Add real runtime materialization pipeline and bundle artifacts

2026-03-06 19:26:29 -03:00 · 2026-03-06 19:26:29 -03:00 · c43c718c83
commit c43c718c83
parent cbf212bb7b
32 changed files with 1456 additions and 27 deletions
--- a/src/pyro_mcp/runtime.py
+++ b/src/pyro_mcp/runtime.py
@ -24,6 +24,7 @@ class RuntimePaths:
    manifest_path: Path
    firecracker_bin: Path
    jailer_bin: Path
+    guest_agent_path: Path | None
    artifacts_dir: Path
    notice_path: Path
    manifest: dict[str, Any]
@ -91,9 +92,21 @@ def resolve_runtime_paths(

    firecracker_bin = bundle_root / str(firecracker_entry.get("path", ""))
    jailer_bin = bundle_root / str(jailer_entry.get("path", ""))
+    guest_agent_path: Path | None = None
+    guest = manifest.get("guest")
+    if isinstance(guest, dict):
+        agent_entry = guest.get("agent")
+        if isinstance(agent_entry, dict):
+            raw_agent_path = agent_entry.get("path")
+            if isinstance(raw_agent_path, str):
+                guest_agent_path = bundle_root / raw_agent_path
    artifacts_dir = bundle_root / "profiles"

-    for path in (firecracker_bin, jailer_bin, artifacts_dir):
+    required_paths = [firecracker_bin, jailer_bin, artifacts_dir]
+    if guest_agent_path is not None:
+        required_paths.append(guest_agent_path)
+
+    for path in required_paths:
        if not path.exists():
            raise RuntimeError(f"runtime asset missing: {path}")

@ -112,6 +125,20 @@ def resolve_runtime_paths(
                raise RuntimeError(
                    f"runtime checksum mismatch for {full_path}; expected {raw_hash}, got {actual}"
                )
+        if isinstance(guest, dict):
+            agent_entry = guest.get("agent")
+            if isinstance(agent_entry, dict):
+                raw_path = agent_entry.get("path")
+                raw_hash = agent_entry.get("sha256")
+                if not isinstance(raw_path, str) or not isinstance(raw_hash, str):
+                    raise RuntimeError("runtime guest agent manifest entry is malformed")
+                full_path = bundle_root / raw_path
+                actual = _sha256(full_path)
+                if actual != raw_hash:
+                    raise RuntimeError(
+                        f"runtime checksum mismatch for {full_path}; "
+                        f"expected {raw_hash}, got {actual}"
+                    )
        profiles = manifest.get("profiles")
        if not isinstance(profiles, dict):
            raise RuntimeError("runtime manifest is missing `profiles`")
@ -141,6 +168,7 @@ def resolve_runtime_paths(
        manifest_path=manifest_path,
        firecracker_bin=firecracker_bin,
        jailer_bin=jailer_bin,
+        guest_agent_path=guest_agent_path,
        artifacts_dir=artifacts_dir,
        notice_path=notice_path,
        manifest=manifest,
@ -222,9 +250,11 @@ def doctor_report(*, platform: str = DEFAULT_PLATFORM) -> dict[str, Any]:
        "manifest_path": str(paths.manifest_path),
        "firecracker_bin": str(paths.firecracker_bin),
        "jailer_bin": str(paths.jailer_bin),
+        "guest_agent_path": str(paths.guest_agent_path) if paths.guest_agent_path else None,
        "artifacts_dir": str(paths.artifacts_dir),
        "notice_path": str(paths.notice_path),
        "bundle_version": paths.manifest.get("bundle_version"),
+        "component_versions": paths.manifest.get("component_versions", {}),
        "profiles": profile_names,
        "capabilities": {
            "supports_vm_boot": capabilities.supports_vm_boot,