feat(aws): darwin-runner deploy + 4-region launch + Phase 2 spec + v3.0.0 launch post draft#26
Merged
Merged
Conversation
vje013
added a commit
that referenced
this pull request
May 27, 2026
Adds the four aws-lambda-{region} substrates, modal-v0, and akash-v0
to the substrate allowlist, alongside the original local-docker-v0.
This unblocks Phase 2 step 3b-4: generating Fly-hosted class keys for
the AWS Lambda runners deployed in PR #26.
Allowlist now covers the seven v3.0.0 substrates:
- local-docker-v0
- aws-lambda-us-east-1
- aws-lambda-us-west-2
- aws-lambda-eu-west-1
- aws-lambda-ap-northeast-1
- modal-v0
- akash-v0
Tests updated to use e2b-v0 (still intentionally not allowlisted) as
the rejection-path fixture in place of aws-lambda-us-east-1.
Signed-off-by: VladimirEdouard <135543245+vje013@users.noreply.github.com>
vje013
added a commit
that referenced
this pull request
May 27, 2026
Adds the four aws-lambda-{region} substrates, modal-v0, and akash-v0
to the substrate allowlist, alongside the original local-docker-v0.
This unblocks Phase 2 step 3b-4: generating Fly-hosted class keys for
the AWS Lambda runners deployed in PR #26.
Allowlist now covers the seven v3.0.0 substrates:
- local-docker-v0
- aws-lambda-us-east-1
- aws-lambda-us-west-2
- aws-lambda-eu-west-1
- aws-lambda-ap-northeast-1
- modal-v0
- akash-v0
Tests updated to use e2b-v0 (still intentionally not allowlisted) as
the rejection-path fixture in place of aws-lambda-us-east-1.
Signed-off-by: VladimirEdouard <135543245+vje013@users.noreply.github.com>
… launch post draft Phase 2 step 3b-3. AWS Lambda runner deployed to four regions: us-east-1, us-west-2, eu-west-1, ap-northeast-1. Two Lambda functions per region (python + node), one IAM role, two ECR repos per region. Eight darwin-runner Lambda functions live, all serving identical image digests across regions: - python: sha256:e0647a8e17033e27c1419ce687524f08d279c5c89f89fe14d46f03d4e6da805c - node: sha256:6be06af1e33a8ec952f47fed50923b03e61c23c511024b438bcc38e3c71fab61 infra/aws_runner/ (new module) - runner.py: Python Lambda handler. Validates RunnerEvent, materializes workload to /tmp/workload.py, subprocess.run with timeout, captures stdout/stderr/exit_code/wall_time, returns RunnerResponse. - runner.mjs: Node Lambda handler. Same protocol, same evidence shape. Mirrors runner.py exactly so attestation evidence is identical across languages. Tested locally to produce the same output_hash as runner.py for the same workload. - Dockerfile.runner-python: AWS Lambda Python 3.12 base + runner.py. - Dockerfile.runner-node: AWS Lambda Node 20 base + runner.mjs. - deploy.py: boto3 orchestrator. Idempotent. Creates IAM role, ECR repos per region, builds and pushes both images per region, creates Lambda functions. Retries Lambda creation on IAM eventual-consistency errors. Polls for Active state. Logs each step. Works from cold-start account state. The runner is invoked by the LambdaSubstrate adapter shipped in PR #24. Substrate id format: aws-lambda-{region}. Function names: darwin-runner-{python|node}-{region}. Schema URIs: - darwin.cloud/event/aws-lambda-runner/v1 (event payload, shared with substrate adapter) Operational notes: - IAM role darwin-runner-execution-role (one global) - Memory: 1024 MB default, configurable per workload - Timeout: 900s (Lambda max), the substrate uses workload.timeout_sec with a 5s safety margin - AWS Lambda public pricing as wholesale cost in the substrate DARWIN_AGENTIC_CLOUD_PHASE_2_SPEC.md (new) - Phase 2 specification document mirroring the Phase 1 spec template. - Toll-booth framing for the v3.0.0 product positioning. - Five concrete substrates, two-signature attestation model, open verification, marketplace economics. LAUNCH_POST_v3.0.0.md (new) - Draft launch post for v3.0.0 ship. pyproject.toml - Adds boto3>=1.35,<2 to runtime deps (for the deploy orchestrator). examples/hello.py - Sample workload that exercises the path. Signed-off-by: VladimirEdouard <135543245+vje013@users.noreply.github.com>
Signed-off-by: VladimirEdouard <135543245+vje013@users.noreply.github.com>
Signed-off-by: VladimirEdouard <135543245+vje013@users.noreply.github.com>
vje013
force-pushed
the
feat/aws-runner-deploy
branch
from
b1e5809 to
ee8df42
Compare
Signed-off-by: VladimirEdouard <135543245+vje013@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Phase 2 step 3b-3. AWS Lambda runner deployed live to four regions: us-east-1, us-west-2, eu-west-1, ap-northeast-1. Two Lambda functions per region (python + node) backed by identical image digests across regions.
What's live in AWS account 529088294890 right now
What this branch ships
infra/aws_runner/— runner code (Python + Node), Dockerfiles, boto3 deploy orchestrator. Idempotent. Builds locally + pushes to ECR + creates Lambdas with IAM-eventual-consistency retries.DARWIN_AGENTIC_CLOUD_PHASE_2_SPEC.md— Phase 2 spec doc mirroring the Phase 1 template. Toll-booth framing, 5-substrate catalog, dual-signature attestation model, open verification.LAUNCH_POST_v3.0.0.md— Draft launch post.examples/hello.py— Sample workload.boto3>=1.35,<2.What's next
Step 3b-4: Generate 4 aws-lambda class keys, upload to Fly, redeploy with updated entrypoint. Then steps 4-11 (Modal, Akash, router, runtime rewire, CLI flag, MCP, hosted demo upgrade, ship).
Schema URIs
darwin.cloud/event/aws-lambda-runner/v1(event payload, shared with substrate adapter)No code-only tests added in this branch \u2014 the deploy orchestrator is verified by the live infrastructure it produced (8 functions across 4 regions, all Active).