Implement SAND-WP-0006: SaaS payments, routing, and ext.saas-stub

Add credits store, metering on create/destroy, extension routing resolver,
metered SaaS stub extension, burst/saas profiles, credits CLI, docs, and tests.
This commit is contained in:
2026-06-24 07:52:20 +02:00
parent eee336149e
commit 1415e17230
29 changed files with 878 additions and 18 deletions

View File

@@ -0,0 +1,40 @@
id: profile.burst-sandbox
version: "1.0.0"
extension: ext.compose-ssh
route:
strategy: prefer-self-hosted
extensions:
- ext.compose-ssh
- ext.saas-stub
max_cost_per_hour_usd: 1.0
isolation:
level: container
network:
default: deny
egress: []
workspace:
mode: remote-canonical
access: rw
scope_default: session
ttl:
default: 2h
max: 8h
idle_reap: null
resources:
cpu: null
memory_mb: null
setup:
instructions: >
Prefer self-hosted compose on SANDBOXER_HOST; falls back to metered SaaS stub
when host is unavailable or SANDBOXER_FORCE_SAAS=1.
secret_refs: []
placement:
prefer: [sandboxer01]
fallback: [coulombcore]
reachability:
tunnel: ops-bridge
identity: ops-warden
metadata:
cost_class: saas-metered
latency_class: standard
observability: none

View File

@@ -0,0 +1,32 @@
id: profile.saas-stub
version: "1.0.0"
extension: ext.saas-stub
isolation:
level: microvm
network:
default: deny
egress: []
workspace:
mode: remote-canonical
access: rw
scope_default: session
ttl:
default: 1h
max: 4h
idle_reap: null
resources:
cpu: null
memory_mb: null
setup:
instructions: "Metered SaaS stub — no external provider API."
secret_refs: []
placement:
prefer: []
fallback: []
reachability:
tunnel: ops-bridge
identity: ops-warden
metadata:
cost_class: saas-metered
latency_class: standard
observability: none