Finish SAND-WP-0003: wise-validator extraction workplan

Add workplan, update migration-gaps delivered table, and extend sand-boxer e2e.yml with health check for validate run self-smoke.
2026-06-23 21:37:08 +02:00
parent 9054d33e46
commit e7d31b7f55
3 changed files with 138 additions and 9 deletions
--- a/docs/migration-gaps.md
+++ b/docs/migration-gaps.md
@@ -6,14 +6,17 @@ Recorded after SAND-WP-0002-T10 remote verification on CoulombCore (`92.205.130.
 `SANDBOXER_COMPOSE_CMD=podman-compose`. Container images need fully qualified names
 (e.g. `docker.io/library/nginx:alpine`) due to short-name registry policy.

-## wise-validator (SAND-WP-0003)
+## wise-validator (SAND-WP-0003) — delivered

-| Legacy (`e2e-framework`) | sand-boxer today | Gap |
-|--------------------------|------------------|-----|
-| Parse `e2e/e2e.yml` health_checks | `wait_ready` uses compose `ps` only | wise-validator must own HTTP health polling |
-| Run `test_command` | Not implemented | wise-validator runs tests inside ready sandbox |
-| `reporter.py` → State Hub pass/fail | Lifecycle events only | wise-validator posts validation results |
-| `make e2e REPO=` one-shot | `create` + separate validate step | Need orchestrated caller or validator CLI |
+| Legacy (`e2e-framework`) | wise-validator today | Notes |
+|--------------------------|----------------------|-------|
+| `schema.py` | `wisevalidator/schema.py` | `e2e/e2e.yml` v1 contract |
+| Health polling | `wisevalidator/ssh.py` | Remote `curl` after sand-boxer `ready` |
+| `test_command` | `wisevalidator/runner.py` | SSH in `reachability.remote_dir` |
+| `reporter.py` | `wisevalidator/reporter.py` | `e2e_result` State Hub events |
+| Monolithic CLI | `validate run` | sand-boxer `create`/`destroy` via CLI client |
+
+Remaining: `make e2e REPO=` shim → SAND-WP-0004.

 ## the-custodian shim (SAND-WP-0004)

--- a/e2e/e2e.yml
+++ b/e2e/e2e.yml
@@ -1,8 +1,11 @@
 # Smoke contract for sand-boxer self-deploy verification (SAND-WP-0002-T10).
-# Test execution semantics belong to wise-validator (SAND-WP-0003).
+# Full validation via wise-validator: validate run ~/sand-boxer (SAND-WP-0003).
 name: sand-boxer
 compose_file: e2e/docker-compose.smoke.yml
-health_checks: []
+health_checks:
+  - name: smoke-nginx
+    url: http://127.0.0.1:18080
+    timeout: 60
 test_command: "true"
 timeout: 60
 cleanup: always
--- a/workplans/SAND-WP-0003-wise-validator-extraction.md
+++ b/workplans/SAND-WP-0003-wise-validator-extraction.md
@@ -0,0 +1,123 @@
+---
+id: SAND-WP-0003
+type: workplan
+title: "wise-validator extraction from e2e-framework"
+domain: infotech
+repo: sand-boxer
+status: finished
+owner: codex
+topic_slug: custodian
+created: "2026-06-23"
+updated: "2026-06-23"
+---
+
+# wise-validator extraction from e2e-framework
+
+Extract the validation half of `the-custodian/e2e-framework/` into the
+`wise-validator` repo. sand-boxer (SAND-WP-0002) already owns provision/teardown
+via `ext.compose-ssh`; this workplan delivers health polling, test execution,
+pass/fail reporting, and the `validate run` CLI.
+
+**Charter:** `wise-validator/INTENT.md`  
+**Predecessor:** SAND-WP-0002 (finished)  
+**Follow-on:** SAND-WP-0004 (`the-custodian` `make e2e` shim)
+
+## Scaffold wise-validator package
+
+```task
+id: SAND-WP-0003-T01
+status: done
+priority: high
+```
+
+Python 3.11+ package in `~/wise-validator`: `pyproject.toml`, `src/wisevalidator/`,
+`tests/`, `Makefile` (`setup`, `install`, `check`, `test`, `lint`).
+
+## Extract e2e.yml schema
+
+```task
+id: SAND-WP-0003-T02
+status: done
+priority: high
+```
+
+Port `e2e-framework/schema.py` as `wisevalidator/schema.py` — `E2EConfig`,
+`HealthCheck`, v1 `e2e/e2e.yml` contract (CUST-WP-0028 compatible).
+
+## sand-boxer client integration
+
+```task
+id: SAND-WP-0003-T03
+status: done
+priority: high
+```
+
+`wisevalidator/sandbox_client.py` — call `sandboxer create` / `destroy` (CLI v0),
+parse `SandboxStatus` JSON, no embedded provisioners.
+
+## Validation runner
+
+```task
+id: SAND-WP-0003-T04
+status: done
+priority: high
+```
+
+`wisevalidator/runner.py` — load contract, request sandbox, HTTP health-wait on
+remote host, run `test_command`, apply `cleanup` policy (`always` / `on_success` /
+`never`).
+
+## State Hub reporter
+
+```task
+id: SAND-WP-0003-T05
+status: done
+priority: medium
+```
+
+Port `e2e-framework/reporter.py` — `event_type: e2e_result` progress events
+(backward compatible with legacy framework).
+
+## validate run CLI
+
+```task
+id: SAND-WP-0003-T06
+status: done
+priority: high
+```
+
+Typer CLI `validate run <repo>` with `--host`, `--keep`, `--workstream-id`,
+`--no-report`. Entry point: `validate`.
+
+## Tests
+
+```task
+id: SAND-WP-0003-T07
+status: done
+priority: high
+```
+
+Unit tests for schema, runner (mocked sandbox + SSH), reporter. Fixture repo with
+minimal `e2e/e2e.yml`.
+
+## Registry and docs
+
+```task
+id: SAND-WP-0003-T08
+status: done
+priority: medium
+```
+
+`registry/capabilities/validation.compose-e2e.md`, `docs/integrations/sand-boxer.md`,
+`docs/runbooks/validate-compose-e2e.md`. Updated `sand-boxer/docs/migration-gaps.md`.
+
+## Remote smoke (optional)
+
+```task
+id: SAND-WP-0003-T09
+status: wait
+priority: low
+```
+
+`scripts/smoke-validate-run.sh` against CoulombCore when `SANDBOXER_HOST` set;
+operator verification (same host requirements as SAND-WP-0002-T10).