thaloco/pyro-mcp
1
Fork 0
Code Pull requests Releases Packages Activity Actions
pyro-mcp/runtime_sources
History
Thales Maciel f504f0a331 Add workspace service lifecycle with typed readiness 
Make persistent workspaces capable of running long-lived background processes instead of forcing everything through one-shot exec calls.

Add workspace service start/list/status/logs/stop across the CLI, Python SDK, and MCP server, with multiple named services per workspace, typed readiness probes (file, tcp, http, and command), and aggregate service counts on workspace status. Keep service state and logs outside /workspace so diff and export semantics stay workspace-scoped, and extend the guest agent plus backends to persist service records and logs across separate calls.

Update the 2.7.0 docs, examples, changelog, and roadmap milestone to reflect the shipped surface.

Validation: uv lock; UV_CACHE_DIR=.uv-cache make check; UV_CACHE_DIR=.uv-cache make dist-check; real guest-backed Firecracker smoke for workspace create, two service starts, list/status/logs, diff unaffected, stop, and delete.
2026-03-12 05:36:28 -03:00
..
linux-x86_64 Add workspace service lifecycle with typed readiness 2026-03-12 05:36:28 -03:00
NOTICE Add real runtime materialization pipeline and bundle artifacts 2026-03-06 19:26:29 -03:00
README.md Add seeded task workspace creation 2026-03-11 21:45:38 -03:00

README.md

runtime_sources

Source-of-truth inputs for make runtime-bundle.

Current state:

  • build/runtime_sources/ contains the real materialized runtime inputs used to build the packaged bundle.
  • the checked-in tracked files under runtime_sources/linux-x86_64/ are build recipes and lock metadata, not the materialized binaries/images.
  • guest/pyro_guest_agent.py is the guest agent source artifact that is installed into each built rootfs.
  • real source materialization now writes into build/runtime_sources/, not back into the tracked placeholder files.
  • the packaged runtime images under src/pyro_mcp/runtime_bundle/ are stored via Git LFS, so contributor clones need git lfs install and LFS-enabled checkout.

Materialization workflow:

  1. make runtime-fetch-binaries
  2. make runtime-build-kernel-real
  3. make runtime-build-rootfs-real
  4. make runtime-bundle

Official environment publication workflow:

  1. make runtime-materialize
  2. DOCKERHUB_USERNAME=... DOCKERHUB_TOKEN=... make runtime-publish-official-environments-oci
  3. if your uplink is slow, tune publishing with PYRO_OCI_UPLOAD_TIMEOUT_SECONDS, PYRO_OCI_UPLOAD_CHUNK_SIZE_BYTES, and PYRO_OCI_REQUEST_TIMEOUT_SECONDS

Official end-user pulls are anonymous; registry credentials are only required for publishing.

Build requirements for the real path:

  • docker
  • outbound network access to the pinned upstream release hosts and Debian snapshot mirrors
  • enough disk for a kernel build plus 2G ext4 images per source profile

Kernel build note:

  • the kernel builder now defaults to conservative parallelism to avoid compiler crashes on memory-constrained hosts
  • if you still need to force a lower setting, use PYRO_KERNEL_BUILD_JOBS=1 make runtime-build-kernel-real or PYRO_KERNEL_BUILD_JOBS=1 make runtime-materialize

Current status:

  1. Firecracker and Jailer are materialized from pinned official release artifacts.
  2. The kernel and rootfs images are built from pinned inputs into build/runtime_sources/.
  3. The guest agent is installed into each rootfs and used for vsock exec plus workspace archive imports.
  4. runtime.lock.json now advertises real guest capabilities.

Safety rule:

  • The build pipeline should never emit vm_boot=true, guest_exec=true, or guest_network=true while any source artifact is still a shim or placeholder.