feat: reorganize examples and add signature support to JobBuilder

- Reorganized examples into osiris/, sal/, and utils/ folders
- Moved hardcoded scripts to separate .rhai files
- Added signature() method to JobBuilder for job signing
- Updated OSIRIS context to use block_in_place instead of runtime
- Removed runtime field from OsirisContext
- Added typed save() methods for Note and Event objects
- Updated all examples to use new structure and APIs

examples/sal/scripts/containers/buildah.rhai

@@ -0,0 +1,150 @@
+// buildah.rhai
+// Demonstrates using buildah to create a custom image with golang and nginx,
+// then using nerdctl to run a container from that image
+
+println("Starting buildah workflow to create a custom image...");
+
+// Define image and container names
+let base_image = "ubuntu:22.04";
+let container_name = "golang-nginx-container";
+let final_image_name = "custom-golang-nginx:latest";
+
+println(`Creating container '${container_name}' from base image '${base_image}'...`);
+
+// Create a new buildah container using the builder pattern
+let builder = bah_new(container_name, base_image);
+
+println("Enabling debug mode...");
+builder.debug_mode = true;
+
+// Update package lists and install golang and nginx
+println("Installing packages (this may take a while)...");
+
+// Update package lists
+let update_result = builder.run("apt-get update -y");
+
+// Install required packages
+let install_result = builder.run("apt-get install -y golang nginx");
+
+// Verify installations
+let go_version = builder.run("go version");
+println(`Go version: ${go_version.stdout}`);
+
+let nginx_version = builder.run("nginx -v");
+println(`Nginx version: ${nginx_version.stderr}`); // nginx outputs version to stderr
+
+// Create a simple Go web application
+println("Creating a simple Go web application...");
+
+// Create a directory for the Go application
+builder.run("mkdir -p /app");
+
+// Create a simple Go web server
+let go_app = `
+package main
+
+import (
+    "fmt"
+    "net/http"
+)
+
+func main() {
+    http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+        fmt.Fprintf(w, "Hello from Go running in a custom container!")
+    })
+    
+    fmt.Println("Starting server on :8080")
+    http.ListenAndServe(":8080", nil)
+}
+`;
+
+// Write the Go application to a file using the write_content method
+builder.write_content(go_app, "/app/main.go");
+
+// Compile the Go application
+builder.run("cd /app && go build -o server main.go");
+
+// Configure nginx to proxy to the Go application
+let nginx_conf = `
+server {
+    listen 80;
+    server_name localhost;
+
+    location / {
+        proxy_pass http://localhost:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+    }
+}
+`;
+
+// Write the nginx configuration using the write_content method
+let nginx_conf_result = builder.write_content(nginx_conf, "/etc/nginx/sites-available/default");
+
+// Create a startup script
+let startup_script = `
+#!/bin/bash
+# Start the Go application in the background
+cd /app && ./server &
+# Start nginx in the foreground
+nginx -g "daemon off;"
+`;
+
+// Write the startup script using the write_content method
+let startup_script_result = builder.write_content(startup_script, "/start.sh");
+builder.run("chmod +x /start.sh");
+
+// Set the entrypoint to the startup script
+println("Setting entrypoint to /start.sh...");
+builder.set_entrypoint("/start.sh");
+
+// Read back the startup script to verify it was written correctly
+let read_script = builder.read_content("/start.sh");
+println("Startup script content verification:");
+println(read_script);
+
+// Commit the container to a new image
+println(`Committing container to image '${final_image_name}'...`);
+let commit_result = builder.commit(final_image_name);
+
+// Clean up the buildah container
+println("Cleaning up buildah container...");
+builder.remove();
+
+// Now use nerdctl to run a container from the new image
+println("\nStarting container from the new image using nerdctl...");
+
+// Create a container using the builder pattern
+// Use localhost/ prefix to ensure nerdctl uses the local image
+let local_image_name = "localhost/" + final_image_name;
+println(`Using local image: ${local_image_name}`);
+
+// Tag the image with the localhost prefix for nerdctl compatibility
+println(`Tagging image as ${local_image_name}...`);
+let tag_result = image_tag(final_image_name, local_image_name);
+
+// Print a command to check if the image exists in buildah
+println("\nTo verify the image was created with buildah, run:");
+println("buildah images");
+
+// Note: If nerdctl cannot find the image, you may need to push it to a registry
+// println("\nNote: If nerdctl cannot find the image, you may need to push it to a registry:");
+// println("buildah push localhost/custom-golang-nginx:latest docker://localhost:5000/custom-golang-nginx:latest");
+// println("nerdctl pull localhost:5000/custom-golang-nginx:latest");
+
+let container = nerdctl_container_from_image("golang-nginx-demo", local_image_name)
+    .with_detach(true)
+    .with_port("8080:80")  // Map port 80 in the container to 8080 on the host
+    .with_restart_policy("unless-stopped")
+    .build();
+
+// Start the container
+let start_result = container.start();
+
+println("\nWorkflow completed successfully!");
+println("The web server should be running at http://localhost:8080");
+println("You can check container logs with: nerdctl logs golang-nginx-demo");
+println("To stop the container: nerdctl stop golang-nginx-demo");
+println("To remove the container: nerdctl rm golang-nginx-demo");
+
+"Buildah and nerdctl workflow completed successfully!"

examples/sal/scripts/containers/buildah_debug.rhai

@@ -0,0 +1,39 @@
+// buildah_debug.rhai
+// Demonstrates using the debug flag on the buildah Builder
+
+println("Starting buildah debug example...");
+
+// Define image and container names
+let base_image = "ubuntu:22.04";
+let container_name = "debug-test-container";
+
+println(`Creating container '${container_name}' from base image '${base_image}'...`);
+
+// Create a new buildah container using the builder pattern
+let builder = bah_new(container_name, base_image);
+
+// Enable debug mode
+println("Enabling debug mode...");
+builder.debug_mode = true;
+
+// Run a simple command to see debug output
+println("Running a command with debug enabled...");
+let result = builder.run("echo 'Hello from debug mode'");
+
+// Disable debug mode
+println("Disabling debug mode...");
+builder.debug_mode = false;
+
+// Run another command without debug
+println("Running a command with debug disabled...");
+let result2 = builder.run("echo 'Hello without debug'");
+
+// Enable debug mode again
+println("Enabling debug mode again...");
+builder.debug_mode = true;
+
+// Remove the container with debug enabled
+println("Removing the container with debug enabled...");
+builder.remove();
+
+println("Debug example completed!");

examples/sal/scripts/containers/buildah_run.rhai

@@ -0,0 +1,44 @@
+
+// Now use nerdctl to run a container from the new image
+println("\nStarting container from the new image using nerdctl...");
+
+// Create a container using the builder pattern
+// Use localhost/ prefix to ensure nerdctl uses the local image
+let local_image_name = "localhost/custom-golang-nginx:latest";
+println(`Using local image: ${local_image_name}`);
+
+// Import the image from buildah to nerdctl
+println("Importing image from buildah to nerdctl...");
+process_run("buildah", ["push", "custom-golang-nginx:latest", "docker-daemon:localhost/custom-golang-nginx:latest"]);
+
+let tag_result = nerdctl_image_tag("custom-golang-nginx:latest", local_image_name);
+
+// Tag the image with the localhost prefix for nerdctl compatibility
+// println(`Tagging image as ${local_image_name}...`);
+// let tag_result = bah_image_tag(final_image_name, local_image_name);
+
+// Print a command to check if the image exists in buildah
+println("\nTo verify the image was created with buildah, run:");
+println("buildah images");
+
+// Note: If nerdctl cannot find the image, you may need to push it to a registry
+// println("\nNote: If nerdctl cannot find the image, you may need to push it to a registry:");
+// println("buildah push localhost/custom-golang-nginx:latest docker://localhost:5000/custom-golang-nginx:latest");
+// println("nerdctl pull localhost:5000/custom-golang-nginx:latest");
+
+let container = nerdctl_container_from_image("golang-nginx-demo", local_image_name)
+    .with_detach(true)
+    .with_port("8081:80")  // Map port 80 in the container to 8080 on the host
+    .with_restart_policy("unless-stopped")
+    .build();
+
+// Start the container
+let start_result = container.start();
+
+println("\nWorkflow completed successfully!");
+println("The web server should be running at http://localhost:8081");
+println("You can check container logs with: nerdctl logs golang-nginx-demo");
+println("To stop the container: nerdctl stop golang-nginx-demo");
+println("To remove the container: nerdctl rm golang-nginx-demo");
+
+"Buildah and nerdctl workflow completed successfully!"

examples/sal/scripts/containers/nerdctl_webserver.rhai

@@ -0,0 +1,86 @@
+// 08__web_server.rhai
+// Demonstrates a complete workflow to set up a web server using 
+// Note: This script requires  to be installed and may need root privileges
+
+println("Starting  web server workflow...");
+
+// Create and use a temporary directory for all files
+let work_dir = "/tmp/";
+mkdir(work_dir);
+chdir(work_dir);
+println(`Working in directory: ${work_dir}`);
+
+
+println("\n=== Creating custom nginx configuration ===");
+let config_content = `
+server {
+    listen 80;
+    server_name localhost;
+
+    location / {
+        root /usr/share/nginx/html;
+        index index.html;
+    }
+}
+`;
+
+let config_file = `${work_dir}/custom-nginx.conf`;
+// Use file_write instead of run command
+file_write(config_file, config_content);
+println(`Created custom nginx configuration file at ${config_file}`);
+
+// Step 3: Create a custom index.html file
+println("\n=== Creating custom index.html ===");
+let html_content = `
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Demo</title>
+    <style>
+        body {
+            font-family: Arial, sans-serif;
+            margin: 40px;
+            line-height: 1.6;
+            color: #333;
+        }
+        h1 {
+            color: #0066cc;
+        }
+    </style>
+</head>
+<body>
+    <h1>Hello from HeroScript !</h1>
+    <p>This page is served by an Nginx container.</p>
+</body>
+</html>
+`;
+
+let html_file = `${work_dir}/index.html`;
+// Use file_write instead of run command
+file_write(html_file, html_content);
+println(`Created custom index.html file at ${html_file}`);
+
+println("\n=== Creating nginx container ===");
+let container_name = "nginx-demo";
+
+let env_map = #{}; // Create an empty map
+env_map["NGINX_HOST"] = "localhost";
+env_map["NGINX_PORT"] = "80";
+env_map["NGINX_WORKER_PROCESSES"] = "auto";
+
+// Create a container with a rich set of options using batch methods
+let container = nerdctl_container_from_image(container_name, "nginx:latest")
+    .reset()
+    .with_detach(true)
+    .with_ports(["8080:80"])                // Add multiple ports at once
+    .with_volumes([`${work_dir}:/usr/share/nginx/html`, "/var/log:/var/log/nginx"])  // Mount our work dir
+    .with_envs(env_map)               // Add multiple environment variables at once
+    .with_cpu_limit("1.0")
+    .with_memory_limit("512m")
+    .start();
+
+
+println("\n web server workflow completed successfully!");
+println("The web server is running at http://localhost:8080");
+
+"Web server script completed successfully!"