Conversation
- Add OpenSandbox Dify plugin with sandbox_create, sandbox_run, sandbox_kill tools - Add E2E test framework for Dify plugin integration - Add GitHub Actions workflow for automated E2E testing - Support both local testing and CI testing
main branch references unreleased image versions (1.12.0)
First run will still pull images, but subsequent runs will use cached images. Expected to reduce CI time from ~15min to ~5min after cache is populated.
Dify 1.11.4 requires CSRF token header for authenticated requests
…bugging - Add timeout/retry loop for provider discovery - Match by partial name or plugin_id - Add debug output for provider list
- Use plugin endpoint for plugin-type providers - Add debug output for credentials flow - Fallback to using provider name as credential ID
- Print full provider details for debugging - Use default tool labels when tools list is empty - Fix plugin_unique_identifier fallback
Plugin now reads OPENSANDBOX_BASE_URL and OPENSANDBOX_API_KEY env vars as fallback when credentials are not configured via Dify API
Dify's plugin credential API doesn't support configuring credentials for plugin providers via API. The test now verifies: - Plugin registration success - Provider discovery - Provider structure validation Full workflow execution requires manual credential configuration in Dify UI.
- Unit tests for utility functions (normalize_domain, parse_optional_json, etc) - Integration tests for sandbox lifecycle (create -> run -> kill) - Integration tests require running OpenSandbox server
hittyt
requested review from
Generalwin,
Pangjiping,
jwx0925 and
ninan-nn
as code owners
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 908726f4b9
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| def _validate_credentials(self, credentials: dict[str, Any]) -> None: | ||
| base_url = credentials.get("opensandbox_base_url", "") | ||
| api_key = credentials.get("opensandbox_api_key", "") | ||
| if not base_url or not api_key: | ||
| raise ToolProviderCredentialValidationError("Missing OpenSandbox base URL or API key.") |
There was a problem hiding this comment.
The tools support falling back to OPENSANDBOX_BASE_URL/OPENSANDBOX_API_KEY, but the provider validation rejects missing credentials before tools ever run. In Dify, provider validation happens when configuring the plugin, so a deployment that relies on env vars (e.g., secrets injected into the runtime container) will fail to register the provider even though build_connection_config would succeed at invocation time. If env-only configuration is intended, this should read env vars here or mark the credentials optional in the provider definition so the plugin can be used with env-based configuration.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
Add env recognition support for the fallback path
|
@ninan-nn please review this about Python sdk usage |
- Move .gitignore patterns from server/ and tests/e2e/dify_plugin/ to root - Add .venv/, .dify/, and *.e2e.toml to root .gitignore - Remove push trigger for feat/** branches in dify-plugin-e2e workflow - Support env var fallback (OPENSANDBOX_BASE_URL/OPENSANDBOX_API_KEY) in provider validation for consistency with tool invocation logic
| # uv pip compile pyproject.toml -o ./requirements.txt | ||
| dependencies = [ | ||
| "dify-plugin>=0.5.1", | ||
| "opensandbox", |
There was a problem hiding this comment.
Set the dependency version range to opensandbox>=1.0.0,<2.0.0 to avoid unexpected breaking changes from future major releases and ensure compatibility.
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
|
|
||
| [project] |
There was a problem hiding this comment.
Suggested: use Pyright and Ruff for type checking and linting.
| en_US: API key for OpenSandbox server authentication. Falls back to OPENSANDBOX_API_KEY env var. | ||
| zh_Hans: 用于 OpenSandbox 服务鉴权的 API Key。如未填写,将使用 OPENSANDBOX_API_KEY 环境变量。 | ||
| tools: | ||
| - tools/sandbox_create.yaml |
There was a problem hiding this comment.
why filesystem tool not provided, eg. file_read & file_write
4 participants
Summary
This PR introduces a Dify plugin that enables Dify workflows to use OpenSandbox as a code execution environment.
Features
Three sandbox tools for Dify workflows:
Flexible credential management:
Testing
Breaking Changes
Checklist