Impact of Sandboxing on Tool Execution Directory Access
The sandboxed environment grants your tool access to the following directories during its execution:
| Directory | Mount Point | Access Level | Purpose |
|---|---|---|---|
| Artifact File Directory | /workspace | Read-Write | ONLY writable location - tool outputs, artifacts, temporary files (current working directory) |
| Workflow Data | /workflow_data | Read-Only | Project files, workflow-specific data files |
| Tool Directory | /tool | Read-Only | Tool source code, configuration files |
| Virtual Environment | /venv | Read-Only | Python packages installed for the tool |
| System Directories | /usr, /lib, /bin, etc. | Read-Only | System binaries and libraries (for Python execution) |
Key Restrictions for Tool Execution
File System Access:
- Writable Location: The only directory where file writing is permitted is /workspace. This location is designated for artifact files.
- Project File Access: Project files can be read from /workflow_data. This directory replaces direct access to the CML project path.
- Read-Only Directories: All other directories, including system files and tool source code, are read-only and cannot be modified during tool execution.
Environment:
- Sanitized Environment Variables: Sensitive credentials and other sensitive information are automatically excluded from environment variables.
- Default Working Directory: The default working directory is automatically set to /workspace, hence, the relative paths resolve to the artifact file directory.
