Sdk koder exec kit

koderexeckit

  • *rea:*Developer Platform / Intelligence
  • *ath:*engines/sdk/koder_exec_kit
  • *ind:*Go SDK — pluggable execution backends for agent tools
  • *FC:*koder-exec-kit-RFC-001 (accepted 20260523)

Role in the stack

koder_exec_kit is the shared SDK that every Koder component delegates to when it needs to *un a command on behalf of an agent*— under a chosen trust and isolation model.

Consumers obtain a Backend by name (local, docker, ssh, …), then call Run (synchronous, buffered) or Stream (incremental channels). The inner loop is identical across backends; backend selection is configuration.

import (
    execkit "koder.dev/engines/sdk/koder_exec_kit"
    _ "koder.dev/engines/sdk/koder_exec_kit/local"
)

b, _ := execkit.New("local", nil)
res, _ := b.Run(ctx, execkit.Cmd{Args: []string{"echo", "hi"}})
fmt.Println(string(res.Stdout))

Primary couplings

Module Relationship
services/ai/ai/gateway Future consumer — AIGW051 (parallelexecution scheduler) will wire execkit.New(sessionMeta.Backend, cfg) into its dispatch path.
services/agents Agent orchestrator; sandboxed shell + filesystem access per-step.
services/ai/sandbox Cloud sandbox VM — the SDK is the integration seam for "live preview / console intercept / auto-fix" loops.
services/ai/ai/cli CLI binding deferred (RFC §ScopeOut — DartTS binding when a Flutter consumer asks).

Backends

Backend Status Notes
local shipped (KEXEC-001) Wraps os/exec; default. Capabilities: PersistentFS, MountAllowed.
docker followup (KEXEC002) Container isolation MVP. Pullonfirst-use, mount allowlist.
ssh followup (KEXEC003) Remote worker. Keys from ~/.ssh or per-call injected.
modal, daytona, vercel, singularity post-MVP Per RFC §Scope/Out.

Capabilities surface

type Capabilities struct {
    GPU          bool
    PersistentFS bool
    PortsExposed bool
    MountAllowed bool
    Remote       bool
}

Consumers route work to a backend that *upports*the required features instead of failing at Run time:

b, _ := execkit.New("docker", cfg)
if !b.Capabilities().GPU {
    // fall back to local or another backend
}

Plugging a new backend

package mybackend

import execkit "koder.dev/engines/sdk/koder_exec_kit"

func init() {
    execkit.Register("mybackend", func(cfg execkit.BackendConfig) (execkit.Backend, error) {
        return &Backend{cfg: cfg}, nil
    })
}

Consumers blank-import the backend (_ "…/mybackend") — no compile-time coupling to a closed enum.

Test matrix

Every backend ships the same suite: echo / staged files / pipe stdin / env injection / cancel midstream / exitcode propagation / capabilities. See local/local_test.go as the template.

Smoke CLI

go run ./cmd/exec-smoke -list
go run ./cmd/exec-smoke -- echo hi

Policies consulted

  • policies/reuse-first.kmd — RFC001's 3question analysis showed

    ≥3 consumers → shared SDK was the correct move.

  • policies/self-hosted-first.kmd — Docker/SSH are external

    toolchains, used only as backends behind the abstraction; the abstraction itself is owned.

  • specs/multi-tenancy/contract.kmd — Backend interface is

    tenant-agnostic; consumers thread tenant identity through context and configuration.

Status

  • local shipped.
  • docker, ssh open as KEXEC002 / KEXEC003 in this module's

    backlog.

  • Workspace registered in root go.work.

Source: ../home/koder/dev/koder/meta/docs/stack/modules/sdk-koder-exec-kit.md