thaloco/pyro-mcp
1
Fork 0
Code Pull requests Releases Packages Activity Actions
pyro-mcp/runtime_sources/README.md

1.4 KiB
Raw Blame History

runtime_sources

Source-of-truth inputs for make runtime-bundle.

Current state:

  • bin/firecracker and bin/jailer are shim placeholders.
  • profile kernels and rootfs images are placeholder files.
  • guest/pyro_guest_agent.py is the guest agent artifact that should ultimately be installed into each real rootfs.
  • real source materialization now writes into build/runtime_sources/, not back into the tracked placeholder files.

Materialization workflow:

  1. make runtime-fetch-binaries
  2. make runtime-build-kernel-real
  3. make runtime-build-rootfs-real
  4. make runtime-bundle

Build requirements for the real path:

  • docker
  • outbound network access to GitHub and Debian snapshot mirrors
  • enough disk for a kernel build plus 2G ext4 images per profile

Next steps to make the bundle guest-capable:

  1. Replace shim binaries with pinned official Firecracker and Jailer release artifacts.
  2. Replace placeholder vmlinux and rootfs.ext4 files with real, bootable artifacts for each profile.
  3. Ensure the guest agent is installed and enabled inside every rootfs so the host can use vsock exec.
  4. Once the source artifacts are real, update runtime.lock.json component versions and flip capability flags from false to true.

Safety rule:

  • The build pipeline should never emit vm_boot=true, guest_exec=true, or guest_network=true while any source artifact is still a shim or placeholder.