feat: add Windows support and E2E CI pipeline#1
Open
jonaswre wants to merge 18 commits into
Open
Conversation
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Cross-platform path types (HostPathBuf, GuestPathBuf, MountSpec) - PlatformPaths trait for OS-specific directory layout - Backend abstraction layer (VmBackend, RootfsMaterializer, ProcessSupervisor traits) - Windows HCS/HCN backend implementation (compute, networking, rootfs, supervisor) - cfg-gate Unix-only code (libkrun FFI, PTY supervisor, xattr) - DB migration for backend-neutral runtime columns - Windows CI: compile check + unit tests (strict) - Linux CI: E2E smoke tests that boot real VMs via KVM - Fix clippy if_same_then_else in ReferenceOrPath::from_str Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add missing RootfsMaterializer trait import in hcs.rs - Fix unreachable code after return in layer extraction non-unix path - Gate unused imports (Getters, MicroVmBuilder, MicrosandboxResult) with cfg(unix) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Gate runtime re-export in microsandbox-utils lib.rs - Gate all Unix-only imports in oci/layer/extraction.rs (CStr, CString, anyhow, etc.) - Gate GzipDecoder, BufReader, Archive imports in oci/layer/mod.rs - Keep MicroVmConfigBuilder available cross-platform, only gate MicroVmBuilder Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Run cargo fmt to fix formatting issues - Gate colon-delimited mount spec tests with #[cfg(unix)] (colon syntax is intentionally rejected on Windows due to drive letter ambiguity) - Gate is_absolute() assertion with #[cfg(unix)] (Unix paths aren't absolute on Windows) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add udev rule to make /dev/kvm world-accessible in CI - Add fallback chmod in smoke test script for resilience Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Prevents the calling shell from expanding $E2E_VAR before passing it to the sandbox shell. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Shell variable expansion depends on exec context; printenv directly reads the environment without needing shell expansion. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Windows (windows-e2e): - Compile check + unit tests + release build - Server start/stop lifecycle validation - Health endpoint verification - Graceful Hyper-V error handling (no Hyper-V on CI runners) macOS (macos-e2e): - Compile check + utils tests - Stub libkrun for linking (can't build real libkrun without krunvm) - Release build + server start/stop lifecycle - Health endpoint verification - Graceful error on VM boot (no nested virt on ARM64 runners) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Windows paths like C:\Users\...\sandbox.db break the SQLite URL parser because backslashes are not valid URL separators. Convert to forward slashes before constructing the connection string. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
sqlite://C:/path is invalid — the URL parser treats C: as a port. Use sqlite:///C:/path (three slashes) which correctly denotes an absolute path in URI notation. Extracted into sqlite_url() helper. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
URL-based connection strings break on Windows because drive letters like C: are misinterpreted as URL components. Using SqliteConnectOptions with .filename() bypasses URL parsing entirely. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Use ErrorActionPreference=Continue so native command stderr doesn't terminate the PowerShell script - Add layer extraction error to expected graceful failures (OCI layer extraction with ownership override isn't supported on Windows) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add Windows Hyper-V (HCS/HCN) backend for running Linux sandboxes without Docker. Includes OCI-to-VHD pipeline, Go worker for HCS lifecycle, bootstrap init (PID 1) for guest overlayfs assembly, and exec path wrapping — non-absolute commands are wrapped in `/bin/sh -c` so the guest shell resolves them via PATH. E2E verified: `msb exe alpine -e "echo hello"` and `msb exe alpine -e "/bin/echo hello"` both succeed on Win11 26200.
…, E2E tests - Add Build-BootBundle.ps1: automated cross-compilation (cargo-zigbuild), rootfs.vhd creation (Python tarfile with Unix permissions), and manifest generation. New `make build_bundle_windows` target. - Add boot bundle auto-download: ensure_bundle() now downloads from GitHub releases with SHA256 verification and indicatif progress bar when bundle is missing locally. - Add Windows to CI release workflow: windows-latest matrix entry builds host binaries (msb.exe, msbserver.exe, msbrun-hcs.exe), boot bundle, and packages as zips with checksums. - Add Package-WindowsRelease.ps1 for reusable release packaging. - Add windows_e2e_test.ps1: 5 E2E tests covering exec, run, back-to-back, and volume mounts. - Update P0-P2 blocker implementations: session-scoped pipes, interactive terminal, 9p volume sharing, HCN NAT reuse, admin detection. - Check off all P3 items in windows-support-checklist.md.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Test plan
cargo check --workspace)-D warnings🤖 Generated with Claude Code