Add workspace service lifecycle with typed readiness

Make persistent workspaces capable of running long-lived background processes instead of forcing everything through one-shot exec calls. Add workspace service start/list/status/logs/stop across the CLI, Python SDK, and MCP server, with multiple named services per workspace, typed readiness probes (file, tcp, http, and command), and aggregate service counts on workspace status. Keep service state and logs outside /workspace so diff and export semantics stay workspace-scoped, and extend the guest agent plus backends to persist service records and logs across separate calls. Update the 2.7.0 docs, examples, changelog, and roadmap milestone to reflect the shipped surface. Validation: uv lock; UV_CACHE_DIR=.uv-cache make check; UV_CACHE_DIR=.uv-cache make dist-check; real guest-backed Firecracker smoke for workspace create, two service starts, list/status/logs, diff unaffected, stop, and delete.
2026-03-12 05:36:28 -03:00 · 2026-03-12 05:36:28 -03:00 · f504f0a331
commit f504f0a331
parent 84a7e18d4d
28 changed files with 4098 additions and 124 deletions
--- a/docs/first-run.md
+++ b/docs/first-run.md
@ -22,7 +22,7 @@ Networking: tun=yes ip_forward=yes

 ```bash
 $ uvx --from pyro-mcp pyro env list
-Catalog version: 2.6.0
+Catalog version: 2.7.0
 debian:12 [installed|not installed] Debian 12 environment with Git preinstalled for common agent workflows.
 debian:12-base [installed|not installed] Minimal Debian 12 environment for shell and core Unix tooling.
 debian:12-build [installed|not installed] Debian 12 environment with Git and common build tools preinstalled.
@ -75,6 +75,7 @@ $ uvx --from pyro-mcp pyro workspace sync push WORKSPACE_ID ./changes
 $ uvx --from pyro-mcp pyro workspace diff WORKSPACE_ID
 $ uvx --from pyro-mcp pyro workspace export WORKSPACE_ID note.txt --output ./note.txt
 $ uvx --from pyro-mcp pyro workspace shell open WORKSPACE_ID
+$ uvx --from pyro-mcp pyro workspace service start WORKSPACE_ID app --ready-file .ready -- sh -lc 'touch .ready && while true; do sleep 60; done'
 $ uvx --from pyro-mcp pyro mcp serve
 ```

@ -118,16 +119,52 @@ $ uvx --from pyro-mcp pyro workspace shell write WORKSPACE_ID SHELL_ID --input '
 $ uvx --from pyro-mcp pyro workspace shell read WORKSPACE_ID SHELL_ID
 /workspace
 [workspace-shell-read] workspace_id=... shell_id=... state=running cursor=0 next_cursor=... truncated=False execution_mode=guest_vsock
+
+$ uvx --from pyro-mcp pyro workspace service start WORKSPACE_ID web --ready-file .web-ready -- sh -lc 'touch .web-ready && while true; do sleep 60; done'
+[workspace-service-start] workspace_id=... service=web state=running cwd=/workspace ready_type=file execution_mode=guest_vsock
+
+$ uvx --from pyro-mcp pyro workspace service start WORKSPACE_ID worker --ready-file .worker-ready -- sh -lc 'touch .worker-ready && while true; do sleep 60; done'
+[workspace-service-start] workspace_id=... service=worker state=running cwd=/workspace ready_type=file execution_mode=guest_vsock
+
+$ uvx --from pyro-mcp pyro workspace service list WORKSPACE_ID
+Workspace: ...
+Services: 2 total, 2 running
+- web [running] cwd=/workspace readiness=file
+- worker [running] cwd=/workspace readiness=file
+
+$ uvx --from pyro-mcp pyro workspace service status WORKSPACE_ID web
+Workspace: ...
+Service: web
+State: running
+Command: sh -lc 'touch .web-ready && while true; do sleep 60; done'
+Cwd: /workspace
+Readiness: file /workspace/.web-ready
+Execution mode: guest_vsock
+
+$ uvx --from pyro-mcp pyro workspace service logs WORKSPACE_ID web --tail-lines 50
+Workspace: ...
+Service: web
+State: running
+...
+
+$ uvx --from pyro-mcp pyro workspace service stop WORKSPACE_ID web
+[workspace-service-stop] workspace_id=... service=web state=stopped execution_mode=guest_vsock
+
+$ uvx --from pyro-mcp pyro workspace service stop WORKSPACE_ID worker
+[workspace-service-stop] workspace_id=... service=worker state=stopped execution_mode=guest_vsock
 ```

 Use `--seed-path` when the workspace should start from a host directory or a local
 `.tar` / `.tar.gz` / `.tgz` archive instead of an empty `/workspace`. Use
 `pyro workspace sync push` when you need to import later host-side changes into a started
-workspace. Sync is non-atomic in `2.6.0`; if it fails partway through, delete and recreate the
+workspace. Sync is non-atomic in `2.7.0`; if it fails partway through, delete and recreate the
 workspace. Use `pyro workspace diff` to compare the current `/workspace` tree to its immutable
 create-time baseline, and `pyro workspace export` to copy one changed file or directory back to
 the host. Use `pyro workspace exec` for one-shot commands and `pyro workspace shell *` when you
-need a persistent interactive PTY session in that same workspace.
+need a persistent interactive PTY session in that same workspace. Use `pyro workspace service *`
+when the workspace needs long-running background processes with typed readiness checks. Internal
+service state and logs stay outside `/workspace`, so service runtime data does not appear in
+workspace diff or export results.

 Example output:

--- a/docs/install.md
+++ b/docs/install.md
@ -83,7 +83,7 @@ uvx --from pyro-mcp pyro env list
 Expected output:

 ```bash
-Catalog version: 2.6.0
+Catalog version: 2.7.0
 debian:12 [installed|not installed] Debian 12 environment with Git preinstalled for common agent workflows.
 debian:12-base [installed|not installed] Minimal Debian 12 environment for shell and core Unix tooling.
 debian:12-build [installed|not installed] Debian 12 environment with Git and common build tools preinstalled.
@ -179,6 +179,7 @@ After the CLI path works, you can move on to:
 - baseline diff: `pyro workspace diff WORKSPACE_ID`
 - host export: `pyro workspace export WORKSPACE_ID note.txt --output ./note.txt`
 - interactive shells: `pyro workspace shell open WORKSPACE_ID`
+- long-running services: `pyro workspace service start WORKSPACE_ID app --ready-file .ready -- sh -lc 'touch .ready && while true; do sleep 60; done'`
 - MCP: `pyro mcp serve`
 - Python SDK: `from pyro_mcp import Pyro`
 - Demos: `pyro demo` or `pyro demo --network`
@ -197,6 +198,13 @@ pyro workspace shell open WORKSPACE_ID
 pyro workspace shell write WORKSPACE_ID SHELL_ID --input 'pwd'
 pyro workspace shell read WORKSPACE_ID SHELL_ID
 pyro workspace shell close WORKSPACE_ID SHELL_ID
+pyro workspace service start WORKSPACE_ID web --ready-file .web-ready -- sh -lc 'touch .web-ready && while true; do sleep 60; done'
+pyro workspace service start WORKSPACE_ID worker --ready-file .worker-ready -- sh -lc 'touch .worker-ready && while true; do sleep 60; done'
+pyro workspace service list WORKSPACE_ID
+pyro workspace service status WORKSPACE_ID web
+pyro workspace service logs WORKSPACE_ID web --tail-lines 50
+pyro workspace service stop WORKSPACE_ID web
+pyro workspace service stop WORKSPACE_ID worker
 pyro workspace logs WORKSPACE_ID
 pyro workspace delete WORKSPACE_ID
 ```
@ -205,11 +213,14 @@ Workspace commands default to the persistent `/workspace` directory inside the g
 the identifier programmatically, use `--json` and read the `workspace_id` field. Use `--seed-path`
 when the workspace should start from a host directory or a local `.tar` / `.tar.gz` / `.tgz`
 archive. Use `pyro workspace sync push` for later host-side changes to a started workspace. Sync
-is non-atomic in `2.6.0`; if it fails partway through, delete and recreate the workspace from its
+is non-atomic in `2.7.0`; if it fails partway through, delete and recreate the workspace from its
 seed. Use `pyro workspace diff` to compare the current workspace tree to its immutable create-time
 baseline, and `pyro workspace export` to copy one changed file or directory back to the host. Use
 `pyro workspace exec` for one-shot commands and `pyro workspace shell *` when you need an
-interactive PTY that survives across separate calls.
+interactive PTY that survives across separate calls. Use `pyro workspace service *` when the
+workspace needs long-running background processes with typed readiness probes. Service metadata and
+logs stay outside `/workspace`, so the service runtime itself does not show up in workspace diff or
+export results.

 ## Contributor Clone

--- a/docs/integrations.md
+++ b/docs/integrations.md
@ -32,6 +32,7 @@ Recommended surface:
 - `vm_run`
 - `workspace_create(seed_path=...)` + `workspace_sync_push` + `workspace_exec` when the agent needs persistent workspace state
 - `workspace_diff` + `workspace_export` when the agent needs explicit baseline comparison or host-out file transfer
+- `start_service` / `list_services` / `status_service` / `logs_service` / `stop_service` when the agent needs long-running processes inside that workspace
 - `open_shell` / `read_shell` / `write_shell` when the agent needs an interactive PTY inside that workspace

 Canonical example:
@ -69,6 +70,7 @@ Recommended default:
 - `Pyro.run_in_vm(...)`
 - `Pyro.create_workspace(seed_path=...)` + `Pyro.push_workspace_sync(...)` + `Pyro.exec_workspace(...)` when repeated workspace commands are required
 - `Pyro.diff_workspace(...)` + `Pyro.export_workspace(...)` when the agent needs baseline comparison or host-out file transfer
+- `Pyro.start_service(...)` + `Pyro.list_services(...)` + `Pyro.logs_service(...)` when the agent needs long-running background processes in one workspace
 - `Pyro.open_shell(...)` + `Pyro.write_shell(...)` + `Pyro.read_shell(...)` when the agent needs an interactive PTY inside the workspace

 Lifecycle note:
@ -83,6 +85,8 @@ Lifecycle note:
 - use `diff_workspace(...)` when the agent needs a structured comparison against the immutable
  create-time baseline
 - use `export_workspace(...)` when the agent needs one file or directory copied back to the host
+- use `start_service(...)` when the agent needs long-running processes and typed readiness inside
+  one workspace
 - use `open_shell(...)` when the agent needs interactive shell state instead of one-shot execs

 Examples:
--- a/docs/public-contract.md
+++ b/docs/public-contract.md
@ -24,6 +24,11 @@ Top-level commands:
 - `pyro workspace exec`
 - `pyro workspace export`
 - `pyro workspace diff`
+- `pyro workspace service start`
+- `pyro workspace service list`
+- `pyro workspace service status`
+- `pyro workspace service logs`
+- `pyro workspace service stop`
 - `pyro workspace shell open`
 - `pyro workspace shell read`
 - `pyro workspace shell write`
@ -58,10 +63,12 @@ Behavioral guarantees:
 - `pyro workspace sync push WORKSPACE_ID SOURCE_PATH [--dest WORKSPACE_PATH]` imports later host-side directory or archive content into a started workspace.
 - `pyro workspace export WORKSPACE_ID PATH --output HOST_PATH` exports one file or directory from `/workspace` back to the host.
 - `pyro workspace diff WORKSPACE_ID` compares the current `/workspace` tree to the immutable create-time baseline.
+- `pyro workspace service *` manages long-running named services inside one started workspace with typed readiness probes.
 - `pyro workspace exec` runs in the persistent `/workspace` for that workspace and does not auto-clean.
 - `pyro workspace shell *` manages persistent PTY sessions inside a started workspace.
 - `pyro workspace logs` returns persisted command history for that workspace until `pyro workspace delete`.
 - Workspace create/status results expose `workspace_seed` metadata describing how `/workspace` was initialized.
+- `pyro workspace status` includes aggregate `service_count` and `running_service_count` fields.

 ## Python SDK Contract

@ -82,6 +89,11 @@ Supported public entrypoints:
 - `Pyro.push_workspace_sync(workspace_id, source_path, *, dest="/workspace")`
 - `Pyro.export_workspace(workspace_id, path, *, output_path)`
 - `Pyro.diff_workspace(workspace_id)`
+- `Pyro.start_service(workspace_id, service_name, *, command, cwd="/workspace", readiness=None, ready_timeout_seconds=30, ready_interval_ms=500)`
+- `Pyro.list_services(workspace_id)`
+- `Pyro.status_service(workspace_id, service_name)`
+- `Pyro.logs_service(workspace_id, service_name, *, tail_lines=200, all=False)`
+- `Pyro.stop_service(workspace_id, service_name)`
 - `Pyro.open_shell(workspace_id, *, cwd="/workspace", cols=120, rows=30)`
 - `Pyro.read_shell(workspace_id, shell_id, *, cursor=0, max_chars=65536)`
 - `Pyro.write_shell(workspace_id, shell_id, *, input, append_newline=True)`
@ -112,6 +124,11 @@ Stable public method names:
 - `push_workspace_sync(workspace_id, source_path, *, dest="/workspace")`
 - `export_workspace(workspace_id, path, *, output_path)`
 - `diff_workspace(workspace_id)`
+- `start_service(workspace_id, service_name, *, command, cwd="/workspace", readiness=None, ready_timeout_seconds=30, ready_interval_ms=500)`
+- `list_services(workspace_id)`
+- `status_service(workspace_id, service_name)`
+- `logs_service(workspace_id, service_name, *, tail_lines=200, all=False)`
+- `stop_service(workspace_id, service_name)`
 - `open_shell(workspace_id, *, cwd="/workspace", cols=120, rows=30)`
 - `read_shell(workspace_id, shell_id, *, cursor=0, max_chars=65536)`
 - `write_shell(workspace_id, shell_id, *, input, append_newline=True)`
@ -140,6 +157,8 @@ Behavioral defaults:
 - `Pyro.push_workspace_sync(...)` imports later host-side directory or archive content into a started workspace.
 - `Pyro.export_workspace(...)` exports one file or directory from `/workspace` to an explicit host path.
 - `Pyro.diff_workspace(...)` compares the current `/workspace` tree to the immutable create-time baseline.
+- `Pyro.start_service(...)` starts one named long-running process in a started workspace and waits for its typed readiness probe when configured.
+- `Pyro.list_services(...)`, `Pyro.status_service(...)`, `Pyro.logs_service(...)`, and `Pyro.stop_service(...)` manage those persisted workspace services.
 - `Pyro.exec_vm(...)` runs one command and auto-cleans that VM after the exec completes.
 - `Pyro.exec_workspace(...)` runs one command in the persistent workspace and leaves it alive.
 - `Pyro.open_shell(...)` opens a persistent PTY shell attached to one started workspace.
@ -171,6 +190,11 @@ Persistent workspace tools:
 - `workspace_exec`
 - `workspace_export`
 - `workspace_diff`
+- `service_start`
+- `service_list`
+- `service_status`
+- `service_logs`
+- `service_stop`
 - `shell_open`
 - `shell_read`
 - `shell_write`
@ -190,6 +214,7 @@ Behavioral defaults:
 - `workspace_sync_push` imports later host-side directory or archive content into a started workspace, with an optional `dest` under `/workspace`.
 - `workspace_export` exports one file or directory from `/workspace` to an explicit host path.
 - `workspace_diff` compares the current `/workspace` tree to the immutable create-time baseline.
+- `service_start`, `service_list`, `service_status`, `service_logs`, and `service_stop` manage persistent named services inside a started workspace.
 - `vm_exec` runs one command and auto-cleans that VM after the exec completes.
 - `workspace_exec` runs one command in a persistent `/workspace` and leaves the workspace alive.
 - `shell_open`, `shell_read`, `shell_write`, `shell_signal`, and `shell_close` manage persistent PTY shells inside a started workspace.
--- a/docs/roadmap/task-workspace-ga.md
+++ b/docs/roadmap/task-workspace-ga.md
@ -2,13 +2,14 @@

 This roadmap turns the agent-workspace vision into release-sized milestones.

-Current baseline is `2.6.0`:
+Current baseline is `2.7.0`:

 - workspace persistence exists and the public surface is now workspace-first
 - host crossing currently covers create-time seeding, later sync push, and explicit export
 - persistent PTY shell sessions exist alongside one-shot `workspace exec`
 - immutable create-time baselines now power whole-workspace diff
- no service, snapshot, reset, or secrets contract exists yet
+- multi-service lifecycle exists with typed readiness and aggregate workspace status counts
+- no snapshot, reset, or secrets contract exists yet

 Locked roadmap decisions:

@ -30,7 +31,7 @@ also expected to update:
 1. [`2.4.0` Workspace Contract Pivot](task-workspace-ga/2.4.0-workspace-contract-pivot.md) - Done
 2. [`2.5.0` PTY Shell Sessions](task-workspace-ga/2.5.0-pty-shell-sessions.md) - Done
 3. [`2.6.0` Structured Export And Baseline Diff](task-workspace-ga/2.6.0-structured-export-and-baseline-diff.md) - Done
-4. [`2.7.0` Service Lifecycle And Typed Readiness](task-workspace-ga/2.7.0-service-lifecycle-and-typed-readiness.md)
+4. [`2.7.0` Service Lifecycle And Typed Readiness](task-workspace-ga/2.7.0-service-lifecycle-and-typed-readiness.md) - Done
 5. [`2.8.0` Named Snapshots And Reset](task-workspace-ga/2.8.0-named-snapshots-and-reset.md)
 6. [`2.9.0` Secrets](task-workspace-ga/2.9.0-secrets.md)
 7. [`2.10.0` Network Policy And Host Port Publication](task-workspace-ga/2.10.0-network-policy-and-host-port-publication.md)
--- a/docs/roadmap/task-workspace-ga/2.7.0-service-lifecycle-and-typed-readiness.md
+++ b/docs/roadmap/task-workspace-ga/2.7.0-service-lifecycle-and-typed-readiness.md
@ -1,5 +1,7 @@
 # `2.7.0` Service Lifecycle And Typed Readiness

+Status: Done
+
 ## Goal

 Make app-style workspaces practical by adding first-class services and typed