thaloco/pyro-mcp
1
Fork 0
Code Pull requests Releases Packages Activity Actions

Add runtime capability scaffolding and align docs

Browse source
This commit is contained in:
Thales Maciel 2026-03-05 22:57:09 -03:00
parent fb8b985049
commit cbf212bb7b
19 changed files with 1048 additions and 71 deletions
Download patch file Download diff file Expand all files Collapse all files

67
src/pyro_mcp/runtime.py
View file

@ -11,6 +11,8 @@ from dataclasses import dataclass
from pathlib import Path
from typing import Any
from pyro_mcp.vm_network import TapNetworkManager
DEFAULT_PLATFORM = "linux-x86_64"
@ -27,6 +29,16 @@ class RuntimePaths:
manifest: dict[str, Any]
@dataclass(frozen=True)
class RuntimeCapabilities:
"""Feature flags inferred from the bundled runtime."""
supports_vm_boot: bool
supports_guest_exec: bool
supports_guest_network: bool
reason: str | None = None
def _sha256(path: Path) -> str:
digest = hashlib.sha256()
with path.open("rb") as fp:
@ -135,6 +147,40 @@ def resolve_runtime_paths(
)
def runtime_capabilities(paths: RuntimePaths) -> RuntimeCapabilities:
"""Infer what the current bundled runtime can actually do."""
binary_text = paths.firecracker_bin.read_text(encoding="utf-8", errors="ignore")
if "bundled firecracker shim" in binary_text:
return RuntimeCapabilities(
supports_vm_boot=False,
supports_guest_exec=False,
supports_guest_network=False,
reason="bundled runtime uses shim firecracker/jailer binaries",
)
capabilities = paths.manifest.get("capabilities")
if not isinstance(capabilities, dict):
return RuntimeCapabilities(
supports_vm_boot=False,
supports_guest_exec=False,
supports_guest_network=False,
reason="runtime manifest does not declare guest boot/exec/network capabilities",
)
supports_vm_boot = bool(capabilities.get("vm_boot"))
supports_guest_exec = bool(capabilities.get("guest_exec"))
supports_guest_network = bool(capabilities.get("guest_network"))
reason = None
if not supports_vm_boot:
reason = "runtime manifest does not advertise real VM boot support"
return RuntimeCapabilities(
supports_vm_boot=supports_vm_boot,
supports_guest_exec=supports_guest_exec,
supports_guest_network=supports_guest_network,
reason=reason,
)
def doctor_report(*, platform: str = DEFAULT_PLATFORM) -> dict[str, Any]:
"""Build a runtime diagnostics report."""
report: dict[str, Any] = {
@ -146,13 +192,28 @@ def doctor_report(*, platform: str = DEFAULT_PLATFORM) -> dict[str, Any]:
"readable": os.access("/dev/kvm", os.R_OK),
"writable": os.access("/dev/kvm", os.W_OK),
},
"networking": {
"enabled_by_default": TapNetworkManager().enabled,
},
}
network = TapNetworkManager.diagnostics()
report["networking"].update(
{
"tun_available": network.tun_available,
"ip_binary": network.ip_binary,
"nft_binary": network.nft_binary,
"iptables_binary": network.iptables_binary,
"ip_forward_enabled": network.ip_forward_enabled,
}
)
try:
paths = resolve_runtime_paths(platform=platform, verify_checksums=True)
except Exception as exc: # noqa: BLE001
report["issues"] = [str(exc)]
return report
capabilities = runtime_capabilities(paths)
profiles = paths.manifest.get("profiles", {})
profile_names = sorted(profiles.keys()) if isinstance(profiles, dict) else []
report["runtime_ok"] = True
@ -165,6 +226,12 @@ def doctor_report(*, platform: str = DEFAULT_PLATFORM) -> dict[str, Any]:
"notice_path": str(paths.notice_path),
"bundle_version": paths.manifest.get("bundle_version"),
"profiles": profile_names,
"capabilities": {
"supports_vm_boot": capabilities.supports_vm_boot,
"supports_guest_exec": capabilities.supports_guest_exec,
"supports_guest_network": capabilities.supports_guest_network,
"reason": capabilities.reason,
},
}
if not report["kvm"]["exists"]:
report["issues"] = ["/dev/kvm is not available on this host"]