generated from coulomb/repo-seed
Implement SAND-WP-0005: extension SDK and ext.vm-packer
Add SandboxExtension base class, extension SDK docs, vm-packer attach mode for build-machines VMs, profile.vm-haskell-build, SSH port support, tests, and migration docs.
This commit is contained in:
@@ -3,6 +3,8 @@
|
||||
Backend adapters for sandbox establishment. Each extension is declared in
|
||||
`ext.<name>.yaml` and implements `provision`, `wait_ready`, and `teardown`.
|
||||
|
||||
Author guide: `docs/extension-sdk.md`
|
||||
|
||||
## ext.compose-ssh
|
||||
|
||||
Self-hosted extension migrated from `the-custodian/e2e-framework/`.
|
||||
@@ -29,4 +31,19 @@ step. sand-boxer splits responsibilities:
|
||||
| health checks + test_command | wise-validator (SAND-WP-0003) |
|
||||
|
||||
Interim workflow: `sandboxer create --profile profile.compose-e2e --input repo=...`
|
||||
then run validation separately until wise-validator migration lands.
|
||||
then run validation separately until wise-validator migration lands.
|
||||
|
||||
## ext.vm-packer
|
||||
|
||||
Attach mode for pre-built VMs (`the-custodian/infra/build-machines/` lineage).
|
||||
|
||||
**Provision:** SSH to VM alias or tunnel port → isolated workspace under `/build/sbx-<id>/`
|
||||
→ optional rsync of `repo` input.
|
||||
|
||||
**wait_ready:** Confirms workspace directory exists on VM.
|
||||
|
||||
**teardown:** Removes workspace only; VM persists.
|
||||
|
||||
**Profile:** `profile.vm-haskell-build` — see `docs/runbooks/profile-vm-haskell-build.md`.
|
||||
|
||||
Packer build / OVA import remains operator-driven (not triggered by `create`).
|
||||
16
extensions/ext.vm-packer.yaml
Normal file
16
extensions/ext.vm-packer.yaml
Normal file
@@ -0,0 +1,16 @@
|
||||
id: ext.vm-packer
|
||||
title: VM workspace (Packer lineage)
|
||||
description: >
|
||||
Attach an isolated workspace on a pre-built VM (the-custodian build-machines
|
||||
lineage). v0 supports attach mode via SSH alias or tunnel port; Packer build
|
||||
orchestration is operator-driven and deferred.
|
||||
handler: sandboxer.extensions.vm_packer:VMPackerExtension
|
||||
capabilities:
|
||||
isolation_levels: [microvm]
|
||||
regions: []
|
||||
persistence: true
|
||||
pricing_model: self-hosted
|
||||
config:
|
||||
workspace_base: /build
|
||||
ssh_user: build
|
||||
ready_timeout_s: 30
|
||||
Reference in New Issue
Block a user