thaloco/pyro-mcp
1
Fork 0
Code Pull requests Releases Packages Activity Actions
pyro-mcp/docs/roadmap/task-workspace-ga.md
Thales Maciel fc72fcd3a1 Add guest-only workspace secrets 
Add explicit workspace secrets across the CLI, SDK, and MCP, with create-time secret definitions and per-call secret-to-env mapping for exec, shell open, and service start. Persist only safe secret metadata in workspace records, materialize secret files under /run/pyro-secrets, and redact secret values from exec output, shell reads, service logs, and surfaced errors.

Fix the remaining real-guest shell gap by shipping bundled guest init alongside the guest agent and patching both into guest-backed workspace rootfs images before boot. The new init mounts devpts so PTY shells work on Firecracker guests, while reset continues to recreate the sandbox and re-materialize secrets from stored task-local secret material.

Validation: uv lock; UV_CACHE_DIR=.uv-cache make check; UV_CACHE_DIR=.uv-cache make dist-check; and a real guest-backed Firecracker smoke covering workspace create with secrets, secret-backed exec, shell, service, reset, and delete.
2026-03-12 15:43:34 -03:00

2.5 KiB
Raw Blame History

Task Workspace GA Roadmap

This roadmap turns the agent-workspace vision into release-sized milestones.

Current baseline is 2.9.0:

  • workspace persistence exists and the public surface is now workspace-first
  • host crossing currently covers create-time seeding, later sync push, and explicit export
  • persistent PTY shell sessions exist alongside one-shot workspace exec
  • immutable create-time baselines now power whole-workspace diff
  • multi-service lifecycle exists with typed readiness and aggregate workspace status counts
  • named snapshots and full workspace reset now exist
  • explicit secrets now exist for guest-backed workspaces
  • no explicit host port publication contract exists yet

Locked roadmap decisions:

  • no backward compatibility goal for the current task_* naming
  • workspace-first naming lands first, before later features
  • snapshots are real named snapshots, not only reset-to-baseline

Every milestone below must update CLI, SDK, and MCP together. Each milestone is also expected to update:

  • README.md
  • install/first-run docs
  • docs/public-contract.md
  • help text and runnable examples
  • at least one real Firecracker smoke scenario

Milestones

  1. 2.4.0 Workspace Contract Pivot - Done
  2. 2.5.0 PTY Shell Sessions - Done
  3. 2.6.0 Structured Export And Baseline Diff - Done
  4. 2.7.0 Service Lifecycle And Typed Readiness - Done
  5. 2.8.0 Named Snapshots And Reset - Done
  6. 2.9.0 Secrets - Done
  7. 2.10.0 Network Policy And Host Port Publication
  8. 3.0.0 Stable Workspace Product
  9. 3.1.0 Secondary Disk Tools

Definition Of Done For The Roadmap

The workspace product is ready to leave beta when:

  • the public contract is workspace-first rather than task-first
  • an agent can inhabit a sandbox through shell, exec, service, diff, export, snapshot, reset, and explicit host-crossing operations
  • the main docs lead with the workspace product, not one-shot VM execution
  • the remaining deliberate deferrals are secondary disk tools rather than core workspace features