feat: remove docker container on shutdown

Add automatic cleanup of Docker containers when the application exits. Uses a singleton runtime pattern and spawns a detached subprocess for cleanup to ensure fast exit without blocking the UI.
2026-01-19 18:21:34 -08:00
parent a67fe4c45c
commit 8413987fcd
5 changed files with 45 additions and 2 deletions
--- a/strix/interface/cli.py
+++ b/strix/interface/cli.py
@@ -106,7 +106,10 @@ async def run_cli(args: Any) -> None:  # noqa: PLR0915
    tracer.vulnerability_found_callback = display_vulnerability

    def cleanup_on_exit() -> None:
+        from strix.runtime import cleanup_runtime
+
        tracer.cleanup()
+        cleanup_runtime()

    def signal_handler(_signum: int, _frame: Any) -> None:
        tracer.cleanup()
--- a/strix/interface/tui.py
+++ b/strix/interface/tui.py
@@ -742,7 +742,10 @@ class StrixTUIApp(App):  # type: ignore[misc]

    def _setup_cleanup_handlers(self) -> None:
        def cleanup_on_exit() -> None:
+            from strix.runtime import cleanup_runtime
+
            self.tracer.cleanup()
+            cleanup_runtime()

        def signal_handler(_signum: int, _frame: Any) -> None:
            self.tracer.cleanup()
--- a/strix/runtime/init.py
+++ b/strix/runtime/init.py
@@ -12,17 +12,32 @@ class SandboxInitializationError(Exception):
        self.details = details


+_global_runtime: AbstractRuntime | None = None
+
+
 def get_runtime() -> AbstractRuntime:
+    global _global_runtime  # noqa: PLW0603
+
    runtime_backend = Config.get("strix_runtime_backend")

    if runtime_backend == "docker":
        from .docker_runtime import DockerRuntime

-        return DockerRuntime()
+        if _global_runtime is None:
+            _global_runtime = DockerRuntime()
+        return _global_runtime

    raise ValueError(
        f"Unsupported runtime backend: {runtime_backend}. Only 'docker' is supported for now."
    )


-__all__ = ["AbstractRuntime", "SandboxInitializationError", "get_runtime"]
+def cleanup_runtime() -> None:
+    global _global_runtime  # noqa: PLW0603
+
+    if _global_runtime is not None:
+        _global_runtime.cleanup()
+        _global_runtime = None
+
+
+__all__ = ["AbstractRuntime", "SandboxInitializationError", "cleanup_runtime", "get_runtime"]
--- a/strix/runtime/docker_runtime.py
+++ b/strix/runtime/docker_runtime.py
@@ -316,3 +316,22 @@ class DockerRuntime(AbstractRuntime):
            self._tool_server_token = None
        except (NotFound, DockerException):
            pass
+
+    def cleanup(self) -> None:
+        if self._scan_container is not None:
+            container_name = self._scan_container.name
+            self._scan_container = None
+            self._tool_server_port = None
+            self._tool_server_token = None
+
+            if container_name is None:
+                return
+
+            import subprocess
+
+            subprocess.Popen(  # noqa: S603
+                ["docker", "rm", "-f", container_name],  # noqa: S607
+                stdout=subprocess.DEVNULL,
+                stderr=subprocess.DEVNULL,
+                start_new_session=True,
+            )
--- a/strix/runtime/runtime.py
+++ b/strix/runtime/runtime.py
@@ -27,3 +27,6 @@ class AbstractRuntime(ABC):
    @abstractmethod
    async def destroy_sandbox(self, container_id: str) -> None:
        raise NotImplementedError
+
+    def cleanup(self) -> None:
+        raise NotImplementedError