Skip to content

hub: re-bake coding-agent-fork portable (needs daemon spawn→exec→branch, not a from-image bake) #254

Description

@WaylandYang

Last hub asset still on a pre-#242 (un-portable) pack. Unlike the other 8, coding-agent-fork is not a from-image bake — it's a runtime-populated branch snapshot:

recipes/coding-agent-fork/setup-source.sh runs inside a booted coding-agent sandbox and populates /tmp/workspace (the buggy mathy package, a 50 MiB vendored.bin, __pycache__ from a failing test run). The demo then forkd branches that running sandbox. The whole point is that /tmp/workspace state is captured at the branch point.

Why it can't be baked like the others:

  • rootfs-init/forkd-init.sh mounts tmpfs on /tmp (size 256m) — deliberately, so per-sandbox scratch survives BRANCH via guest RAM (memory.bin). So injecting /tmp/workspace into the rootfs at build time is masked at boot; the state must be populated at runtime and captured in memory.bin.
  • Faithful reproduction therefore needs the daemon flow: spawn from coding-agent (now a portable hub pull) → exec setup-source.sh via the guest agent → forkd snapshot --from-sandbox.

Blocker for doing it in the throwaway-container harness used for the other 8: the guest-agent exec networking returns No route to host inside the privileged container (per-child netns ↔ host-bridge NAT doesn't complete there). So the asset can't be built or verified in that harness.

To do (on a host where the daemon guest-agent flow works)

  • forkd pull deeplethe/coding-agent (portable base)
  • start forkd-controller, spawn a sandbox from coding-agent
  • exec recipes/coding-agent-fork/setup-source.sh in the guest (populates /tmp/workspace)
  • forkd snapshot --from-sandbox <id> --tag coding-agent-fork
  • pack (emits the rootfs sidecar), upload both files to hub-coding-agent-fork-v1, update registry.json
  • verify: clean-host forkd pull deeplethe/coding-agent-fork → fork → confirm /tmp/workspace + byte-identical vendored.bin across children (the demo's invariant)

Priority: low — it's a demo asset, not a runtime base. The 8 real bases (python-numpy, nodejs, langgraph-react, coding-agent, postgres-fixture, jupyter-kernel, e2b-codeinterpreter, playwright-browser) are all portable as of the #242 follow-up batches (#248, #249, #251, and the playwright update).

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions