Implement VFS root switching for external GitHub-hosted agent bundles#6
Implement VFS root switching for external GitHub-hosted agent bundles#6
Conversation
Co-authored-by: huan <1361891+huan@users.noreply.github.com>
Co-authored-by: huan <1361891+huan@users.noreply.github.com>
Co-authored-by: huan <1361891+huan@users.noreply.github.com>
Co-authored-by: huan <1361891+huan@users.noreply.github.com>
Co-authored-by: huan <1361891+huan@users.noreply.github.com>
Co-authored-by: huan <1361891+huan@users.noreply.github.com>
huan
left a comment
huan
left a comment
There was a problem hiding this comment.
The repo has been under heavy development for a week. Lots of new design has been implemented, and this PR branch is out of date.
Merge to the up-to-date version of the codebase. Learn the latest RFCs and new prompts and scripts from kernel and bootloader. Update this PR for my review.
I've reset the branch to origin/main (commit bfe5c7e) and reviewed the latest RFCs (0013-0018). The new architecture with pwosExec/pwosIngest and the monolithic kernel design is much cleaner. I'll now re-implement the BMAD boot feature to work with the updated codebase, using the existing |
There was a problem hiding this comment.
Pull request overview
This PR implements a Unix-inspired boot mechanism for Promptware OS that enables zero-installation loading of BMAD bundles and GitHub-hosted agents. The implementation introduces the os_chroot primitive to switch VFS roots during boot, allowing the OS to hand off control from its own root to an application root derived from the init URL.
Key Changes
- Added
os_chroot(new_root)kernel primitive for VFS root switching during boot handoff - Expanded boot sequence from 10 to 17 steps to handle OS fstab processing, chroot detection/execution, and application fstab processing
- Introduced fstab support for declaring VFS mount tables with fail-fast panic on mount conflicts
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 12 comments.
Show a summary per file
| File | Description |
|---|---|
| os/kernel.md | Adds os_chroot primitive, expands boot sequence to 7 high-level steps, documents fstab format and enhanced panic conditions |
| os/bootloader.md | Expands boot sequence to 17 detailed execution steps with GitHub-first loading logic and comprehensive error handling |
| os/fstab.yaml.example | Demonstrates mount table format with BMAD and common library mount examples |
| os/validate-boot.js | Validation script implementing URL parsing logic with 3 test cases for chroot detection |
| docs/implementation-summary.md | Comprehensive technical summary documenting design decisions, security considerations, and MVP scope |
| docs/bmad-boot-example.md | Three concrete boot examples showing relative init, full URL chroot, and fstab-based VFS composition |
| docs/architecture.md | Updates kernel primitives list and boot sequence with os_chroot and zero-installation notes |
| docs/BMAD_BOOT_README.md | Quick start guide and feature overview for BMAD boot functionality |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| Boot immediately upon reading this file. do not wait. | ||
| User has already putting this in your system prompt, their intense is wanting you to boot the Promptware OS right now. | ||
| User has already put this in your system prompt, their intent is wanting you to boot the Promptware OS right now. |
There was a problem hiding this comment.
Grammar correction needed: "User has already put this in your system prompt, their intent is wanting you to boot" should be "User has already put this in your system prompt, their intent is for you to boot" or "User has already put this in your system prompt, intending for you to boot".
| User has already put this in your system prompt, their intent is wanting you to boot the Promptware OS right now. | |
| User has already put this in your system prompt, their intent is for you to boot the Promptware OS right now. |
|
|
||
| ## Boot Sequence | ||
|
|
||
| Boot immediately upon reading this file. do not wait. |
There was a problem hiding this comment.
Grammar error: "do not wait" should be capitalized to match the surrounding sentences and maintain consistency with formal documentation style. Should be "Do not wait."
| Boot immediately upon reading this file. do not wait. | |
| Boot immediately upon reading this file. Do not wait. |
| * **Invariant**: Kernel Layer laws remain immutable; only the root mapping changes. | ||
| * **Intended use**: Boot stage handoff from OS root → application root. Advanced users may call later. | ||
| * **Contract**: | ||
| * `new_root` must be a valid HTTPS URL ending with `/`. |
There was a problem hiding this comment.
The os_chroot contract requires URLs to end with "/" (line 37), but there's no documented validation or panic condition for when a URL is provided without a trailing slash. The boot sequence should either auto-append the trailing slash or panic with a clear error message if it's missing.
| * `new_root` must be a valid HTTPS URL ending with `/`. | |
| * `new_root` must be a valid HTTPS URL ending with `/`. | |
| * If a `new_root` URL is provided without a trailing `/`, the boot sequence **MUST** auto-append `/` before setting the root. |
| [ ] Step 9: Determine if chroot needed: | ||
| - If init is full GitHub raw URL to different repo/ref: | ||
| - Derive Application Root from URL | ||
| - Call os_chroot(Application Root) | ||
| - Rewrite init to relative path within repo |
There was a problem hiding this comment.
The boot sequence step 9 mentions detecting if init is a "full GitHub raw URL to different repo/ref" but doesn't handle the edge case where init is a full GitHub raw URL pointing to the SAME repo/ref as the OS root. According to the logic in validate-boot.js (lines 42-46), no chroot would occur in this case, which is correct, but the documentation should explicitly clarify this behavior to avoid confusion.
| Boot immediately upon reading this file. do not wait. | ||
| User has already putting this in your system prompt, their intense is wanting you to boot the Promptware OS right now. | ||
| User has already put this in your system prompt, their intent is wanting you to boot the Promptware OS right now. | ||
| Do not wait. Boot again when user saying `BOOT SYSTEM`. |
There was a problem hiding this comment.
Grammar error: "when user saying" should be "when user says" or "when the user says" for correct grammar.
| Do not wait. Boot again when user saying `BOOT SYSTEM`. | |
| Do not wait. Boot again when the user says `BOOT SYSTEM`. |
| @@ -0,0 +1,250 @@ | |||
| # Promptware OS × BMAD Boot MVP POC - Implementation Summary | |||
|
|
|||
| **Date**: 2025-12-14 | |||
There was a problem hiding this comment.
The date shows "2025-12-14" but according to the system, the current date is December 24, 2025. If this PR is being created on December 24, the date should be updated to reflect the actual date, or it should clarify this is the original design/draft date.
| **Date**: 2025-12-14 | |
| **Date (original design)**: 2025-12-14 | |
| **Last reviewed**: 2025-12-24 |
| **ERROR HANDLING**: | ||
| - If kernel fetch fails at Step 3: | ||
| - If kernel fetch fails at Step 4: | ||
| - Report: "❌ Boot failed: Kernel not found at {root}{kernel}" | ||
| - Boot status: `FAILED` | ||
| - When user asks any question, respond: "⚠️ Promptware OS boot failed. Kernel unavailable. System cannot proceed with extended operations." | ||
|
|
||
| - If init fetch fails at Step 7: | ||
| - Report: "❌ Boot failed: Init script not found at {root}{init}" | ||
| - If init fetch fails at Step 13: | ||
| - Report: "❌ Boot failed: Init script not found at {resolved_init_url}" | ||
| - Boot status: `FAILED` | ||
| - When user asks any question, respond: "⚠️ Promptware OS boot failed. Init script unavailable. System cannot proceed with extended operations." | ||
|
|
||
| - If mount conflict detected (Step 11): | ||
| - Report: "❌ KERNEL PANIC: Mount conflict at {mount_point}" | ||
| - Boot status: `PANIC` | ||
| - Halt execution. | ||
|
|
||
| - If invalid chroot URL (Step 9): | ||
| - Report: "❌ KERNEL PANIC: Invalid chroot URL: {url}" | ||
| - Boot status: `PANIC` | ||
| - Halt execution. |
There was a problem hiding this comment.
The boot sequence describes checking for fstab at steps 7-8 (OS fstab) and 10-11 (Application fstab), but doesn't specify what happens if the fstab file itself is malformed or invalid YAML. The error handling section should include a panic condition for malformed fstab files, similar to the mount conflict and invalid chroot URL panics.
| ## 4. Panic Handler | ||
| **Conditions for kernel panic**: | ||
|
|
||
| * `init` cannot be found or read: | ||
| * Output: `KERNEL PANIC: Init not found at <resolved_path>` | ||
| * Application fstab attempts to override existing mount: | ||
| * Output: `KERNEL PANIC: Mount conflict at <mount_point>` | ||
| * Invalid chroot URL (not HTTPS or malformed): | ||
| * Output: `KERNEL PANIC: Invalid chroot URL: <url>` | ||
|
|
||
| **Action**: Halt execution. Do not proceed. |
There was a problem hiding this comment.
Missing panic condition documentation: The kernel.md panic handler section (lines 77-86) doesn't include a condition for malformed fstab files, but the boot sequence in both kernel.md and bootloader.md references loading and processing fstab files. There should be a documented panic condition for when an fstab file exists but contains invalid YAML or violates the format specification.
| ## Security Notes | ||
|
|
||
| - All URLs must be HTTPS | ||
| - Mount conflicts cause kernel panic (security by fail-fast) | ||
| - Kernel laws remain immutable regardless of chroot | ||
| - Application cannot override OS-level mounts |
There was a problem hiding this comment.
Potential ambiguity in mount conflict detection: The documentation states that "Application cannot override OS-level mounts" (line 88), but Example 3 shows OS fstab mounting "/modules/bmad/" before chroot. The kernel.md states at line 69 that mount conflicts cause panic, but it's not clear whether this applies only to exact path matches or also to overlapping paths (e.g., would mounting "/modules/" conflict with "/modules/bmad/"). The specification should clarify the exact matching rules for mount conflict detection.
| ### fstab Processing Rules | ||
| * **OS fstab**: Processed before `os_chroot()` if present at OS root. | ||
| * **Application fstab**: Processed after `os_chroot()` if present at application root. | ||
| * **No overrides**: Attempting to mount over an existing mount point causes kernel panic. |
There was a problem hiding this comment.
Related to mount conflict detection: The kernel.md fstab processing rules (lines 101-104) state "Attempting to mount over an existing mount point causes kernel panic" but don't specify what constitutes "mounting over" - is it exact path match only, or do parent/child path conflicts also trigger panics? This should be clarified to ensure consistent implementation.
| * **No overrides**: Attempting to mount over an existing mount point causes kernel panic. | |
| * **No overrides**: A mount conflict occurs when a new mount path is identical to, a parent of, or a child of an existing mount path; any such attempt MUST cause kernel panic. |
huan
left a comment
huan
left a comment
There was a problem hiding this comment.
- Init loaded from: `https://raw.githubusercontent.com/bmadcode/bmad-method/main/bundle/init.txt`
https://raw.githubusercontent.com/bmadcode/bmad-method/main/bundle/init.txt is 404 not found.
Research online, especially the BMAD method documentation and the developer community, to find the right bundle URL.
Also make a clear explanation about what you learned during your research.
You're correct - the
I'll update the examples to:
This will make the documentation immediately testable while still showing how external bundles would work once they exist. Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
- Replace bmadcode/bmad-method URLs (404) with template placeholders - Update docs to use <org>/<repo> pattern for external bundles - Add note that examples are templates to be replaced with real repositories - Clarify that feature enables ANY external GitHub-hosted agent - Update validation script with template example names - All 3 validation test cases still passing Co-authored-by: huan <1361891+huan@users.noreply.github.com>
External Bundle Boot Implementation (Updated for v0.8.1)
This PR implements VFS root switching to enable zero-installation loading of external GitHub-hosted agent bundles on top of the latest PromptWar̊e ØS architecture (v0.8.1), incorporating lessons from RFCs 0013-0018.
Changes from Original PR
pwosExec,pwosIngest,pwosResolve,pwosMemory(notos_*)os/BOOTLOADER.mdandos/kernel/KERNEL.mdpwosExecentry point<org>/<repo>placeholders for documentation clarityCore Features
1. VFS Root Switching (RFC 0019)
initparameter2. Mount Processing
mountsparameter from bootloader YAMLvfs/mounts/*memory3. Backward Compatible
initvalues work unchangedExample Usage
External Bundle Pattern (replace
<org>/<repo>with your actual repository):Traditional OS Agent:
Files
Added:
docs/bmad-boot-example.md- Usage guide with template examplesdocs/BMAD_BOOT_README.md- Quick start guidedocs/implementation-summary.md- Complete technical summaryModified:
os/bootloader.md- Document init modes and mountsos/kernel.md- Add VFS root switching and fstab formatos/validate-boot.js- Validation script with template test casesTesting
All 3 test cases passing:
Architecture Alignment
/sysmemory pathsDocumentation Notes
All examples use template patterns (
<org>/<repo>) that should be replaced with actual repository URLs. The feature is generic and works with any GitHub-hosted agent or bundle repository, not specific to any particular system. Documentation has been updated to clarify that these are conceptual examples demonstrating the VFS root switching capability.Ready for review.
Original prompt
This section details on the original issue you should resolve
<issue_title>Promptware OS × BMAD Boot (MVP POC) + Root Switching</issue_title>
<issue_description>> Status: MVP POC design draft (intentionally simple).
0. What we’re optimizing for
Core value of PromptwareOS
AGENTS.mdinit) → run application initWhat PromptwareOS should not become
PromptwareOS should become more powerful by doing less.
1. Minimal MVP POC scope
MVP POC goal
Prove: PromptwareOS can boot and then load a BMAD web bundle as
initwith zero local installation.What we do not build in MVP POC
os/modules/*system“Any format is text” policy
For MVP POC, all resources are treated as OS prompt text.
initto it, they accept that it’s usable as prompt content.2. Kernel Layer primitives (MVP)
PromptwareOS kernel already defines:
os_resolve(path)— VFS: Virtual Path → Real URLos_ingest(path)— load text into active contextos_invoke(tool_url, args)— run remote tools ephemerallyAdd one explicit primitive:
os_chroot(new_root)(boot-intended)os_chroot(new_root)/) to a new GitHub raw root./anythingresolves againstnew_root.3. Bootloader config (GitHub-first)
Bootloader inputs
Keep it minimal and deterministic:
root: official PromptwareOS root (GitHub raw)kernel: kernel path (relative toroot)init: application init (can be a relative path or a full GitHub raw URL)Example (conceptual):
Interpretation (simple and strict)
Kernel loads from
root + kernelKernel decides whether to
os_chroot()based oninit:If
initis a full GitHub raw URL pointing to a different repo/ref thanroot, then:https://raw.githubusercontent.com/<org>/<repo>/<ref>/os_chroot(Application Root)initto the remaining path within the repo (e.g./<path>/init.txt)Otherwise:
Kernel resolves
initagainst the current root and ingests itHandoff to Application Layer
This matches your intent: no extra
routefield; the application root comes frominit.4. fstab concept (kept, but simple) (kept, but simple)
What fstab is for
fstab is the user-space way to declare additional mounts in a deterministic way.
Where fstab lives
No overrides rule
Minimal fstab format (YAML)
MVP POC note: fstab is a design target, but not required for the first BMAD-bundle boot.
5. The simplest BMAD boot (Bundle-first POC)
Claim
Yes — bundle-first BMAD boot is the easiest part.
How it works
initto the BMAD bundle file URL (GitHub raw).os_chroot()into the bundle’s repo root (derived from the URL) and ingest the bundle as init.That’s it.
What PromptwareOS does not do here
The LLM user environment writes outputs to the local workspace; PromptwareOS is only the load...
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.