Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Proposal] Exclusive Workspaces for Snapshot Isolation Across Conversations #6457

Open
kripper opened this issue Jan 25, 2025 · 0 comments
Open

[Proposal] Exclusive Workspaces for Snapshot Isolation Across Conversations #6457

kripper opened this issue Jan 25, 2025 · 0 comments
Labels
enhancement New feature or request

Comments

@kripper
Copy link

kripper commented Jan 25, 2025
edited
Loading

Summary

The /workspace directory is currently mounted and shared across all conversations, which is convenient for collaborative work but introduces a critical issue:

When restoring a snapshot (refer to issue #6163), the entire workspace is reverted. This inadvertently overwrites ongoing changes in other conversations, which can lead to data loss or workflow disruption.

To address this, we propose creating a workspace that is exclusive to each conversation. This exclusive workspace will ensure that snapshots and restores are isolated per conversation without impacting shared resources.

Technical Design

The proposed solution revolves around segregating workspaces into isolated and shared environments:

  1. Per-Conversation Workspaces

    • Each new conversation will begin with an exclusive, empty workspace mounted as /workspace.
    • This workspace will be tied to the conversation and will be included in snapshots/restores.

  2. Shared Workspaces

    • A separate shared mount point (e.g., /archive) will be introduced for files that are not included in snapshots.
    • Users will have the ability to manage and optionally grant write access to this shared folder for inter-conversation collaboration.

Implementation Proposal

We will define two distinct mounts inside the sandbox environment:

  1. /workspace:

    • Exclusive to the conversation sandbox.
    • Fully included in snapshots and restores.

  2. /archive:

    • Shared among all conversations.
    • Managed independently by the user and excluded from snapshots.

On the host machine, the file structure within the OH repository will look like this:

workspaces/
	75bc4c6729c1119ab33856f9d1fd51f26be4ce1fc0b97426cca3063c2228db34/
		(workspace files for session 75bc4...., mounted as `/workspace` inside the sandbox)
archive/
	(files shared with/by the user, equivalent to the current 'workspace' folder)
  • Access Control: Users can choose to isolate conversation sandboxes completely by restricting write permissions to /archive.

Alternatives Considered

  1. Instruct OH to work outside /workspace
    • This approach would require users to bypass /workspace, which is counterintuitive and contradicts the purpose of having a dedicated workspace.

By implementing this design, we maintain the intuitive usage of /workspace while ensuring snapshots remain conversation-specific, thus preventing unintended overwrites in shared environments.
@kripper kripper changed the title Create a default empty workspace for each conversation (to include in container snapshot/restore) Exclusive workspace per conversation (for snapshot/restore) Jan 25, 2025
@kripper kripper mentioned this issue Jan 25, 2025
Open
@kripper kripper changed the title Exclusive workspace per conversation (for snapshot/restore) [Proposal] Exclusive Workspaces for Snapshot Isolation Across Conversations Jan 26, 2025
@mamoodi mamoodi added the enhancement New feature or request label Jan 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kripper @mamoodi