create spec");
        f.write_all(json.as_bytes()).expect("write spec");
        drop(f);

        let exe = supervisor_exe();
        assert!(
            exe.is_file(),
            "supervisor binary missing at {}",
            exe.display()
        );
        let status = Command::new(exe)
            .env("CELL_OS_USE_NOOP_SINK", "1")
            .env("CELLOS_CELL_BACKEND", "stub")
            .current_dir(env!("CARGO_MANIFEST_DIR"))
            .arg(&spec_path)
            .status()
            .expect("spawn cellos-supervisor");

        assert!(
            !status.success(),
            "supervisor should have failed but exited zero"
        );
    }

    #[test]
    fn env_broker_resolves_present_secret() {
        let dir = tempfile::tempdir().expect("tempdir");
        let spec_path = dir.path().join("spec.json");
        // spec references a secret key that we'll inject via env
        let json = r#"{"apiVersion":"cellos.io/v1","kind":"ExecutionCell","spec":{"id":"t-env-broker","authority":{"secretRefs":["MY_TOKEN"]},"lifetime":{"ttlSeconds":60}}}"#;
        let mut f = File::create(&spec_path).expect("create spec");
        f.write_all(json.as_bytes()).expect("write spec");
        drop(f);

        let exe = supervisor_exe();
        assert!(
            exe.is_file(),
            "supervisor binary missing at {}",
            exe.display()
        );

        let status = Command::new(exe)
            .env("CELL_OS_USE_NOOP_SINK", "1")
            .env("CELLOS_CELL_BACKEND", "stub")
            .env("CELLOS_BROKER", "env")
            .env("CELLOS_SECRET_MY_TOKEN", "tok-abc123")
            .env("CELLOS_DEPLOYMENT_PROFILE", "portable") // allow non-Linux test hosts
            .current_dir(env!("CARGO_MANIFEST_DIR"))
            .arg(&spec_path)
            .status()
            .expect("spawn cellos-supervisor");

        assert!(
            status.success(),
            "env broker should resolve MY_TOKEN: {status:?}"
        );
    }

    #[test]
    fn env_broker_missing_secret_supervisor_fails() {
        let dir = tempfile::tempdir().expect("tempdir");
        let spec_path = dir.path().join("spec.json");
        let json = r#"{"apiVersion":"cellos.io/v1","kind":"ExecutionCell","spec":{"id":"t-env-broker-missing","authority":{"secretRefs":["MISSING_XYZ_KEY"]},"lifetime":{"ttlSeconds":60}}}"#;
        let mut f = File::create(&spec_path).expect("create spec");
        f.write_all(json.as_bytes()).expect("write spec");
        drop(f);

        let exe = supervisor_exe();
        assert!(
            exe.is_file(),
            "supervisor binary missing at {}",
            exe.display()
        );

        // Do not set CELLOS_SECRET_MISSING_XYZ_KEY — broker should fail to resolve
        let status = Command::new(exe)
            .env("CELL_OS_USE_NOOP_SINK", "1")
            .env("CELLOS_CELL_BACKEND", "stub")
            .env("CELLOS_BROKER", "env")
            // explicitly unset in case it leaked from a prior test run
            .env_remove("CELLOS_SECRET_MISSING_XYZ_KEY")
            .current_dir(env!("CARGO_MANIFEST_DIR"))
            .arg(&spec_path)
            .status()
            .expect("spawn cellos-supervisor");

        assert!(
            !status.success(),
            "supervisor should fail when secret is missing: {status:?}"
        );
    }
}