generated from coulomb/repo-seed
tegwick
774bc5ae0a
Add vm-packer build mode, profile.vm-packer-build, State Hub progress notes during long provision, docs/runbook, and build mode tests.
121 lines
3.1 KiB
Markdown
121 lines
3.1 KiB
Markdown
---
|
|
id: SAND-WP-0012
|
|
type: workplan
|
|
title: "Packer build orchestration"
|
|
domain: infotech
|
|
repo: sand-boxer
|
|
status: finished
|
|
owner: codex
|
|
topic_slug: custodian
|
|
created: "2026-06-24"
|
|
updated: "2026-06-24"
|
|
state_hub_workstream_id: "87838886-0f4a-4eae-8d0e-b464933089de"
|
|
---
|
|
|
|
# Packer build orchestration
|
|
|
|
Trigger Packer builds from `sandboxer create` and ship the-custodian
|
|
`make remote-build` shim — completing the build-machines migration arc.
|
|
|
|
Gap analysis P8: `history/2026-06-24-post-wp0007-intent-scope-gap-analysis.md`
|
|
Carries forward: SAND-WP-0005-T06 (deferred)
|
|
|
|
**Predecessor:** SAND-WP-0011 (consumer profiles)
|
|
**Follow-on:** reuse-surface federation publish; sandboxer01 operator track
|
|
|
|
---
|
|
|
|
## Packer build mode on ext.vm-packer
|
|
|
|
```task
|
|
id: SAND-WP-0012-T01
|
|
status: done
|
|
priority: high
|
|
state_hub_task_id: "9dc30d94-1797-4c35-81a0-e75e5414f6fc"
|
|
```
|
|
|
|
`VMPackerExtension` build mode: inputs `packer_template`, `vm_name` trigger
|
|
local Packer run per the-custodian `infra/build-machines/` conventions.
|
|
Distinct from attach mode; teardown preserves OVA artifact. Tests mocked subprocess.
|
|
|
|
## profile.vm-packer-build
|
|
|
|
```task
|
|
id: SAND-WP-0012-T02
|
|
status: done
|
|
priority: high
|
|
state_hub_task_id: "8e30794c-d8b9-48c7-ae93-db84724eedf2"
|
|
```
|
|
|
|
Profile binding build mode with placement and TTL suitable for long builds.
|
|
Documented inputs in `docs/migration-build-machines.md`.
|
|
|
|
## Manager and CLI integration
|
|
|
|
```task
|
|
id: SAND-WP-0012-T03
|
|
status: done
|
|
priority: high
|
|
state_hub_task_id: "685f766c-90ae-4698-87d0-b61535e7491a"
|
|
```
|
|
|
|
`create` selects build vs attach via profile or `inputs.mode=build|attach`.
|
|
Progress events to State Hub during long provision. CLI help text updated.
|
|
|
|
## the-custodian remote-build shim
|
|
|
|
```task
|
|
id: SAND-WP-0012-T04
|
|
status: done
|
|
priority: medium
|
|
state_hub_task_id: "6c4c0f85-5153-4fe9-84e6-26c5c9d33bb1"
|
|
```
|
|
|
|
`make remote-build PROJECT=` in build-machines delegates to
|
|
`sandboxer create --profile profile.vm-haskell-build` when CLI present;
|
|
legacy rsync path retained with deprecation notice.
|
|
`scripts/verify-remote-build-shim.sh` mirrors SAND-WP-0004 pattern.
|
|
|
|
## Port-registry automation
|
|
|
|
```task
|
|
id: SAND-WP-0012-T05
|
|
status: done
|
|
priority: low
|
|
state_hub_task_id: "701b2640-36ea-4702-b660-7169a4ec72cc"
|
|
```
|
|
|
|
Documented read-only port-registry pointer in `docs/migration-build-machines.md`;
|
|
full ops-bridge automation deferred.
|
|
|
|
## Docs, tests, runbook
|
|
|
|
```task
|
|
id: SAND-WP-0012-T06
|
|
status: done
|
|
priority: high
|
|
state_hub_task_id: "2378cd6a-ac23-47e9-a5d9-0d80b9e9f7af"
|
|
```
|
|
|
|
Updated `docs/migration-build-machines.md`, `docs/extension-sdk.md`, operator
|
|
runbook `docs/runbooks/profile-vm-packer-build.md`. Build mode cases in
|
|
`tests/test_vm_packer.py`. `make check` green (90 tests).
|
|
|
|
---
|
|
|
|
## Out of scope
|
|
|
|
| Item | Track |
|
|
|------|-------|
|
|
| OVA import on hypervisor | Operator / build-machines |
|
|
| systemd build-agent changes | the-custodian infra |
|
|
| sandboxer01 host | Infra operator |
|
|
|
|
---
|
|
|
|
## Acceptance criteria
|
|
|
|
- Build mode provisions via CLI with mocked Packer in CI
|
|
- Attach mode unchanged (backward compatible)
|
|
- the-custodian shim documented and verified
|
|
- SAND-WP-0005-T06 superseded when complete |