feat: add nsenter-based command execution in tools sidecar with full test coverage

pyproject.toml

@@ -18,6 +18,7 @@ classifiers = [
 
 dependencies = [
     "dreadnode>=1.17.0",
+    "rigging @ git+https://github.com/dreadnode/rigging.git@5f9b33da3f5546ed2a65166b97b2f5efae824015",
     "cyclopts>=4.2.0",
     "loguru>=0.7.3",
     "httpx>=0.28.0,<1.0.0",
@@ -70,6 +71,9 @@ Documentation = "https://docs.dreadnode.io"
 requires = ["hatchling"]
 build-backend = "hatchling.build"
 
+[tool.hatch.metadata]
+allow-direct-references = true
+
 [tool.hatch.build.targets.wheel]
 packages = ["src/ares"]
 

src/ares/core/worker.py

@@ -370,8 +370,48 @@ async def _process_task(self, task: TaskMessage) -> None:
         finally:
             self._current_task = None
 
+    def _find_tools_container_pid(self) -> int | None:
+        """Find the PID of the tools sidecar container.
+
+        With shareProcessNamespace: true, we can see all processes in the pod.
+        The tools container runs 'sleep infinity' as its main process.
+
+        Returns:
+            PID of tools container if found, None otherwise.
+        """
+        import subprocess
+
+        try:
+            result = subprocess.run(  # nosec B607
+                ["ps", "aux"],
+                capture_output=True,
+                text=True,
+                check=False,
+            )
+
+            for line in result.stdout.splitlines():
+                if "sleep infinity" in line and "grep" not in line:
+                    parts = line.split()
+                    if len(parts) >= 2:
+                        try:
+                            pid = int(parts[1])
+                            logger.debug(f"Found tools container at PID {pid}")
+                            return pid
+                        except ValueError:
+                            continue
+        except Exception as e:
+            logger.warning(f"Failed to find tools container PID: {e}")
+
+        return None
+
     async def _execute_command_task(self, task: TaskMessage) -> None:
-        """Execute a command task directly via subprocess."""
+        """Execute a command task in the tools sidecar container.
+
+        Uses nsenter to execute commands in the tools container's mount namespace.
+        Requires:
+        - shareProcessNamespace: true (pod-level)
+        - CAP_SYS_ADMIN capability (ares-worker container)
+        """
         import subprocess
 
         payload = task.payload
@@ -382,16 +422,58 @@ async def _execute_command_task(self, task: TaskMessage) -> None:
         logger.info(f"[{self.agent_name}] Executing command: {command[:100]}...")
 
         try:
-            result = subprocess.run(  # noqa: S602, ASYNC221  # nosec B602
-                command,
-                shell=True,  # nosec B602
+            if not hasattr(self, "_tools_pid"):
+                self._tools_pid = self._find_tools_container_pid()
+
+            if not self._tools_pid:
+                error_msg = (
+                    "Cannot find tools container. The pod must have shareProcessNamespace: true "
+                    "and the tools container must run 'sleep infinity'."
+                )
+                logger.error(error_msg)
+                await self.task_queue.send_result(
+                    task_id=task.task_id,
+                    success=False,
+                    error=error_msg,
+                    worker_pod=self.pod_name,
+                )
+                return
+
+            nsenter_cmd = [
+                "nsenter",
+                "-t",
+                str(self._tools_pid),
+                "-m",
+                "-w",
+                "/bin/bash",
+                "-c",
+                f"cd {working_dir} && {command}",
+            ]
+
+            logger.debug(f"Executing via nsenter into PID {self._tools_pid}")
+            result = subprocess.run(  # noqa: ASYNC221
+                nsenter_cmd,
                 capture_output=True,
                 text=True,
                 timeout=timeout,
-                cwd=working_dir,
                 check=False,
             )
 
+            if result.returncode != 0 and "Operation not permitted" in result.stderr:
+                error_msg = (
+                    "nsenter failed: Operation not permitted. "
+                    "The ares-worker container needs CAP_SYS_ADMIN capability. "
+                    "Add to pod spec: securityContext.capabilities.add: [SYS_ADMIN]"
+                )
+                logger.error(error_msg)
+                await self.task_queue.send_result(
+                    task_id=task.task_id,
+                    success=False,
+                    error=error_msg,
+                    worker_pod=self.pod_name,
+                )
+                return
+
             await self.task_queue.send_result(
                 task_id=task.task_id,
                 success=True,
@@ -413,6 +495,7 @@ async def _execute_command_task(self, task: TaskMessage) -> None:
                 worker_pod=self.pod_name,
             )
         except Exception as e:
+            logger.error(f"Command execution failed: {e}")
             await self.task_queue.send_result(
                 task_id=task.task_id,
                 success=False,