coulomb/sand-boxer
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6d0a1a8b1e627405699c024e1fbf89aef48e8e23
sand-boxer/workplans/SAND-WP-0012-packer-orchestration.md

3.2 KiB
Raw Blame History

id, type, title, domain, repo, status, owner, topic_slug, created, updated, state_hub_workstream_id
id type title domain repo status owner topic_slug created updated state_hub_workstream_id
SAND-WP-0012 workplan Packer build orchestration infotech sand-boxer ready codex custodian 2026-06-24 2026-06-24 87838886-0f4a-4eae-8d0e-b464933089de

Packer build orchestration

Trigger Packer builds from sandboxer create and ship the-custodian make remote-build shim — completing the build-machines migration arc.

Gap analysis P8: history/2026-06-24-post-wp0007-intent-scope-gap-analysis.md
Carries forward: SAND-WP-0005-T06 (deferred)

Predecessor: SAND-WP-0011 (consumer profiles — proposed; attach mode done)
Follow-on: reuse-surface federation publish; sandboxer01 operator track

Packer build mode on ext.vm-packer

id: SAND-WP-0012-T01
status: todo
priority: high
state_hub_task_id: "9dc30d94-1797-4c35-81a0-e75e5414f6fc"

Extend VMPackerExtension with optional build mode: inputs packer_template, vm_name trigger local/SSH Packer run per the-custodian infra/build-machines/ conventions. Distinct from attach mode; teardown does not destroy VM image. Tests mocked subprocess.

profile.vm-packer-build

id: SAND-WP-0012-T02
status: todo
priority: high
state_hub_task_id: "8e30794c-d8b9-48c7-ae93-db84724eedf2"

New profile binding build mode with placement and TTL suitable for long builds. Document inputs in docs/migration-build-machines.md.

Manager and CLI integration

id: SAND-WP-0012-T03
status: todo
priority: high
state_hub_task_id: "685f766c-90ae-4698-87d0-b61535e7491a"

create path selects build vs attach via profile or inputs.mode=build|attach. Progress events to State Hub during long provision. CLI help text.

the-custodian remote-build shim

id: SAND-WP-0012-T04
status: todo
priority: medium
state_hub_task_id: "6c4c0f85-5153-4fe9-84e6-26c5c9d33bb1"

In the-custodian: make remote-build PROJECT= delegates to sandboxer create --profile profile.vm-haskell-build (attach) or new build profile. Deprecation notice on legacy rsync-only path. Verification script mirroring SAND-WP-0004 e2e shim pattern.

Port-registry automation

id: SAND-WP-0012-T05
status: todo
priority: low
state_hub_task_id: "701b2640-36ea-4702-b660-7169a4ec72cc"

Optional helper: register tunnel port from build-machines port-registry when VM attach provisions (read-only or emit ops-bridge config snippet). Document only if full automation deferred.

Docs, tests, runbook

id: SAND-WP-0012-T06
status: todo
priority: high
state_hub_task_id: "2378cd6a-ac23-47e9-a5d9-0d80b9e9f7af"

Update docs/migration-build-machines.md, docs/extension-sdk.md, operator runbook under docs/runbooks/. tests/test_vm_packer.py build mode cases. make check green.

Out of scope

Item Track
OVA import on hypervisor Operator / build-machines
systemd build-agent changes the-custodian infra
sandboxer01 host Infra operator

Acceptance criteria

  • Build mode provisions via CLI with mocked Packer in CI
  • Attach mode unchanged (backward compatible)
  • the-custodian shim documented and verified
  • SAND-WP-0005-T06 superseded when complete
Reference in New Issue View Git Blame Copy Permalink