Merge branch 'james/sudoless-mac-vm'

Author: lightsofapollo

.github/workflows/release.yml

@@ -149,3 +149,75 @@ jobs:
           if [[ -n "${KEYCHAIN_PATH:-}" ]]; then
             security delete-keychain "$KEYCHAIN_PATH" 2>/dev/null || true
           fi
+
+  publish-pinned-artifacts:
+    name: Publish Pinned Base + Patch Metadata
+    runs-on: macos-14
+    needs: build-sign-release
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: dtolnay/rust-toolchain@stable
+
+      - uses: Swatinem/rust-cache@v2
+        with:
+          workspaces: crates
+
+      - name: Build vz-cli
+        working-directory: crates
+        run: cargo build --release -p vz-cli
+
+      - name: Validate pinned base matrix and patch bundles
+        run: |
+          set -euo pipefail
+
+          mkdir -p release/pinned-artifacts
+
+          cp config/base-images.json release/pinned-artifacts/base-images.json
+          shasum -a 256 config/base-images.json > release/pinned-artifacts/base-images.json.sha256
+
+          crates/target/release/vz vm base list | tee release/pinned-artifacts/base-list.txt
+
+          bundle_count=0
+          if [[ -d release/patch-bundles ]]; then
+            shopt -s nullglob
+            for bundle in release/patch-bundles/*.vzpatch; do
+              if [[ -d "$bundle" ]]; then
+                echo "Verifying patch bundle: $bundle"
+                crates/target/release/vz vm patch verify --bundle "$bundle"
+                bundle_count=$((bundle_count + 1))
+              fi
+            done
+            shopt -u nullglob
+          fi
+
+          if [[ -d release/patch-bundles ]]; then
+            tar -czf release/pinned-artifacts/pinned-patch-bundles.tar.gz -C release patch-bundles
+            shasum -a 256 release/pinned-artifacts/pinned-patch-bundles.tar.gz > release/pinned-artifacts/pinned-patch-bundles.tar.gz.sha256
+          fi
+
+          generated_at="$(date -u +"%Y-%m-%dT%H:%M:%SZ")"
+          matrix_sha256="$(shasum -a 256 config/base-images.json | awk '{print $1}')"
+          cat > release/pinned-artifacts/pinned-release-metadata.json <<EOF
+          {
+            "release_tag": "${GITHUB_REF_NAME}",
+            "generated_at": "${generated_at}",
+            "base_matrix_path": "config/base-images.json",
+            "base_matrix_sha256": "${matrix_sha256}",
+            "verified_patch_bundle_count": ${bundle_count}
+          }
+          EOF
+          shasum -a 256 release/pinned-artifacts/pinned-release-metadata.json > release/pinned-artifacts/pinned-release-metadata.json.sha256
+
+      - name: Attach pinned artifacts to GitHub Release
+        uses: softprops/action-gh-release@v2
+        with:
+          fail_on_unmatched_files: false
+          files: |
+            release/pinned-artifacts/base-images.json
+            release/pinned-artifacts/base-images.json.sha256
+            release/pinned-artifacts/base-list.txt
+            release/pinned-artifacts/pinned-release-metadata.json
+            release/pinned-artifacts/pinned-release-metadata.json.sha256
+            release/pinned-artifacts/pinned-patch-bundles.tar.gz
+            release/pinned-artifacts/pinned-patch-bundles.tar.gz.sha256

README.md

@@ -90,11 +90,17 @@ vz stack down demo --volumes
 ### 4. Manage macOS VMs (macOS only)
 
 ```bash
-# Create a base image from IPSW
-vz vm init --disk-size 64G
+# Create a pinned base image from the stable channel
+vz vm init --base stable
 
-# Provision account + guest agent (one-time per image)
-sudo vz vm provision --image ~/.vz/images/base.img
+# Provision account + guest agent after fingerprint verification (system mode is default)
+sudo vz vm provision --image ~/.vz/images/base.img --base-id stable
+
+# No-local-sudo local path (opt-in runtime policy)
+vz vm provision --image ~/.vz/images/base.img --base-id stable --agent-mode user
+
+# Verify a local image against the stable channel pin
+vz vm base verify --image ~/.vz/images/base.img --base-id stable
 
 # Start headless VM
 vz vm run --image ~/.vz/images/base.img --name dev --headless &
@@ -109,6 +115,64 @@ vz vm save dev --stop
 vz vm run --image ~/.vz/images/base.img --name dev --restore ~/.vz/state/dev.vzsave --headless &
 ```
 
+### 5. Pinned-base automation policy (macOS VM flows)
+
+- `vz vm init --base <selector>`, `vz vm provision --base-id <selector>`, and `vz vm base verify --base-id <selector>` accept immutable base IDs plus channel aliases (`stable`, `previous`).
+- Base descriptors include support lifecycle metadata (`active` or `retired`); selecting a retired or unknown base fails with explicit fallback guidance.
+- Retirement guidance always includes `vz vm init --base stable` and, when available, a concrete replacement selector/base.
+- `vz vm patch verify` and `vz vm patch apply` reject bundles targeting retired or unsupported base descriptors.
+- Unpinned flows require explicit `--allow-unpinned`.
+- In CI (`CI=true`), unpinned flows are blocked unless `VZ_ALLOW_UNPINNED_IN_CI=1` is set.
+- Runtime policy: `--agent-mode system` is the default for reliability; `--agent-mode user` is opt-in for no-local-sudo workflows.
+
+```bash
+# Explicit unpinned local flow
+vz vm init --allow-unpinned --ipsw ~/Downloads/restore.ipsw
+sudo vz vm provision --image ~/.vz/images/base.img --allow-unpinned
+```
+
+### 6. Create signed patch bundles
+
+```bash
+# Generate an Ed25519 signing key (PKCS#8 PEM)
+openssl genpkey -algorithm Ed25519 -out /tmp/vz-patch-signing-key.pem
+
+# One-command inline patch creation (no operations.json or payload directory required)
+vz vm patch create \
+  --bundle /tmp/patch-1.vzpatch \
+  --base-id stable \
+  --mkdir /usr/local/libexec:755 \
+  --write-file /path/to/vz-agent:/usr/local/libexec/vz-agent:755 \
+  --symlink /usr/local/bin/vz-agent:/usr/local/libexec/vz-agent \
+  --set-owner /usr/local/libexec/vz-agent:0:0 \
+  --set-mode /usr/local/libexec/vz-agent:755 \
+  --signing-key /tmp/vz-patch-signing-key.pem
+
+vz vm patch verify --bundle /tmp/patch-1.vzpatch
+sudo vz vm patch apply --bundle /tmp/patch-1.vzpatch --image ~/.vz/images/base.img
+```
+
+For advanced CI workflows, `vz vm patch create` also supports `--operations <json>` + `--payload-dir <dir>`.
+
+### 7. Primary image-delta patch flow (sudo once, then sudoless apply)
+
+```bash
+# 1) Create a binary image delta from a signed bundle (runs bundle apply on a temp image copy)
+sudo vz vm patch create-delta \
+  --bundle /tmp/patch-1.vzpatch \
+  --base-image ~/.vz/images/base.img \
+  --delta /tmp/patch-1.vzdelta
+
+# 2) Apply the binary delta without sudo to produce a new bootable image
+vz vm patch apply-delta \
+  --base-image ~/.vz/images/base.img \
+  --delta /tmp/patch-1.vzdelta \
+  --output-image ~/.vz/images/base-patched.img
+
+# 3) Boot-test the patched image
+vz vm run --image ~/.vz/images/base-patched.img --name delta-test --headless
+```
+
 ## Command groups
 
 ### Containers
@@ -121,7 +185,7 @@ vz vm run --image ~/.vz/images/base.img --name dev --restore ~/.vz/state/dev.vzs
 
 ### VMs (macOS)
 
-`vm init`, `vm run`, `vm exec`, `vm save`, `vm restore`, `vm list`, `vm stop`, `vm cache`, `vm provision`, `vm cleanup`, `vm self-sign`, `vm validate`
+`vm init`, `vm run`, `vm exec`, `vm save`, `vm restore`, `vm list`, `vm stop`, `vm cache`, `vm provision`, `vm cleanup`, `vm self-sign`, `vm validate`, `vm base`, `vm patch`
 
 ## Architecture
 

config/base-images.json

@@ -0,0 +1,64 @@
+{
+  "version": 1,
+  "default_base": "macos-15.3.1-24D70-arm64-64g",
+  "channels": {
+    "stable": "macos-15.3.1-24D70-arm64-64g",
+    "previous": "macos-14.6-23G80-arm64-64g"
+  },
+  "bases": [
+    {
+      "base_id": "macos-15.3.1-24D70-arm64-64g",
+      "macos_version": "15.3.1",
+      "macos_build": "24D70",
+      "ipsw_url": "https://updates.cdn-apple.com/2025WinterFCS/fullrestores/052-77521/UniversalMac_15.3.1_24D70_Restore.ipsw",
+      "ipsw_sha256": "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
+      "disk_size_gb": 64,
+      "fingerprint": {
+        "img_sha256": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+        "aux_sha256": "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
+        "hwmodel_sha256": "cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc",
+        "machineid_sha256": "dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd"
+      },
+      "support": {
+        "status": "active"
+      }
+    },
+    {
+      "base_id": "macos-14.6-23G80-arm64-64g",
+      "macos_version": "14.6",
+      "macos_build": "23G80",
+      "ipsw_url": "https://updates.cdn-apple.com/2024SummerFCS/fullrestores/042-15372/UniversalMac_14.6_23G80_Restore.ipsw",
+      "ipsw_sha256": "eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee",
+      "disk_size_gb": 64,
+      "fingerprint": {
+        "img_sha256": "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
+        "aux_sha256": "1111111111111111111111111111111111111111111111111111111111111111",
+        "hwmodel_sha256": "2222222222222222222222222222222222222222222222222222222222222222",
+        "machineid_sha256": "3333333333333333333333333333333333333333333333333333333333333333"
+      },
+      "support": {
+        "status": "active"
+      }
+    },
+    {
+      "base_id": "macos-13.6.7-22H123-arm64-64g",
+      "macos_version": "13.6.7",
+      "macos_build": "22H123",
+      "ipsw_url": "https://updates.cdn-apple.com/2024SpringFCS/fullrestores/032-12345/UniversalMac_13.6.7_22H123_Restore.ipsw",
+      "ipsw_sha256": "4444444444444444444444444444444444444444444444444444444444444444",
+      "disk_size_gb": 64,
+      "fingerprint": {
+        "img_sha256": "5555555555555555555555555555555555555555555555555555555555555555",
+        "aux_sha256": "6666666666666666666666666666666666666666666666666666666666666666",
+        "hwmodel_sha256": "7777777777777777777777777777777777777777777777777777777777777777",
+        "machineid_sha256": "8888888888888888888888888888888888888888888888888888888888888888"
+      },
+      "support": {
+        "status": "retired",
+        "retired_at": "2026-01-31",
+        "replacement_selector": "previous",
+        "replacement_base_id": "macos-14.6-23G80-arm64-64g"
+      }
+    }
+  ]
+}