Context
SourceOS Agent Machine is primarily a local cross-host workspace runtime, but it should stay compatible with SourceOS Boot, BootReleaseSet, and nlboot-derived recovery/provisioning flows.
The boundary should be:
- Agent Machine handles local developer/operator workspaces on Mac, Windows, and Linux.
- BootReleaseSet handles boot, recovery, live install, rollback, and provisioning.
- Both share contracts, fingerprints, evidence records, and device/workspace identity references.
Scope
Add docs or examples showing how a BootReleaseSet can carry or reference:
- a default AgentMachineProfile for post-install operator workspace setup;
- an AgentMachineFingerprint emitted after first launch;
- recovery-mode policy constraints for local agent workspace repair;
- nlboot compatibility fields where bootstrap/recovery should fetch an Agent Machine profile after enrollment.
Acceptance criteria
- BootReleaseSet docs mention Agent Machine as an optional post-boot workspace setup surface.
- Example manifest shows a profile reference without embedding secrets or host-local values.
- Evidence model records whether Agent Machine setup was offered, skipped, completed, or failed.
- No implementation code crosses into
sourceos-devtools; keep runtime engine ownership separate.
Non-goals
- Do not implement the Podman workspace engine here.
- Do not add user-specific tokens, private keys, or mounted paths.
- Do not make BootReleaseSet depend on Agent Machine for normal boot or recovery.
Context
SourceOS Agent Machine is primarily a local cross-host workspace runtime, but it should stay compatible with SourceOS Boot, BootReleaseSet, and nlboot-derived recovery/provisioning flows.
The boundary should be:
Scope
Add docs or examples showing how a BootReleaseSet can carry or reference:
Acceptance criteria
sourceos-devtools; keep runtime engine ownership separate.Non-goals