74 lines
1.7 KiB
Bash
74 lines
1.7 KiB
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
# era-wrapper.sh
|
|
#
|
|
# Minimal wrapper around ERA "agent" CLI for ThreeGate TOOL-EXEC.
|
|
#
|
|
# This is a stub intended to be called by a future request runner that:
|
|
# - parses Tool Request schema
|
|
# - validates it
|
|
# - stages inputs in a temp directory
|
|
# - runs ERA with no-network default
|
|
# - collects outputs + stdout/stderr
|
|
# - emits a Tool Result artifact (schema'd)
|
|
#
|
|
# This wrapper does NOT:
|
|
# - validate requests
|
|
# - mount host paths
|
|
# - enable network
|
|
#
|
|
# It is intentionally minimal and safe.
|
|
|
|
AGENT_BIN="${AGENT_BIN:-agent}"
|
|
|
|
need_cmd() {
|
|
command -v "$1" >/dev/null 2>&1 || {
|
|
echo "ERROR: required command not found: $1" >&2
|
|
exit 127
|
|
}
|
|
}
|
|
|
|
usage() {
|
|
cat >&2 <<'EOF'
|
|
Usage:
|
|
era-wrapper.sh --language <python|node|ts|go|ruby> --cmd "<single command>" [--network none]
|
|
|
|
Examples (no network):
|
|
era-wrapper.sh --language python --cmd "python -V" --network none
|
|
|
|
Notes:
|
|
- Network is forced to 'none' unless explicitly set to allowlist by higher-level tooling.
|
|
- This wrapper is not a policy engine. It is a backend adapter.
|
|
EOF
|
|
exit 2
|
|
}
|
|
|
|
LANGUAGE=""
|
|
CMD=""
|
|
NETWORK="none"
|
|
|
|
while [[ $# -gt 0 ]]; do
|
|
case "$1" in
|
|
--language) LANGUAGE="${2:-}"; shift 2 ;;
|
|
--cmd) CMD="${2:-}"; shift 2 ;;
|
|
--network) NETWORK="${2:-}"; shift 2 ;;
|
|
-h|--help) usage ;;
|
|
*) echo "ERROR: unknown arg: $1" >&2; usage ;;
|
|
esac
|
|
done
|
|
|
|
[[ -n "${LANGUAGE}" && -n "${CMD}" ]] || usage
|
|
|
|
need_cmd "${AGENT_BIN}"
|
|
|
|
if [[ "${NETWORK}" != "none" ]]; then
|
|
echo "ERROR: era-wrapper only supports --network none in this stub." >&2
|
|
exit 3
|
|
fi
|
|
|
|
# Use ephemeral temp VM
|
|
# Avoid guest volume mounts here; staging is done by higher-level runner if/when allowed.
|
|
exec "${AGENT_BIN}" vm temp --language "${LANGUAGE}" --network none --cmd "${CMD}"
|
|
|