Skip to content

Sandboxes

Sandboxes let you run code against your repository data inside isolated containers. Each sandbox gets a mounted volume with your data, executes your script or application, and can commit changes back to the repository — all without touching your production state until you approve.

Combined with triggers, sandboxes enable fully automated data pipelines: when specific files change, a sandbox automatically runs your validation, transformation, or analysis code.

Architecture

Tilde sandboxes are isolated along three dimensions:

  • Compute Isolation

    Each sandbox runs in its own isolated container with all Linux capabilities dropped, configurable resource limits, and no access to the host system. You choose the image, command, and environment -- Tilde handles the lifecycle.

  • Filesystem Isolation

    Your repository data is mounted as a versioned FUSE volume. The sandbox operates on a session — a transactional workspace. Changes are only applied to the repository when the session is committed. If anything goes wrong, it's rolled back.

  • Network Isolation

    Every sandbox runs on an isolated network with no direct internet access. All outbound HTTP/HTTPS traffic passes through a forward proxy that enforces per-sandbox network policies.

Quick Start

# One-shot: run a command and stream output
tilde sandbox run -r my-team/my-data \
  --image python:3.12 \
  -- python analyze.py

# Interactive: open a shell inside a sandbox
tilde sandbox run -r my-team/my-data \
  --image python:3.12 -i

import tilde

repo = tilde.repository("my-team/my-data")

# One-shot: run a single command
result = repo.execute("python analyze.py", image="python:3.12")
print(result.stdout.text())

# Interactive: run multiple commands in a single sandbox
with repo.shell(image="python:3.12") as sh:
    sh.run("pip install pandas")
    result = sh.run("python analyze.py")
    print(result.stdout.text())

See the CLI docs and Python SDK for full documentation, or the list of supported images.