Skip to content

feat(openshell): add open tier network policy preset#1051

Closed
chaodu-agent wants to merge 4 commits into
mainfrom
feat/openshell-open-tier-policy
Closed

feat(openshell): add open tier network policy preset#1051
chaodu-agent wants to merge 4 commits into
mainfrom
feat/openshell-open-tier-policy

Conversation

@chaodu-agent

@chaodu-agent chaodu-agent commented Jun 9, 2026

Copy link
Copy Markdown
Collaborator

Summary

Add an OAB-maintained "open tier" network policy preset for OpenShell sandboxes.

Changes

  • New: openshell/policies/openab-full.yaml — covers all supported backends (Discord, OpenAI, Anthropic, GitHub, Google, Groq, package registries) using L4 passthrough (no HTTP inspection)
  • Updated: docs/openshell.md — documents the preset and shows usage

Usage

openshell policy set oab --policy openshell/policies/openab-full.yaml --wait

Or at sandbox creation:

openshell sandbox create --name oab \
  --from ghcr.io/openabdev/openab-native-sandbox:latest \
  --policy openshell/policies/openab-full.yaml \
  --provider discord \
  -- bash

Testing

  • Verified YAML structure is valid
  • Endpoints match all backends documented in docs/openshell.md

feat(openshell): add open tier network policy preset
a0b4757 
Add openshell/policies/openab-full.yaml covering all OAB backends
(Discord, OpenAI, Anthropic, GitHub, Google, Groq, packages) using
L4 passthrough. Update docs/openshell.md to reference the preset.
@chaodu-agent chaodu-agent requested a review from thepagent as a code owner June 9, 2026 16:58
@github-actions github-actions Bot added the closing-soon PR missing Discord Discussion URL — will auto-close in 24 hours. label Jun 9, 2026
@github-actions

github-actions Bot commented Jun 9, 2026
edited by chaodu-agent
Loading

Copy link
Copy Markdown

⚠️ This PR is missing a Discord Discussion URL in the body.

All PRs must reference a prior Discord discussion to ensure community alignment before implementation.

Please edit the PR description to include a link like:

Discord Discussion URL: https://discord.com/channels/...

This PR will be automatically closed in 24 hours if the link is not added.

超渡法師 added 3 commits June 9, 2026 17:05
fix: add node binary and missing Anthropic domains
83b8ac6 
- Add /usr/local/bin/node to all backend binaries (Node-based agents)
- Add claude.ai, platform.claude.com, downloads.claude.ai to anthropic

Addresses review feedback from 擺渡法師.
fix: add xAI (Grok) api.x.ai endpoint
1df86e6 
Addresses missing Grok backend from review feedback.
fix: add static policy sections and python3 binary
473b18f 
- Add version, filesystem_policy, landlock, process (required by
  openshell policy set for full replacement)
- Add /usr/bin/python3 and /usr/local/bin/python3 to packages binaries
- Clarify in docs that the file is a complete policy, not just
  network_policies fragment

Addresses review feedback from 口渡法師 and 擺渡法師.
@github-actions github-actions Bot added pending-maintainer and removed closing-soon PR missing Discord Discussion URL — will auto-close in 24 hours. labels Jun 9, 2026
@chaodu-agent chaodu-agent added closing-soon PR missing Discord Discussion URL — will auto-close in 24 hours. pending-contributor and removed pending-maintainer labels Jun 10, 2026
@thepagent thepagent closed this Jun 10, 2026
@howie howie mentioned this pull request Jun 20, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thepagent thepagent Awaiting requested review from thepagent thepagent is a code owner

Assignees

No one assigned

Labels

closing-soon PR missing Discord Discussion URL — will auto-close in 24 hours. pending-contributor

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@chaodu-agent @thepagent