feat(vm): boot CoreOS via Ignition — Fedora CoreOS now runnable

[ErenAri]

Makes the CoreOS boot path real, addressing the "RHCOS — those are the tricky ones" request (Angelo Puglisi) and the earlier audit note that RHCOS validation didn't actually work.

The gap

CoreOS-family images (Fedora CoreOS, RHEL CoreOS) boot via Ignition, not cloud-init, so the SSH/cloud-init executor couldn't provision the validator — they were marked unsupported.

The fix

A new Ignition seed-delivery mode (internal/vm/ignition.go): write a minimal Ignition v3 config authorising the per-run SSH key for the core user, and pass it to QEMU via -fw_cfg name=opt/com.coreos/config. Everything after SSH-up is seed-agnostic, so the rest of the pipeline is unchanged.

Proven on Fedora CoreOS

FCOS stable boots and the validator load + attaches a real artifact inside the guest:

• booted distro fedora-coreos, kernel 7.0.11-200.fc44.x86_64
• seed delivery: Ignition config via fw_cfg (opt/com.coreos/config), SSH user selected: core
• ringbuf-modern: load=pass, attach=1/1

ExecutionTransport() now reports fedora-coreos supported. Profile renamed fedora-coreos-stable-6.14 → fedora-coreos-stable-7.0 to match the real kernel. Fetch the image with make vm-image-fcos (resolves the stream, verifies sha256, decompresses).

RHCOS — honest scope (unchanged claim)

rhcos shares this exact Ignition+SSH boot path, so it is mechanically supported — but its image ships only through the pull-secret-gated OpenShift release payload and can't be fetched/verified here. ExecutionTransport() keeps it unsupported with that precise reason until an operator supplies the image. RHCOS stays absent from the README "Distributions covered" section — no overclaiming.

Tests

• internal/vm: ignition writer, CoreOS distro detection, seed-mode selection, fw_cfg arg, and the transport matrix (FCOS supported / RHCOS gated-on-image).
• go build ./..., go vet ./..., gofmt, full go test ./... — all green.

🤖 Generated with Claude Code