Skip to content

fix: provision chromium scope wrapper#957

Merged
rysweet merged 2 commits intomainfrom
fix/chromium-snap-session-scope
Apr 7, 2026
Merged

fix: provision chromium scope wrapper#957
rysweet merged 2 commits intomainfrom
fix/chromium-snap-session-scope

Conversation

@rysweet
Copy link
Copy Markdown
Owner

@rysweet rysweet commented Apr 7, 2026
edited
Loading

Fix: Harden bastion tunnel port isolation and chromium provisioning

Root Cause

Process-local port allocator starting at 50200 could silently route readiness checks into an older VM through a stale bastion tunnel, causing provisioning verification to report success against the wrong VM.

Changes

  • bastion_tunnel.rs: Replace fixed port allocator with OS-allocated ephemeral ports; purge duplicate-port registry claimants; verify listener ownership belongs to spawned az bastion tunnel process tree
  • cloud_init.rs: Extract cloud-init provisioning logic into azlin-azure crate (+175 lines)
  • vm.rs: Refactor VM operations to use new cloud-init module (-193 lines)
  • auth_forward.rs: Session scope hardening for credential forwarding
  • cmd_vm_ops.rs: VM ops updates for new provisioning flow
  • credential-forwarding.md: Documentation update
  • pr-957-chromium-provisioning.yaml: New gadugi scenario test

Validation Evidence

Run Session ID Timestamp Result
run11 4076e10f 2026-04-07T23:09:24Z ✅ PASSED
run12 efa3ed15 2026-04-07T23:26:52Z ✅ PASSED

Both runs validated against fresh VM pr957-chromium-1775604412:

  • ✅ Sentinel file present (/var/lib/azlin/.provisioned)
  • ✅ Browser headless wrapper installed
  • ✅ Alias headless wrapper installed
  • ✅ GUI launch gate functional
  • ✅ 16/16 focused bastion tunnel unit tests passing
  • cargo check -p azlin clean
  • ✅ Diff scoped to exactly 7 intended files (no formatting noise)

Closes #957

fix: provision chromium scope wrapper
fed9f9d 
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@rysweet rysweet force-pushed the fix/chromium-snap-session-scope branch from e3d5fe7 to fed9f9d Compare April 7, 2026 15:40
fix: harden bastion tunnel port isolation and chromium provisioning
ec9a55d 
Root cause: process-local port allocator starting at 50200 could silently
route readiness checks into an older VM through a stale bastion tunnel.

Fixes:
- Replace fixed port allocator with OS-allocated ephemeral ports
- Purge duplicate-port registry claimants on new tunnel creation
- Verify listener on selected local port belongs to spawned az bastion
  tunnel process tree (not any arbitrary listener)
- Extract cloud-init provisioning logic into azlin-azure crate
- Add gadugi scenario test for chromium snap session-scope provisioning

Validated: 2 consecutive live runs passed all assertions (sentinel present,
browser headless, alias headless, GUI launch gate) against fresh VM.

Closes #957

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@rysweet rysweet merged commit 26fe784 into main Apr 7, 2026
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rysweet