# Migration gaps — SAND-WP-0002 smoke findings

Recorded after SAND-WP-0002-T10 remote verification on CoulombCore (`92.205.130.254`).

**Host findings:** CoulombCore has `podman-compose` (not `docker compose`). Use
`SANDBOXER_COMPOSE_CMD=podman-compose`. Container images need fully qualified names
(e.g. `docker.io/library/nginx:alpine`) due to short-name registry policy.

## wise-validator (SAND-WP-0003) — delivered

| Legacy (`e2e-framework`) | wise-validator today | Notes |
|--------------------------|----------------------|-------|
| `schema.py` | `wisevalidator/schema.py` | `e2e/e2e.yml` v1 contract |
| Health polling | `wisevalidator/ssh.py` | Remote `curl` after sand-boxer `ready` |
| `test_command` | `wisevalidator/runner.py` | SSH in `reachability.remote_dir` |
| `reporter.py` | `wisevalidator/reporter.py` | `e2e_result` State Hub events |
| Monolithic CLI | `validate run` | sand-boxer `create`/`destroy` via CLI client |

## the-custodian shim (SAND-WP-0004) — delivered

| Legacy | Target | Status |
|--------|--------|--------|
| `make e2e REPO=` in the-custodian | `validate run` (wise-validator + sand-boxer) | **Done** |
| `python -m e2e_framework` | Deprecation + delegate via `e2e-framework/shim.py` | **Done** |
| `RUNBOOK.md` in e2e-framework | Points to wise-validator + sand-boxer runbooks | **Done** |
| Verification | `the-custodian/scripts/verify-e2e-shim.sh` | **Done** |

**e2e-framework migration arc complete** (provision: sand-boxer, validation:
wise-validator, operator entry: `make e2e`).

## build-machines (SAND-WP-0005) — attach mode delivered

| Legacy (`build-machines`) | sand-boxer today | Notes |
|---------------------------|------------------|-------|
| Packer OVA build | Operator-driven (unchanged) | Not triggered by `create` |
| `make remote-build` rsync + SSH | `sandboxer create --profile profile.vm-haskell-build` | Workspace `/build/sbx-<id>/` |
| VM teardown | N/A | `destroy` removes workspace only; VM persists |
| Extension author contract | `docs/extension-sdk.md` | `SandboxExtension` base class |

Deferred: Packer orchestration from API, `make remote-build` shim.

## sand-boxer follow-ons

| Item | Workplan |
|------|----------|
| ~~SaaS extensions + payments v0~~ | SAND-WP-0006 — stub + routing + credits |
| E2B / Modal real adapters | Post SAND-WP-0006 |
| ~~Snapshot / restore~~ | SAND-WP-0007 — `docs/snapshots.md` |
| ~~TTL enforcement + scheduled reap~~ | SAND-WP-0009 — `docs/ttl.md` |