Implement SAND-WP-0005: extension SDK and ext.vm-packer

Add SandboxExtension base class, extension SDK docs, vm-packer attach mode
for build-machines VMs, profile.vm-haskell-build, SSH port support, tests,
and migration docs.
This commit is contained in:
2026-06-24 01:47:07 +02:00
parent c8126672ee
commit cec0fc6348
20 changed files with 679 additions and 16 deletions

View File

@@ -0,0 +1,50 @@
# profile.vm-haskell-build — Runbook
Attach an isolated Haskell build workspace on a pre-built VM (build-machines lineage).
## Prerequisites
- VM built/imported per `the-custodian/infra/build-machines/`
- SSH tunnel up (`make bridge-status` in build-machines)
- `~/.ssh/config` entry for `haskell-build` (or `tunnel_port` / `SANDBOXER_VM_TUNNEL_PORT`)
- `sandboxer` on PATH
## Create workspace
```bash
# Via SSH alias (recommended):
sandboxer create \
--profile profile.vm-haskell-build \
--input vm=haskell-build \
--input repo=~/projects/my-app \
--host localhost
# Via tunnel port:
export SANDBOXER_VM_TUNNEL_PORT=12222
sandboxer create \
--profile profile.vm-haskell-build \
--input vm=build@localhost \
--input tunnel_port=12222 \
--input repo=~/projects/my-app \
--host localhost
```
## Build on VM
Use `reachability.remote_dir` from create output:
```bash
ssh haskell-build "cd /build/sbx-<id> && source ~/.ghcup/env && cabal build all"
```
## Destroy
```bash
sandboxer destroy <sandbox_id>
```
Removes workspace only; the VM keeps running.
## Migration reference
`docs/migration-build-machines.md`