diff --git a/.changeset/attest-launch-for-pod.md b/.changeset/attest-launch-for-pod.md deleted file mode 100644 index d93f06ad..00000000 --- a/.changeset/attest-launch-for-pod.md +++ /dev/null @@ -1,11 +0,0 @@ ---- ---- - -Add `room/launch-attest.ts` — the L2 launch-attestation orchestration step: -`podLaunchManifest(pod)` (the pod's resolved door grants = authority held) + -`attestLaunchForPod(pod)` which attests the manifest via the keeper door -(`runKeeperDoorAttestLaunch`) and stores the signed L2 content-addressed -(`storeLaunchAttestation`), returning the `l2LaunchDigest` the box's keeper push -links. Effects are injected seams (offline-testable). The live `playPod` flow -calls this once the keeper door is up, then projects `l2LaunchDigest` into the box -env. No release. diff --git a/.changeset/beadsd-box-image.md b/.changeset/beadsd-box-image.md deleted file mode 100644 index 8046f03a..00000000 --- a/.changeset/beadsd-box-image.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -"@bounded-systems/prx": patch ---- - -Pin beadsd-box OCI image digest in `beadsd-room` (prx-634). Image is built via -`nix dockerTools.streamLayeredImage` (prx, bd, dolt, git, cacert) and pushed to -`ghcr.io/bounded-systems/prx/beadsd-box`; the digest reference replaces the -placeholder `"beadsd-box"` string. Adds `publish-oci-boxes.yml` CI workflow that -rebuilds and pushes on every `v*` tag. diff --git a/.changeset/canonical-l3.md b/.changeset/canonical-l3.md deleted file mode 100644 index 009b13dd..00000000 --- a/.changeset/canonical-l3.md +++ /dev/null @@ -1,9 +0,0 @@ ---- ---- - -Harden L3 verification: `verifyL3Attestation` now verifies the signature over -**canonical JSON** (recursively sorted keys, no whitespace) instead of -`JSON.stringify`, matching door-keeper's canonical signer — so verification is -independent of statement key order. Re-pins `keeperd-room` to the canonical-signing -door-keeper image (digest `eae893d5…`), landing the new image + the new verify -together. No release. diff --git a/.changeset/effect-ownership-merge-guard.md b/.changeset/effect-ownership-merge-guard.md deleted file mode 100644 index e9814212..00000000 --- a/.changeset/effect-ownership-merge-guard.md +++ /dev/null @@ -1,12 +0,0 @@ ---- ---- - -Enforce effect ownership in the merge-guard provenance axis (prx-6s8). The merge -gate (`projectProvenanceAxis`, read by `canEnterReadyToMerge`) verified each -derivation's signature but not its ownership, so a signature-valid `push/v1` -produced by a non-owning actor (e.g. `reviewer`) returned `verified`. It now -calls `verifyEffectOwnership` after the signature check: under enforcement, an -authentic-but-unowned effect fails closed (`unsigned`). Non-effect derivations -and non-role producers pass through unchanged; with enforcement off -(`PRX_REQUIRE_SIGNED_DERIVATIONS` unset) behavior is unchanged. No API change, -no release. diff --git a/.changeset/keeper-cmd-override.md b/.changeset/keeper-cmd-override.md deleted file mode 100644 index e89721bd..00000000 --- a/.changeset/keeper-cmd-override.md +++ /dev/null @@ -1,17 +0,0 @@ ---- -"@bounded-systems/prx": patch ---- - -Pass `--socket` and `--key` CMD args to keeperd container so it binds to the shared fabric. - -The keeperd image entrypoint hardcodes `--socket /run/doors/keeperd.sock --key /keys/keeper.key` -before `"$@"`. door-kit's `parseArgs` uses last-wins semantics, so CMD args (after the OCI image -ref in `podman run`) override the baked-in defaults. - -- **spec.ts** — `RoomSpec` gains `extraArgs: string[]` (default `[]`): room-specific CMD args - appended after the image ref for entrypoint override -- **podman.ts** — `renderPodmanRun` appends `--socket ${doorDir}/` CMD args for each - exposed door (overrides hardcoded entrypoint socket path), then `room.extraArgs` -- **keeperd-room.ts** — sets `extraArgs: ["--key", "/run/secrets/keeper-key"]` to override the - entrypoint's baked-in key path with our secret mount target -- all existing room definitions gain `extraArgs: []` to satisfy the TS output type diff --git a/.changeset/keeper-door-repo.md b/.changeset/keeper-door-repo.md deleted file mode 100644 index 01476e45..00000000 --- a/.changeset/keeper-door-repo.md +++ /dev/null @@ -1,7 +0,0 @@ ---- ---- - -Pass `repo` to `importAndPush` (`runKeeperDoorPush`): door-kit 0.6.0 made `repo` -required on `ImportAndPushOptions` (door-keeper's `import-and-push` always required -it; the omission was a silent wire gap caught by the live chain e2e). Bumps the -door-kit dependency to ^0.6.0. No release. diff --git a/.changeset/keeper-socket-readiness.md b/.changeset/keeper-socket-readiness.md deleted file mode 100644 index 6188f4c0..00000000 --- a/.changeset/keeper-socket-readiness.md +++ /dev/null @@ -1,21 +0,0 @@ ---- -"@bounded-systems/prx": patch ---- - -Wire keeper socket readiness poll so `prx pod up` returns a non-null `l2LaunchDigest`. - -Three-part fix closing the gap from prx-9yv3/#749: - -1. **podman.ts** — `renderPodmanRun` injects `KEEPERD_SOCK=${doorDir}/` for - each exposed door, so the keeper daemon writes its socket onto the shared fabric - (not the in-box default `/run/keeperd.sock`). - -2. **pod.ts** — `doorEnv` rebases consumer socket paths to `${doorDir}/`, - ensuring the client-side `KEEPERD_SOCK` and `PRX_BEADS_SOCKET` point to the - shared fabric regardless of the door spec's nominal path. - -3. **podman-runtime.ts** — `launchPod` polls for the keeper socket via `waitForSocket` - (injectable, 500ms interval / 30s timeout), then sets `KEEPERD_SOCK` in the host - environment before calling `attestLaunchForPod`, and restores or deletes it after. - Best-effort: a poll timeout or attest failure surfaces as `l2LaunchDigest: null` - without tearing down the pod. diff --git a/.changeset/keeper-trust-key.md b/.changeset/keeper-trust-key.md deleted file mode 100644 index 8310cda8..00000000 --- a/.changeset/keeper-trust-key.md +++ /dev/null @@ -1,9 +0,0 @@ ---- ---- - -Add `resolveKeeperTrustKey` (`provenance/keeper-trust.ts`): resolve the -operator-supplied keeper trust public key from `PRX_KEEPER_PUBKEY` (PEM literal -or path), fail-closed when absent/unreadable. Per the hardening decision the -anchor is never derived from the actor (no `getPublicKey` / image-bind). The -verify primitive (`verifyL3Attestation`, #734) pairs with this. Not yet wired -into the gate. No API or behavior change, no release. diff --git a/.changeset/keeperd-room-door-keeper-image.md b/.changeset/keeperd-room-door-keeper-image.md deleted file mode 100644 index bfc791ef..00000000 --- a/.changeset/keeperd-room-door-keeper-image.md +++ /dev/null @@ -1,8 +0,0 @@ ---- ---- - -Pin `keeperd-room` to the canonical door-keeper OCI image (by digest, -`ghcr.io/bounded-systems/door-keeper/keeperd@sha256:…`) instead of the local -`keeperd-box` placeholder — exposed as `KEEPERD_ROOM_IMAGE`. This activates the -door-keeper path (Phase B): the keeper pod now runs door-keeper's model-A daemon -(import-and-push + L3), which prx verifies at the submit-publish gate. No release. diff --git a/.changeset/l2-chain-e2e.md b/.changeset/l2-chain-e2e.md deleted file mode 100644 index 00305724..00000000 --- a/.changeset/l2-chain-e2e.md +++ /dev/null @@ -1,9 +0,0 @@ ---- ---- - -Add an end-to-end test for the L2→L3 capability chain on the prx side: store a -signed L2 in the **real CAS** (`storeLaunchAttestation`), then run the submit gate -with **no injected resolver** so the gate's default (`resolveLaunchAttestationFromCas`) -fetches the L2 by the L3's launch link and `verifyLaunchChain` runs — PR opens on a -valid chain, fail-closed when the L2 is absent. Exercises distribution + gate + -verify with no mocks. No release. diff --git a/.changeset/l2-distribution.md b/.changeset/l2-distribution.md deleted file mode 100644 index 720cd5b7..00000000 --- a/.changeset/l2-distribution.md +++ /dev/null @@ -1,9 +0,0 @@ ---- ---- - -Add L2 launch-attestation distribution (`provenance/launch-store.ts`): -`storeLaunchAttestation` writes a signed L2 into the CAS keyed by its -content-address (`l2LaunchDigest`), and `resolveLaunchAttestationFromCas` fetches -it by an L3 write's launch link — now the `submit publish` gate's **default** -`resolveLaunchAttestation`. So with `PRX_LAUNCH_PUBKEY` set, the gate resolves + -verifies the L3→L2 chain from the ledger (in-toto DAG, content-addressed). No release. diff --git a/.changeset/l2-producer-gate.md b/.changeset/l2-producer-gate.md deleted file mode 100644 index bbe4a269..00000000 --- a/.changeset/l2-producer-gate.md +++ /dev/null @@ -1,13 +0,0 @@ ---- ---- - -Finish the L2 producer + enforcement layers (capability chain): -- `runKeeperDoorAttestLaunch` — produce a signed L2 launch via the keeper door - (door-kit `attestLaunch`, door-kit `^0.5.0`); the launch key never leaves the daemon. -- `runKeeperDoorPush` threads `l2LaunchDigest` so the L3 write links back to the launch. -- `resolveLauncherTrustKey` (`PRX_LAUNCH_PUBKEY`) — the operator-supplied launcher key. -- `submit publish` gate: **opt-in capability-chain enforcement** — when a launcher - key is configured, the door L3 must link to a verifiable L2 launch - (`verifyLaunchChain`), fail closed; otherwise behaviour is unchanged. -- Re-pin `keeperd-room` to the door-keeper image that links L2 into L3. -No release. (Live launch-flow producer + CAS distribution are the remaining capstone.) diff --git a/.changeset/launch-keygen.md b/.changeset/launch-keygen.md deleted file mode 100644 index 52cd90c4..00000000 --- a/.changeset/launch-keygen.md +++ /dev/null @@ -1,10 +0,0 @@ ---- ---- - -Add `scripts/keeperd/launch-keygen.ts` — generate the launcher signing keypair -(capability chain L2). Pure `generateLaunchKeypair()` (ed25519 PEM, -verifier-compatible) + a CLI that stores the PRIVATE half in 1Password (as a -document, so it never touches argv) and writes/emits the PUBLIC half -(`PRX_LAUNCH_PUBKEY`), printing the deploy (`podman secret create prx-launch-key`), -verifier (pin), and publish (`.well-known`) steps. Mirrors the keeper-key -discipline, one tier up. No release. diff --git a/.changeset/launch-pod.md b/.changeset/launch-pod.md deleted file mode 100644 index 2a65cc92..00000000 --- a/.changeset/launch-pod.md +++ /dev/null @@ -1,10 +0,0 @@ ---- ---- - -Add `launchPod` (`room/podman-runtime.ts`): bring a pod up via `playPod` (the -keeper door comes up last), then `attestLaunchForPod` attests + stores the L2 — -the keeper daemon remembers it so the box's writes auto-link (no box-env injection). -Best-effort attest: a failure (e.g. no keeper door) surfaces as `l2LaunchDigest: -null` but never tears the pod down; the submit gate enforces the chain downstream. -This is the home for the launch-attestation hook (prx-zj8 wires `playPod` into the -live flow). Also re-pins `keeperd-room` to the auto-link door-keeper image. No release. diff --git a/.changeset/machine-schema-v030-parse-seams.md b/.changeset/machine-schema-v030-parse-seams.md deleted file mode 100644 index 2c69ef32..00000000 --- a/.changeset/machine-schema-v030-parse-seams.md +++ /dev/null @@ -1,8 +0,0 @@ ---- ---- - -Migrate to `@bounded-systems/machine-schema` v0.3.0 parse-seam API: replace -direct zod schema access with `parseRawStateV1`, `parseHandoffEnvelope`, -`safeParseHandoffTargetActor`, and `HANDOFF_TARGET_ACTOR_VALUES`. Updates -`anchored-chain-bridge` to use a typed `z.looseObject` input shape so the -drift-pin test can introspect required fields through `ZodPipe`. No release. diff --git a/.changeset/notes-provenance.md b/.changeset/notes-provenance.md deleted file mode 100644 index 3cb46cdc..00000000 --- a/.changeset/notes-provenance.md +++ /dev/null @@ -1,11 +0,0 @@ ---- ---- - -Complete `refs/notes/provenance` end-to-end: `runKeeperDoorPush` now requests -`notesRef: "provenance"` (door-kit `^0.3.0`), so keeper writes project the signed -L3 onto the pushed commit as a git note — provenance travels with the repo -(`git notes show` / `git log --show-notes` / `git blame` → commit → note). -Also fixes `verifyL3Attestation`'s `canonicalJson` to sort-then-`JSON.stringify` -(stable across the JSON round-trip the L3 always makes before verification; the -prior form diverged on `undefined` fields) and re-pins `keeperd-room` to the -round-trip-stable door-keeper image. No release. diff --git a/.changeset/pod-up-verb.md b/.changeset/pod-up-verb.md deleted file mode 100644 index a6547d2a..00000000 --- a/.changeset/pod-up-verb.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@bounded-systems/prx": minor ---- - -Add `prx pod up` verb: launches the per-repo pod (claude-room + beadsd-room + keeperd-room) via `launchPod`, attests the launch (best-effort L2), and returns `{ pod, containers, l2LaunchDigest }`. Rootless `doorDir` (`$XDG_RUNTIME_DIR/prx/doors` or `~/.local/run/prx/doors`) so no sudo is required on macOS/Linux. Injected into the verb registry and routed via `cli.ts`. diff --git a/.changeset/policy-guard-fail-closed.md b/.changeset/policy-guard-fail-closed.md deleted file mode 100644 index 79d52b86..00000000 --- a/.changeset/policy-guard-fail-closed.md +++ /dev/null @@ -1,20 +0,0 @@ ---- ---- - -Fail closed on unparseable policed commands in the agent policy guard (prx-w1v). -Two fail-open bypasses are closed: - -- **Misparse via value-taking options.** `parsePolicedCommand` dropped every - `-`-prefixed token, so a value-taking global option's value was mistaken for - the verb — `git -C /repo push` read as subcommand `/repo` (unknown ⇒ allowed), - and `gh -R o/r pr merge` as `o/r`. It now skips those options *with* their - values (`git -C/-c/--git-dir/--work-tree/--namespace`, `gh -R/--repo`) and - finds the real verb, so ownership is enforced (a non-keeper push, a non-forge - merge, are denied). -- **Pass-through on no verb.** A head that names a policed tool but yields no - parseable subcommand (`prx tools git`, `git -C /x` with no verb, an option - whose value ate the verb) used to pass through. `decideAgentToolCall` now fails - closed for the actors the hook governs (policy roles + the capability-poor - orchestrator); the main session and unknown subagents stay out of scope. - -Adds `namesPolicedTool` and adversarial parser tests. No API change, no release. diff --git a/.changeset/provenance-consume-ocap.md b/.changeset/provenance-consume-ocap.md deleted file mode 100644 index 599384b7..00000000 --- a/.changeset/provenance-consume-ocap.md +++ /dev/null @@ -1,9 +0,0 @@ ---- ---- - -Step 4 of the SDK-leverage convergence: prx's SLSA adapter now imports the -canonical predicate identifiers (`IN_TOTO_STATEMENT_TYPE`, -`SLSA_PROVENANCE_V1`) from the published `@bounded-systems/ocap-provenance` -contract instead of redefining them locally, so prx's emitted in-toto Statement -type can never drift from the contract. Values are identical; prx's git-specific -SLSA builder types/functions are unchanged. No API or behavior change, no release. diff --git a/.changeset/prx-config-drop-warp.md b/.changeset/prx-config-drop-warp.md deleted file mode 100644 index 65b98ec6..00000000 --- a/.changeset/prx-config-drop-warp.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@bounded-systems/prx-config": minor ---- - -Remove Warp TUI support (`tui_l2_warp.ts` and all `*Warp` exports). Package now only manages the L1 Claude TUI slice. diff --git a/.changeset/prx-config-fast-check.md b/.changeset/prx-config-fast-check.md deleted file mode 100644 index 22dfd0ca..00000000 --- a/.changeset/prx-config-fast-check.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@bounded-systems/prx-config": patch ---- - -Add explicit `z.ZodType` annotations to exported Zod schemas for JSR fast-check compliance. Add `| undefined` to optional TypeScript type fields to match `exactOptionalPropertyTypes: true` + Zod optional output. diff --git a/.changeset/prx-config-jsr-fast-types.md b/.changeset/prx-config-jsr-fast-types.md deleted file mode 100644 index e45dab58..00000000 --- a/.changeset/prx-config-jsr-fast-types.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"@bounded-systems/prx-config": patch ---- - -Replace `z.infer<>` with explicit TypeScript types and add JSDoc to all exported symbols for JSR score 100. diff --git a/.changeset/prx-verify-l3.md b/.changeset/prx-verify-l3.md deleted file mode 100644 index 0045051f..00000000 --- a/.changeset/prx-verify-l3.md +++ /dev/null @@ -1,8 +0,0 @@ ---- ---- - -Add `verifyL3Attestation` (`provenance/verify-l3.ts`): verify door-keeper's L3 -attestation (SLSA statement + detached ed25519 over the statement JSON) and its -subject — the verify primitive that lets a thin prx accept door-keeper as the -canonical keeper daemon (Phase B.2). Not yet wired into the gate. Test-only -consumer for now; no API or behavior change, no release. diff --git a/.changeset/retire-dead-keeper-client.md b/.changeset/retire-dead-keeper-client.md deleted file mode 100644 index 9eb3a886..00000000 --- a/.changeset/retire-dead-keeper-client.md +++ /dev/null @@ -1,10 +0,0 @@ ---- ---- - -Remove the now-dead bespoke keeper door-client factory: after Phase C the live -keeper door push consumes door-kit, leaving `keeperd/client-factory.ts` -(`withKeeperClient`) and `keeperd/protocol-transport.ts` (`guestRoomKeeperTransport`) -with no live callers. Deleted both + their tests. `IsolatedKeeperClient` -(`client.ts`) and `isKeeperDoorMode`/`resolveKeeperEndpoint` (`endpoint.ts`) stay — -still used by session-host/lima and the publish gate. No API or behavior change, -no release. diff --git a/.changeset/verify-launch-chain.md b/.changeset/verify-launch-chain.md deleted file mode 100644 index 8c380c69..00000000 --- a/.changeset/verify-launch-chain.md +++ /dev/null @@ -1,10 +0,0 @@ ---- ---- - -Add `verifyLaunchChain` (`provenance/verify-chain.ts`): verify the L3 write → L2 -launch chain — the L3 verifies under the keeper key and attests the commit, the L2 -verifies under the launcher key, both have the right `level`, and the L3 links back -to exactly this L2 by content-address (in-toto DAG). The verifier side of -`manifestDigest` enforcement; bumps `@bounded-systems/ocap-provenance` to `^0.2.0` -(for `./attestation`). Producer wiring (launch-flow call + distribution + the L3 -carrying the launch link) is the remaining integration. No release. diff --git a/.changeset/wire-l3-gate.md b/.changeset/wire-l3-gate.md deleted file mode 100644 index 90a9f087..00000000 --- a/.changeset/wire-l3-gate.md +++ /dev/null @@ -1,11 +0,0 @@ ---- ---- - -Wire door-keeper L3 verification into `submit publish`'s `requireSigned` gate -(Phase B.2). The gate now branches on the attestation FORMAT: a door-keeper L3 is -verified via `verifyL3Attestation` against the operator-supplied keeper trust key -(`resolveKeeperTrustKey` / `PRX_KEEPER_PUBKEY`), failing closed when the key is -unconfigured, the signature is wrong, or the subject isn't the materialized -commit; prx's own anchored-chain `push/v1` derivation still verifies via the -existing DSSE path. Behaviour is unchanged unless `requireSigned` is set and the -door returns an L3. No public API change, no release. diff --git a/docs/jsr-publishing.md b/docs/jsr-publishing.md index 54e5a72e..6b683911 100644 --- a/docs/jsr-publishing.md +++ b/docs/jsr-publishing.md @@ -56,4 +56,4 @@ Manual single-package publish: push a `@bounded-systems/@` tag, or | Package | Version | Auto-publish | Intra-scope deps | | --- | --- | --- | --- | -| `@bounded-systems/prx-config` | 0.3.0 | ✅ ready | — | +| `@bounded-systems/prx-config` | 0.4.0 | ✅ ready | — | diff --git a/packages/prx-config/CHANGELOG.md b/packages/prx-config/CHANGELOG.md index 2aba824a..5686b118 100644 --- a/packages/prx-config/CHANGELOG.md +++ b/packages/prx-config/CHANGELOG.md @@ -1,5 +1,16 @@ # @bounded-systems/prx-config +## 0.4.0 + +### Minor Changes + +- 06a401d: Remove Warp TUI support (`tui_l2_warp.ts` and all `*Warp` exports). Package now only manages the L1 Claude TUI slice. + +### Patch Changes + +- 585be9c: Add explicit `z.ZodType` annotations to exported Zod schemas for JSR fast-check compliance. Add `| undefined` to optional TypeScript type fields to match `exactOptionalPropertyTypes: true` + Zod optional output. +- 747b13f: Replace `z.infer<>` with explicit TypeScript types and add JSDoc to all exported symbols for JSR score 100. + ## 0.2.1 ### Patch Changes diff --git a/packages/prx-config/jsr.json b/packages/prx-config/jsr.json index 2e104f16..453ed400 100644 --- a/packages/prx-config/jsr.json +++ b/packages/prx-config/jsr.json @@ -1,6 +1,6 @@ { "name": "@bounded-systems/prx-config", - "version": "0.3.0", + "version": "0.4.0", "exports": "./src/index.ts", "imports": { "zod": "npm:zod@^4.4.3" diff --git a/packages/prx-config/package.json b/packages/prx-config/package.json index e8c4bed3..9fa9c7f7 100644 --- a/packages/prx-config/package.json +++ b/packages/prx-config/package.json @@ -1,6 +1,6 @@ { "name": "@bounded-systems/prx-config", - "version": "0.3.0", + "version": "0.4.0", "description": "TUI configuration schema parser/emitter for L1 Claude and L2 Warp tools", "bounded": { "tagline": "TUI configuration schema parser/emitter for L1 Claude and L2 Warp tools", diff --git a/packages/prx/CHANGELOG.md b/packages/prx/CHANGELOG.md index 982206dc..382f7c31 100644 --- a/packages/prx/CHANGELOG.md +++ b/packages/prx/CHANGELOG.md @@ -1,5 +1,50 @@ # @bounded-systems/prx +## 0.12.0 + +### Minor Changes + +- cff799e: Add `prx pod up` verb: launches the per-repo pod (claude-room + beadsd-room + keeperd-room) via `launchPod`, attests the launch (best-effort L2), and returns `{ pod, containers, l2LaunchDigest }`. Rootless `doorDir` (`$XDG_RUNTIME_DIR/prx/doors` or `~/.local/run/prx/doors`) so no sudo is required on macOS/Linux. Injected into the verb registry and routed via `cli.ts`. + +### Patch Changes + +- 513c2bd: Pin beadsd-box OCI image digest in `beadsd-room` (prx-634). Image is built via + `nix dockerTools.streamLayeredImage` (prx, bd, dolt, git, cacert) and pushed to + `ghcr.io/bounded-systems/prx/beadsd-box`; the digest reference replaces the + placeholder `"beadsd-box"` string. Adds `publish-oci-boxes.yml` CI workflow that + rebuilds and pushes on every `v*` tag. +- b2b86da: Pass `--socket` and `--key` CMD args to keeperd container so it binds to the shared fabric. + + The keeperd image entrypoint hardcodes `--socket /run/doors/keeperd.sock --key /keys/keeper.key` + before `"$@"`. door-kit's `parseArgs` uses last-wins semantics, so CMD args (after the OCI image + ref in `podman run`) override the baked-in defaults. + + - **spec.ts** — `RoomSpec` gains `extraArgs: string[]` (default `[]`): room-specific CMD args + appended after the image ref for entrypoint override + - **podman.ts** — `renderPodmanRun` appends `--socket ${doorDir}/` CMD args for each + exposed door (overrides hardcoded entrypoint socket path), then `room.extraArgs` + - **keeperd-room.ts** — sets `extraArgs: ["--key", "/run/secrets/keeper-key"]` to override the + entrypoint's baked-in key path with our secret mount target + - all existing room definitions gain `extraArgs: []` to satisfy the TS output type + +- aacba94: Wire keeper socket readiness poll so `prx pod up` returns a non-null `l2LaunchDigest`. + + Three-part fix closing the gap from prx-9yv3/#749: + + 1. **podman.ts** — `renderPodmanRun` injects `KEEPERD_SOCK=${doorDir}/` for + each exposed door, so the keeper daemon writes its socket onto the shared fabric + (not the in-box default `/run/keeperd.sock`). + + 2. **pod.ts** — `doorEnv` rebases consumer socket paths to `${doorDir}/`, + ensuring the client-side `KEEPERD_SOCK` and `PRX_BEADS_SOCKET` point to the + shared fabric regardless of the door spec's nominal path. + + 3. **podman-runtime.ts** — `launchPod` polls for the keeper socket via `waitForSocket` + (injectable, 500ms interval / 30s timeout), then sets `KEEPERD_SOCK` in the host + environment before calling `attestLaunchForPod`, and restores or deletes it after. + Best-effort: a poll timeout or attest failure surfaces as `l2LaunchDigest: null` + without tearing down the pod. + ## 0.11.3 ### Patch Changes diff --git a/packages/prx/package.json b/packages/prx/package.json index d078adbc..44efd71f 100644 --- a/packages/prx/package.json +++ b/packages/prx/package.json @@ -1,6 +1,6 @@ { "name": "@bounded-systems/prx", - "version": "0.11.3", + "version": "0.12.0", "private": true, "type": "module", "license": "PolyForm-Noncommercial-1.0.0",