generated from coulomb/repo-seed
feat: TTL enforcement and operational hardening (SAND-WP-0009)
Add TTL parser, expires_at on create, extend_ttl and expire/reap APIs, activity-core integration doc, repo classification, registry refresh, HTTP parity, and 69 tests.
This commit is contained in:
15
SCOPE.md
15
SCOPE.md
@@ -44,7 +44,7 @@ orchestration from `create` remains deferred.
|
||||
## In Scope
|
||||
|
||||
- **Unified establishment API** — CLI v0 + HTTP stub (`create`, `get`, `list`,
|
||||
`destroy`, `recreate`, `snapshot`, `restore`); `extend_ttl` planned
|
||||
`destroy`, `recreate`, `snapshot`, `restore`, `extend-ttl`, `expire`)
|
||||
- **Profile catalog** — six profiles: compose e2e/checkpoint, sandbox canary,
|
||||
vm-haskell-build, saas-stub, burst-sandbox
|
||||
- **Extension platform** — `ext.compose-ssh`, `ext.vm-packer`, `ext.saas-stub`;
|
||||
@@ -128,12 +128,12 @@ own tunnels or CAs.
|
||||
- **Docs:** `meta-framework`, `extension-sdk`, `host-telemetry`, `routing`,
|
||||
`payments`, `snapshots`, `migration-gaps`, `migration-build-machines`
|
||||
- **Registry:** `capability.execution.sandbox-provision` indexed (draft)
|
||||
- **Tests:** 54 pytest cases; `make check` green
|
||||
- **Tests:** 69 pytest cases; `make check` green
|
||||
- **Siblings:** wise-validator `validate run` (SAND-WP-0003); the-custodian
|
||||
`make e2e REPO=` shim (SAND-WP-0004)
|
||||
|
||||
Latest gap analysis: `history/2026-06-24-post-wp0007-intent-scope-gap-analysis.md`
|
||||
Next workplan: **SAND-WP-0009** (TTL enforcement and operational hardening).
|
||||
Latest workplan: **SAND-WP-0009** (TTL enforcement — finished).
|
||||
|
||||
---
|
||||
|
||||
@@ -149,6 +149,9 @@ sandboxer get <id> / list / destroy / recreate
|
||||
sandboxer snapshot <id> [--name LABEL]
|
||||
sandboxer restore <snapshot_id>
|
||||
sandboxer snapshots list / snapshots get <id>
|
||||
sandboxer extend-ttl <id> --duration 2h
|
||||
sandboxer expire [--apply]
|
||||
sandboxer create --ttl 2h ...
|
||||
sandboxer credits show / credits add <amount>
|
||||
sandboxer inspect host / inspect stale / reap-stale [--apply]
|
||||
make smoke-remote # CoulombCore compose smoke (SANDBOXER_HOST)
|
||||
@@ -168,14 +171,14 @@ cd ~/the-custodian && make e2e REPO=activity-core
|
||||
|
||||
## What Is Not Possible Yet
|
||||
|
||||
- TTL auto-expiry / `extend_ttl` enforcement
|
||||
- ~~TTL auto-expiry / `extend_ttl` enforcement~~ — done (SAND-WP-0009)
|
||||
- Packer build orchestration from `create` (attach-only today)
|
||||
- Real E2B / Modal / Daytona adapters (in-repo stub only)
|
||||
- Cross-host snapshot transfer
|
||||
- Formal ops-bridge tunnel attachment in reachability descriptor
|
||||
- Dedicated sandboxer01 host (CoulombCore interim only today)
|
||||
- `reuse-surface validate` / federation publish workflow
|
||||
- `.repo-classification.yaml` (State Hub C-24 hygiene)
|
||||
- ~~`.repo-classification.yaml`~~ — done (SAND-WP-0009)
|
||||
- fin-hub billing export for metered usage
|
||||
|
||||
---
|
||||
@@ -239,6 +242,8 @@ see `registry/capabilities/execution.sandbox-provision.md`.
|
||||
| `docs/routing.md` | Backend selection strategies |
|
||||
| `docs/payments.md` | Credits and metering |
|
||||
| `docs/snapshots.md` | Checkpoint snapshot/restore |
|
||||
| `docs/ttl.md` | TTL extend and expire/reap |
|
||||
| `docs/security.md` | Blast-radius vs intent enforcement |
|
||||
| `docs/migration-gaps.md` | Legacy cutover status |
|
||||
| `docs/integrations/` | Consumer contracts |
|
||||
| `workplans/` | ADR-001 work structure |
|
||||
|
||||
Reference in New Issue
Block a user