generated from coulomb/repo-seed
Implement SAND-WP-0005: extension SDK and ext.vm-packer
Add SandboxExtension base class, extension SDK docs, vm-packer attach mode for build-machines VMs, profile.vm-haskell-build, SSH port support, tests, and migration docs.
This commit is contained in:
62
docs/migration-build-machines.md
Normal file
62
docs/migration-build-machines.md
Normal file
@@ -0,0 +1,62 @@
|
||||
# Migration — build-machines → ext.vm-packer
|
||||
|
||||
Maps `the-custodian/infra/build-machines/` to sand-boxer `profile.vm-haskell-build`.
|
||||
|
||||
## What moved
|
||||
|
||||
| Legacy (build-machines) | sand-boxer v0 |
|
||||
|-------------------------|---------------|
|
||||
| Packer OVA build | **Unchanged** — operator runs Packer in the-custodian |
|
||||
| VM boot + build-agent registration | **Unchanged** — systemd agent on VM |
|
||||
| `make remote-build PROJECT=` | `sandboxer create` + SSH into `reachability.remote_dir` |
|
||||
| Isolated workspace `/build/<project>` | `/build/sbx-<sandbox_id>/` per create |
|
||||
| `make bridge-status` | `ssh -p 12222 build@localhost` or `sandboxer inspect` (future) |
|
||||
|
||||
## v0 attach workflow
|
||||
|
||||
1. Build/import VM per [build-machines README](~/the-custodian/infra/build-machines/README.md).
|
||||
2. Ensure tunnel is up (`make bridge-status` in build-machines).
|
||||
3. Create sand-boxer workspace:
|
||||
|
||||
```bash
|
||||
export SANDBOXER_VM_TUNNEL_PORT=12222 # or use SSH alias
|
||||
|
||||
sandboxer create \
|
||||
--profile profile.vm-haskell-build \
|
||||
--input vm=haskell-build \
|
||||
--input repo=~/projects/my-haskell-app \
|
||||
--host localhost
|
||||
```
|
||||
|
||||
4. Run builds on VM:
|
||||
|
||||
```bash
|
||||
ssh haskell-build "cd <remote_dir> && source ~/.ghcup/env && cabal build all"
|
||||
```
|
||||
|
||||
5. Destroy workspace (VM stays running):
|
||||
|
||||
```bash
|
||||
sandboxer destroy <sandbox_id>
|
||||
```
|
||||
|
||||
## Inputs
|
||||
|
||||
| Input | Purpose |
|
||||
|-------|---------|
|
||||
| `vm` | SSH config alias (e.g. `haskell-build`) |
|
||||
| `ssh_target` | Alias for `vm` |
|
||||
| `tunnel_port` | Local reverse-tunnel port (default via `SANDBOXER_VM_TUNNEL_PORT`) |
|
||||
| `repo` | Optional rsync source to workspace |
|
||||
| `workspace_dir` | Override workspace path on VM |
|
||||
|
||||
## Not migrated yet
|
||||
|
||||
- Automated Packer `create` trigger from sand-boxer API
|
||||
- State Hub capability-catalog sync from build-agent (agent unchanged)
|
||||
- Port registry automation (`port-registry.yml`)
|
||||
- `make remote-build` Makefile targets in the-custodian (add shim in follow-on if needed)
|
||||
|
||||
## Runbook
|
||||
|
||||
`docs/runbooks/profile-vm-haskell-build.md`
|
||||
Reference in New Issue
Block a user