docs: promote vm run + image catalog as the happy path
Lead the README with `banger vm run` (one command, auto-pull default image + kernel from the catalogs), move `image register` / `image build` / OCI-pull to a "power-user flows" section. Golden-image content from customize.sh moves to the golden-image Dockerfile story. New `docs/image-catalog.md` mirrors `docs/kernel-catalog.md` — the bundle format, content-addressed filenames, publish flow, trust model, R2 hosting. Cross-links with oci-import.md. `docs/oci-import.md` refactored to document the OCI-pull path as the fallthrough for arbitrary registry refs (it's the secondary path now that the catalog covers the headline debian-bookworm case). Phase A caveats removed — ownership fixup, agent injection, and first-boot sshd install all landed. AGENTS.md: promotes `vm run` as the smoke-test primitive, notes the default-image auto-pull behaviour, and points at both catalog docs. README shrinks 330 → 198 lines, mostly by removing the experimental void/alpine sections (those flows still work as advanced scripts but the README no longer advertises them). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
75baf2e415
commit
8029b2e1bc
4 changed files with 404 additions and 450 deletions
21
AGENTS.md
21
AGENTS.md
|
|
@ -7,7 +7,9 @@ Always run `make build` before commit.
|
|||
- `cmd/banger` and `cmd/bangerd` are the main user entrypoints.
|
||||
- `internal/` contains the daemon, CLI, RPC, storage, Firecracker integration, guest helpers, and the experimental web UI.
|
||||
- `internal/daemon/` is the composition root; pure helpers live in its subpackages (`opstate`, `dmsnap`, `fcproc`, `imagemgr`, `session`, `workspace`). See `internal/daemon/ARCHITECTURE.md`.
|
||||
- `scripts/` contains explicit manual helper workflows for rootfs and kernel preparation.
|
||||
- `internal/imagecat/` and `internal/kernelcat/` embed the image + kernel catalogs.
|
||||
- `images/golden/` is the Dockerfile for the `debian-bookworm` catalog entry.
|
||||
- `scripts/` contains manual helper workflows for rootfs, kernel, and bundle preparation.
|
||||
- `build/bin/` is the canonical source-checkout build output.
|
||||
- `build/manual/` is the canonical source-checkout location for manual rootfs/kernel artifacts.
|
||||
|
||||
|
|
@ -17,19 +19,20 @@ Always run `make build` before commit.
|
|||
- `make test` runs `go test ./...`.
|
||||
- `make lint` runs `gofmt -l`, `go vet ./...`, and `shellcheck --severity=error` on `scripts/*.sh`. Run before commits.
|
||||
- `./build/bin/banger doctor` checks host readiness.
|
||||
- `./build/bin/banger image build --from-image <image>` builds a managed image from an existing registered image.
|
||||
- `./build/bin/banger vm run` is the primary user-facing entry point — auto-pulls the default image + kernel from the catalogs if missing.
|
||||
- `./build/bin/banger image pull <name>` uses the bundle catalog (fast) when `<name>` is a catalog entry, or falls through to the OCI path for arbitrary registry refs. See `docs/image-catalog.md` and `docs/oci-import.md`.
|
||||
- `./build/bin/banger image register ...` registers an unmanaged host-side image stack.
|
||||
- `./build/bin/banger image build --from-image <image>` builds a managed image from an existing one.
|
||||
- `./build/bin/banger image promote <image>` copies an unmanaged image into daemon-owned managed artifacts.
|
||||
- `scripts/make-generic-kernel.sh` builds a Firecracker-optimized vmlinux from upstream sources (no initrd, all drivers built-in). This is the recommended kernel for OCI-pulled images.
|
||||
- `make void-kernel`, `make rootfs-void`, and `make void-register` drive the experimental Void flow under `./build/manual`.
|
||||
- `scripts/publish-kernel.sh <name>` packages a locally-imported kernel and uploads it to the catalog; see `docs/kernel-catalog.md`.
|
||||
- `banger image pull <oci-ref> --kernel-ref <name>` pulls a rootfs from any OCI registry; see `docs/oci-import.md` (experimental — file-ownership caveat).
|
||||
- `scripts/make-generic-kernel.sh` builds a Firecracker-optimized vmlinux from upstream sources. `scripts/publish-kernel.sh <name>` publishes it to the kernel catalog.
|
||||
- `scripts/publish-golden-image.sh` rebuilds + publishes the golden image bundle and patches the image catalog.
|
||||
|
||||
## Image Model
|
||||
|
||||
- Managed images own the full boot set: rootfs, optional work-seed, kernel, optional initrd, and optional modules.
|
||||
- There is no runtime bundle and no auto-registered default image from disk paths.
|
||||
- `default_image_name` selects a registered image only.
|
||||
- The image catalog ships pre-built bundles. `vm run` auto-pulls the default catalog entry; `image pull <name>` can be invoked explicitly.
|
||||
- `default_image_name` defaults to `debian-bookworm`. On miss, the daemon auto-pulls from `imagecat` before surfacing "not found".
|
||||
- Kernel references follow the same auto-pull pattern against `kernelcat`.
|
||||
|
||||
## Config
|
||||
|
||||
|
|
@ -50,7 +53,7 @@ Always run `make build` before commit.
|
|||
## Testing Guidance
|
||||
|
||||
- Primary automated coverage is `go test ./...`.
|
||||
- For lifecycle changes, smoke-test with `vm create`, `vm ssh`, `vm stop`, and `vm delete`.
|
||||
- For lifecycle changes, smoke-test with `vm run` end-to-end (covers create + start + boot + ssh).
|
||||
- If guest provisioning changes, document whether existing images must be rebuilt or recreated.
|
||||
|
||||
## Security
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue