ake/paperclip
1
0
Fork 0
mirror of https://github.com/alkimake/paperclip.git synced 2026-06-14 01:50:39 +09:00
Code Issues Projects Releases Packages Wiki Activity
paperclip/packages/plugins/sandbox-providers/modal/README.md
Devin Foley 4b1e92a588
feat(plugins): add Modal sandbox provider plugin (#6245) 
## Thinking Path

> - Paperclip orchestrates AI agents through company-scoped
control-plane workflows and extensible runtime integrations.
> - Sandbox providers are part of that extension surface because they
let agents execute isolated work without baking each provider into the
core server.
> - Modal already offers managed sandboxes with filesystem, process,
timeout, and networking controls that map onto Paperclip's sandbox
provider contract.
> - The repo did not have a Modal provider plugin, so teams wanting
Modal-backed sandboxes had no first-party integration path.
> - This pull request adds a standalone
`packages/plugins/sandbox-providers/modal` plugin that implements the
provider contract, worker entrypoint, docs, and tests.
> - The benefit is that Modal can now be installed as a provider plugin
without expanding the core control-plane surface area.

## What Changed

- Added a new `packages/plugins/sandbox-providers/modal` package with
the plugin manifest, worker entrypoint, and exported plugin surface.
- Implemented Modal-backed sandbox lifecycle support for creation,
command execution, file operations, networking options, termination, and
metadata translation.
- Added focused Vitest coverage for config validation, env handling,
lifecycle flows, networking behavior, and error mapping.
- Documented installation, configuration, and usage requirements in the
plugin README.
- Removed misleading `MODAL_TOKEN_*` fallback behavior so authentication
relies on supported Modal credentials only.

## Verification

- `pnpm -r typecheck`
- `pnpm test:run`
- `pnpm build`
- `cd packages/plugins/sandbox-providers/modal && pnpm test`

## Risks

- Low to medium risk: this is isolated to a new plugin package, but
runtime behavior still depends on live Modal account credentials and
service-side sandbox semantics.
- Modal's current docs target a newer Node baseline than the repo
default, so the first live install should confirm credential loading and
sandbox startup behavior in a real Modal workspace.
- No UI or schema changes are included in this PR.

> For core feature work, check [`ROADMAP.md`](ROADMAP.md) first and
discuss it in `#dev` before opening the PR. Feature PRs that overlap
with planned core work may need to be redirected — check the roadmap
first. See `CONTRIBUTING.md`.

## Model Used

- OpenAI Codex via Paperclip `codex_local` agent (GPT-5-class Codex
coding model; exact backend model ID is not exposed by the runtime),
with tool use, shell execution, and code-editing capabilities enabled.

## Checklist

- [x] I have included a thinking path that traces from project context
to this change
- [x] I have specified the model used (with version and capability
details)
- [x] I have checked ROADMAP.md and confirmed this PR does not duplicate
planned core work
- [x] I have run tests locally and they pass
- [x] I have added or updated tests where applicable
- [x] If this change affects the UI, I have included before/after
screenshots
- [x] I have updated relevant documentation to reflect my changes
- [x] I have considered and documented any risks above
- [x] I will address all Greptile and reviewer comments before
requesting merge

---------

Co-authored-by: Paperclip <noreply@paperclip.ing>
2026-05-18 08:36:34 -07:00

5.3 KiB
Raw Blame History

@paperclipai/plugin-modal

First-party Modal sandbox provider plugin for Paperclip.

Like the other sandbox-provider packages in this repo, it lives inside the Paperclip monorepo but is intentionally excluded from the root pnpm workspace and shaped to publish and install like a standalone npm package. That lets operators install it from the Plugins page by package name without introducing root lockfile churn for Modal's SDK dependencies.

Install

From a Paperclip instance, install:

@paperclipai/plugin-modal

The host plugin installer runs npm install into the managed plugin directory, so the modal SDK dependency is pulled in during installation.

Runtime support note

Modal's official JS SDK README pins support to Node 22 or later. Paperclip's repo baseline is currently node >= 20; empirically modal@0.7.4 imports and operates against the Modal API under Node 20, so the plugin runs there today, but the vendor support contract is Node 22+. The plugin logs a startup warning when it detects Node < 22. Operators who can pin their Paperclip runtime to Node 22+ should do so; treat Node-20 usage as best-effort until the host bumps its baseline.

The empirical Node 20 compatibility check is recorded in PAPA-352.

Configuration

Configure Modal from Company Settings -> Environments, not from the plugin's instance settings page.

Field Required Description
appName yes Modal App name. The plugin calls modal.apps.fromName(appName, { createIfMissing: true }), so the App is created on first acquire if it does not already exist.
image yes Container image passed to modal.images.fromRegistry(), e.g. python:3.13 or node:20.
tokenId / tokenSecret yes Modal auth tokens. Both must be provided together. Paperclip stores pasted values as company secrets. The plugin worker runs in a child process that does not inherit host env vars, so MODAL_TOKEN_ID / MODAL_TOKEN_SECRET set on the Paperclip server are not read by the plugin — provide the tokens in this form.
environment no Optional Modal environment name. Falls back to the SDK profile default.
workdir no Remote working directory inside the sandbox. Defaults to /workspace/paperclip.
sandboxTimeoutMs no Maximum sandbox lifetime in milliseconds. Must be a positive multiple of 1000 between 1000 and 86_400_000 (24 hours). Defaults to 3_600_000 (1 hour).
idleTimeoutMs no Optional idle timeout in milliseconds. Modal terminates the sandbox if no exec is active for this duration. Must be a positive multiple of 1000.
execTimeoutMs no Default per-exec timeout in milliseconds when the caller does not pass one. Must be a positive multiple of 1000. Defaults to 300_000 (5 minutes).
blockNetwork no Block all egress network access.
cidrAllowlist no List of CIDRs the sandbox may reach. Cannot be combined with blockNetwork.
reuseLease no When true, the sandbox is detached (not terminated) on release and reattached by id later. Defaults to false.

Reuse semantics

Modal does not expose a separate pause/resume primitive for sandboxes — there is no equivalent to e2b's pause(). The plugin implements reuseLease as follows:

  • reuseLease: false (default): On release the sandbox is terminate()d. Subsequent runs create a new sandbox.
  • reuseLease: true: On release the plugin calls sandbox.detach(). The sandbox keeps running on Modal until its configured sandboxTimeoutMs or idleTimeoutMs elapses. The next acquire/resume reconnects via modal.sandboxes.fromId(providerLeaseId). If the sandbox has expired, fromId raises NotFoundError and the plugin reports the lease as expired so Paperclip reacquires.

Because there is no real pause, reuseLease: true keeps billing running until the sandbox or idle timeout cuts it off. Tune idleTimeoutMs to a value that matches your reuse window.

Local development

cd packages/plugins/sandbox-providers/modal
pnpm install --ignore-workspace --no-lockfile
pnpm build
pnpm test
pnpm typecheck

These commands assume the repo root has already been installed once so the local @paperclipai/plugin-sdk workspace package is available to the compiler during development.

Operator verification

  1. Provision Modal credentials in your Modal account (modal token new) or use a service account.
  2. Install the plugin from the Paperclip Plugins page.
  3. In Company Settings -> Environments, add a new Modal sandbox environment with at least appName, image, tokenId, and tokenSecret.
  4. Run the environment Probe action. A success result confirms auth, app creation, image pull, and exec round-trip.
  5. Run at least one Paperclip task with a remote-managed adapter (for example claude_local) bound to that environment. The adapter should provision the sandbox, run commands in it, and clean it up.

Full end-to-end manual QA is tracked separately in PAPA-354.

Package layout

  • src/manifest.ts declares the sandbox-provider driver metadata
  • src/plugin.ts implements the environment lifecycle hooks
  • src/worker.ts boots the plugin under the host worker runtime
  • paperclipPlugin.manifest and paperclipPlugin.worker point the host at the built plugin entrypoints in dist/