-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathMakefile
More file actions
100 lines (82 loc) · 6.38 KB
/
Makefile
File metadata and controls
100 lines (82 loc) · 6.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
.PHONY: validate validate-json validate-yaml validate-quadlet validate-render validate-evidence validate-governance validate-policy-fabric validate-activation validate-supply-chain validate-release-bundle validate-sourceos-projections validate-package validate-cli validate-formula doctor probe
PYTHON ?= python3
RUBY ?= ruby
CLI := bin/agent-machine
BOOTSTRAP_CLI := sh $(CLI)
FORMULA := packaging/homebrew/Formula/agent-machine.rb
LOCAL_AGENTPOD := examples/local-podman-llama-cpp.agent-pod.json
PINNED_AGENTPOD := examples/local-podman-llama-cpp.pinned.agent-pod.json
K8S_AGENTPOD := examples/k8s-topolvm.agent-pod.json
LOCAL_QUADLET := deploy/quadlet/agent-machine-llama-cpp.container
K8S_MANIFEST := deploy/k8s/llama-cpp-topolvm-pod.yaml
READY_POLICY := examples/policy-admission.allowed-activation.json
READY_GRANT := examples/agent-registry-grant.active-activation.json
FAIL_POLICY := examples/policy-admission.missing.json
FAIL_GRANT := examples/agent-registry-grant.missing.json
RECEIPT_DIR := examples
POLICY_DIR := examples
DEPLOYMENT_RECEIPT_ID := urn:srcos:agent-machine:deployment-receipt:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
DECIDED_AT := 2026-05-04T12:51:00Z
PYCLI := PYTHONPATH=src $(PYTHON) -m agent_machine.cli
PYMOD := PYTHONPATH=src $(PYTHON) -m
validate: validate-json validate-yaml validate-quadlet validate-render validate-evidence validate-governance validate-policy-fabric validate-activation validate-supply-chain validate-release-bundle validate-sourceos-projections validate-package validate-cli validate-formula
validate-json:
$(PYTHON) scripts/validate-json.py
validate-yaml:
$(PYTHON) scripts/validate-yaml.py
validate-quadlet:
$(PYTHON) scripts/validate-quadlet.py
$(PYTHON) scripts/render-agentpod-quadlet.py $(LOCAL_AGENTPOD) --compare $(LOCAL_QUADLET)
validate-render:
$(PYTHON) scripts/render-agentpod-plan.py $(LOCAL_AGENTPOD) --pretty >/tmp/agent-machine-local-agentpod-plan.json
$(PYTHON) scripts/render-agentpod-plan.py $(K8S_AGENTPOD) --pretty >/tmp/agent-machine-k8s-agentpod-plan.json
$(PYTHON) scripts/render-agentpod-plan.py $(LOCAL_AGENTPOD) --receipt --artifact-path /tmp/agent-machine-local-agentpod-plan.json --pretty >/tmp/agent-machine-local-deployment-receipt.json
$(PYTHON) scripts/render-agentpod-plan.py $(K8S_AGENTPOD) --receipt --artifact-path /tmp/agent-machine-k8s-agentpod-plan.json --pretty >/tmp/agent-machine-k8s-deployment-receipt.json
$(PYTHON) scripts/render-agentpod-k8s.py $(K8S_AGENTPOD) --compare $(K8S_MANIFEST)
$(PYCLI) render plan $(LOCAL_AGENTPOD) --pretty >/tmp/agent-machine-pycli-local-agentpod-plan.json
$(PYCLI) render receipt $(K8S_AGENTPOD) --artifact-path /tmp/agent-machine-pycli-k8s-agentpod-plan.json --pretty >/tmp/agent-machine-pycli-k8s-deployment-receipt.json
$(PYCLI) render quadlet $(LOCAL_AGENTPOD) --compare $(LOCAL_QUADLET)
$(PYCLI) render k8s $(K8S_AGENTPOD) --compare $(K8S_MANIFEST)
$(BOOTSTRAP_CLI) render plan $(LOCAL_AGENTPOD) --pretty >/tmp/agent-machine-bootstrap-local-agentpod-plan.json
$(BOOTSTRAP_CLI) render quadlet $(LOCAL_AGENTPOD) --compare $(LOCAL_QUADLET)
$(BOOTSTRAP_CLI) render k8s $(K8S_AGENTPOD) --compare $(K8S_MANIFEST)
validate-evidence:
$(PYTHON) scripts/validate-evidence.py
validate-governance:
$(PYTHON) scripts/validate-governance.py
validate-policy-fabric:
$(PYTHON) scripts/validate-policy-fabric.py
$(PYTHON) scripts/resolve-policy-admission.py $(LOCAL_AGENTPOD) --policy-dir $(POLICY_DIR) --expected-status allowed --deployment-receipt-id $(DEPLOYMENT_RECEIPT_ID) --agent-machine-id urn:srcos:agent-machine:m2-asahi-local --provider-id urn:srcos:agent-machine:inference-provider:asahi-llama-cpp --pretty >/tmp/agent-machine-policy-resolve-allowed.json
$(PYCLI) policy resolve $(LOCAL_AGENTPOD) --policy-dir $(POLICY_DIR) --expected-status denied --deployment-receipt-id $(DEPLOYMENT_RECEIPT_ID) --agent-machine-id urn:srcos:agent-machine:m2-asahi-local --provider-id urn:srcos:agent-machine:inference-provider:asahi-llama-cpp --pretty >/tmp/agent-machine-pycli-policy-resolve-denied.json
validate-activation:
$(PYTHON) scripts/validate-activation.py
$(PYTHON) scripts/evaluate-activation.py $(LOCAL_AGENTPOD) $(READY_POLICY) $(READY_GRANT) --deployment-receipt-id $(DEPLOYMENT_RECEIPT_ID) --storage-receipt-dir $(RECEIPT_DIR) --decided-at $(DECIDED_AT) --decision-id urn:srcos:agent-machine:activation-decision:local-llama-cpp-allowed --pretty >/tmp/agent-machine-evaluate-activation-allowed.json
$(PYCLI) activate evaluate $(LOCAL_AGENTPOD) $(FAIL_POLICY) $(FAIL_GRANT) --deployment-receipt-id $(DEPLOYMENT_RECEIPT_ID) --storage-receipt-dir $(RECEIPT_DIR) --decided-at $(DECIDED_AT) --decision-id urn:srcos:agent-machine:activation-decision:local-llama-cpp-fail-closed --pretty >/tmp/agent-machine-pycli-evaluate-activation-fail-closed.json
$(PYCLI) activate evaluate $(LOCAL_AGENTPOD) $(READY_GRANT) --policy-dir $(POLICY_DIR) --expected-status allowed --deployment-receipt-id $(DEPLOYMENT_RECEIPT_ID) --agent-machine-id urn:srcos:agent-machine:m2-asahi-local --provider-id urn:srcos:agent-machine:inference-provider:asahi-llama-cpp --storage-receipt-dir $(RECEIPT_DIR) --decided-at $(DECIDED_AT) --decision-id urn:srcos:agent-machine:activation-decision:local-llama-cpp-allowed --pretty >/tmp/agent-machine-pycli-resolved-policy-activation-allowed.json
$(BOOTSTRAP_CLI) activate evaluate $(LOCAL_AGENTPOD) $(READY_POLICY) $(READY_GRANT) --deployment-receipt-id $(DEPLOYMENT_RECEIPT_ID) --storage-receipt-dir $(RECEIPT_DIR) --decided-at $(DECIDED_AT) --decision-id urn:srcos:agent-machine:activation-decision:local-llama-cpp-allowed --pretty >/tmp/agent-machine-bootstrap-evaluate-activation-allowed.json
validate-supply-chain:
$(PYTHON) scripts/validate-supply-chain.py
$(PYMOD) agent_machine.supply_chain $(PINNED_AGENTPOD) --strict
validate-release-bundle:
$(PYTHON) scripts/validate-release-bundle.py
$(PYTHON) scripts/generate-release-evidence.py --pretty >/tmp/agent-machine-release-evidence-bundle.json
validate-sourceos-projections:
$(PYTHON) scripts/validate-sourceos-projection-fixtures.py
validate-package:
$(PYTHON) scripts/validate-package.py
validate-cli:
sh -n $(CLI)
$(BOOTSTRAP_CLI) version
$(BOOTSTRAP_CLI) paths
$(BOOTSTRAP_CLI) doctor --format json
$(BOOTSTRAP_CLI) probe --format json
$(PYCLI) version
$(PYCLI) paths --format json
$(PYCLI) doctor --format json
$(PYCLI) probe --format json
validate-formula:
$(RUBY) -c $(FORMULA)
doctor:
$(BOOTSTRAP_CLI) doctor --format json
probe:
$(BOOTSTRAP_CLI) probe --format json