Skip to main content
Docker is now the default runtime sandbox provider. Docker sandboxes no longer bind-mount the caller’s working directory. They create a container workspace and clone the run manifest’s GitHub origin into /workspace.To migrate:
  1. Use --sandbox local or [run.sandbox] provider = "local" when a run must operate directly on the host working tree.
  2. For Docker or Daytona runs without a GitHub origin, set [run.clone] enabled = false.
  3. Make sure private GitHub repositories have GitHub App credentials configured before running clone-based sandboxes.

Clone-based Docker sandboxes

Docker now uses the same clone-shaped runtime model as Daytona. When the run manifest includes a GitHub origin, Fabro clones that repository into the sandbox workspace and configures git lifecycle operations inside the sandbox. This is a breaking sandbox change:
  • Docker no longer bind-mounts host workspaces.
  • Docker and Daytona accept GitHub origins only when cloning.
  • Present non-GitHub origins fail unless [run.clone] enabled = false.
  • Absent origins and [run.clone] enabled = false runs create empty workspaces without repository files.
The packaged Docker Compose service mounts the host Docker socket so the server can create sibling run containers. Operators remain responsible for Docker socket permissions, Docker Desktop behavior, DOCKER_HOST, TLS, and remote daemon security.

Run logs

Each server-dispatched run now gets its own worker tracing log at runtime/server.log. The server also exposes the log through GET /api/v1/runs/{id}/logs, so tools can fetch execution-time tracing for a single run without grepping the process-wide server log. fabro dump now includes the same log as run.log when it is available. Dumps still succeed for older runs or submitted runs that do not have a worker log yet.

Operators

Worker subprocesses continue writing to the main <storage>/logs/server.log, and also mirror worker tracing into the per-run file. FABRO_LOG still controls log verbosity; if a server config sets [server.logging] level, that level is now propagated to workers unless the parent process already set FABRO_LOG. Server logs can also go to stdout, which is useful for containers and process supervisors: 
[server.logging]
destination = "stdout"

More

  • New GET /api/v1/runs/{id}/logs endpoint returns the per-run worker log
  • Server settings now include server.logging.destination with file and stdout values
  • fabro dump now includes per-run worker logs as run.log when they are available
  • Fixed web requests being served from non-canonical hosts instead of redirecting to the configured canonical host