coulomb/sand-boxer
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2d0669c2f8285b9e1aebfb7d1a04d63ab0f5bbad
sand-boxer/profiles/profile.build.yaml
tegwick 1f87be4c6b feat: reachability and consumer profiles (SAND-WP-0011) 
Add reachability enrichment (tunnel metadata, ops-bridge pointer),
secret_refs boundary resolution, profile.agent-dev and profile.build,
CLI reachability show, API endpoint, consumer smoke scripts, and tests.
2026-06-24 12:54:27 +02:00

35 lines
712 B
YAML
Raw Blame History

id: profile.build
version: "1.0.0"
extension: ext.vm-packer
isolation:
level: microvm
network:
default: deny
egress: []
workspace:
mode: remote-canonical
access: rw
scope_default: agent
ttl:
default: 8h
max: 24h
idle_reap: null
resources:
cpu: null
memory_mb: null
setup:
instructions: >
Build sandbox for snuggle-inventor. Attach to pre-built VM via ops-bridge
tunnel (e.g. haskell-build). Secret refs resolved at provision boundary only.
secret_refs:
- build-registry-token
placement:
prefer: [localhost]
fallback: [workstation]
reachability:
tunnel: ops-bridge
identity: ops-warden
metadata:
cost_class: self-hosted
latency_class: standard
observability: none
Reference in New Issue View Git Blame Copy Permalink