Runner environment
Every run step in a workflow executes inside a sandbox container based on Wolfi Linux. This page documents what's available inside the runner, what's auto-injected, and how to install extra dependencies.
Auto-injected environment variables
The runner injects the following variables into every step automatically — you do not need to declare them in env:.
| Variable | Purpose |
|---|---|
H2O_CLOUD_CLIENT_PLATFORM_TOKEN | Platform access token for authenticating against H2O Cloud APIs (AI Engine Manager, MLOps, Feature Store, Drive, …). |
Use the token via the standard login() helper of each H2O Python client:
- name: List DAI engines
run: |
python3 -c "
import os, h2o_engine_manager
clients = h2o_engine_manager.login(
platform_token=os.environ['H2O_CLOUD_CLIENT_PLATFORM_TOKEN'],
)
print(clients.dai_engine_client.list_engines())
"
Pre-installed tools
The runner image is intentionally minimal. Only the following are pre-installed.
| Package | Notes |
|---|---|
python-3.13 | Python runtime |
uv | Fast Python package installer — use with sudo |
bash | Default shell |
curl | HTTP client |
wget | HTTP client |
jq | JSON processor |
zip / unzip | Archive tools |
aws-cli | AWS CLI |
ca-certificates | TLS root certificates |
sudo | Passwordless sudo for the sandbox user |
Runner shell
- User:
sandbox(uid 1000, gid 1000) - Shell:
/bin/bash - Working directory:
/home/sandbox - Sudo: passwordless
- Architecture:
amd64 - Each step starts a fresh shell. Env vars set inline with
export, the current working directory, and any background processes do not persist into the next step. Use the step-levelenv:field for variables; use H2O Drive to share files across jobs.
Installing Python packages
Use uv with sudo — the system Python is owned by root.
- name: Install client
run: sudo uv pip install --system h2o-engine-manager driverlessai
pip is not pre-installed. Do not use pip install directly.
H2O Python clients
| Component | Install command |
|---|---|
| AI Engine Manager | sudo uv pip install --system h2o-engine-manager |
| MLOps | sudo uv pip install --system h2o-mlops |
| Driverless AI | sudo uv pip install --system driverlessai |
| H2O-3 | sudo uv pip install --system h2o |
| Feature Store | sudo uv pip install --system h2o-featurestore |
What is NOT available
- No
pip— useuv. - No
git. - No
docker. - No
make,gcc, or build toolchain. - No
sed,awk, or full GNU coreutils — Wolfi uses busybox equivalents. - No GPU drivers or CUDA.
- No persistent filesystem between jobs — use H2O Drive for cross-job data sharing.
- No pre-installed Python packages beyond the standard library.
Related
- Steps —
run,upload,download,working_dir,env. - Environment variables — declaring your own variables at workflow, job, and step level.
- Secrets — referencing values from H2O Secure Store.
- Storage — moving files in and out of H2O Drive.
- Examples — working workflows that use this runtime to integrate with H2O products.
Feedback
- Submit and view feedback for this page
- Send feedback about H2O Workflows to cloud-feedback@h2o.ai