build(docker): lucebox-hub container image + CI release pipeline#334
Open
easel wants to merge 4 commits into
Open
build(docker): lucebox-hub container image + CI release pipeline#334easel wants to merge 4 commits into
easel wants to merge 4 commits into
Conversation
This was referenced Jun 4, 2026
easel
added a commit
to easel/lucebox-hub
that referenced
this pull request
Jun 4, 2026
Moved from PR Luce-Org#334 (docker-stack) where it was flagged as out-of-scope. luce-bench/tests/test_extract_agentic_fixture.py loads this script via path, so it belongs in the same PR as the tests.
easel
force-pushed
the
feat/docker-stack
branch
2 times, most recently
from
dcf3597 to
f3bda05
Compare
easel
added a commit
to easel/lucebox-hub
that referenced
this pull request
Jun 4, 2026
… adapters ## What New lucebox/ Python package exposing the hub CLI (autotune, sweep, profile, smoke, models, config, download, host-check, docker_run) plus the lucebox.sh launcher wrapper and install.sh. Adds the harness/ adapter package wrapping external coding agents (claude_code, codex, hermes, openclaw, opencode, pi) that autotune sweeps drive. Ships scripts/check_lucebox_wrapper_sandbox.sh and scripts/test_lucebox_sh.sh for wrapper validation, full pytest coverage under lucebox/tests/, and the bragi autotune profile-sweep protocol docs. ## Why This is the user-facing surface of lucebox-hub: one CLI to launch the image, tune layer-split / pflash settings against a host, run sweeps, and dispatch bench runs. Splitting it out keeps Python-side review independent of the C++ server and Docker stack reviews. ## Dependencies - Luce-Org#334 (docker-stack): docker_run.py launches the lucebox-hub image - Luce-Org#337 (lucebench-harness): lucebox bench delegates to luce-bench (workspace dep) - Luce-Org#336 (server-layer-split): autotune presumes layer-split build artifacts
easel
added a commit
to easel/lucebox-hub
that referenced
this pull request
Jun 4, 2026
… adapters ## What New lucebox/ Python package exposing the hub CLI (autotune, sweep, profile, smoke, models, config, download, host-check, docker_run) plus the lucebox.sh launcher wrapper and install.sh. Adds the harness/ adapter package wrapping external coding agents (claude_code, codex, hermes, openclaw, opencode, pi) that autotune sweeps drive. Ships scripts/check_lucebox_wrapper_sandbox.sh and scripts/test_lucebox_sh.sh for wrapper validation, full pytest coverage under lucebox/tests/, and the bragi autotune profile-sweep protocol docs. ## Why This is the user-facing surface of lucebox-hub: one CLI to launch the image, tune layer-split / pflash settings against a host, run sweeps, and dispatch bench runs. Splitting it out keeps Python-side review independent of the C++ server and Docker stack reviews. ## Dependencies - Luce-Org#334 (docker-stack): docker_run.py launches the lucebox-hub image - Luce-Org#337 (lucebench-harness): lucebox bench delegates to luce-bench (workspace dep) - Luce-Org#336 (server-layer-split): autotune presumes layer-split build artifacts
easel
added a commit
to easel/lucebox-hub
that referenced
this pull request
Jun 4, 2026
… adapters ## What New lucebox/ Python package exposing the hub CLI (autotune, sweep, profile, smoke, models, config, download, host-check, docker_run) plus the lucebox.sh launcher wrapper and install.sh. Adds the harness/ adapter package wrapping external coding agents (claude_code, codex, hermes, openclaw, opencode, pi) that autotune sweeps drive. Ships scripts/check_lucebox_wrapper_sandbox.sh and scripts/test_lucebox_sh.sh for wrapper validation, full pytest coverage under lucebox/tests/, and the bragi autotune profile-sweep protocol docs. ## Why This is the user-facing surface of lucebox-hub: one CLI to launch the image, tune layer-split / pflash settings against a host, run sweeps, and dispatch bench runs. Splitting it out keeps Python-side review independent of the C++ server and Docker stack reviews. ## Dependencies - Luce-Org#334 (docker-stack): docker_run.py launches the lucebox-hub image - Luce-Org#337 (lucebench-harness): lucebox bench delegates to luce-bench (workspace dep) - Luce-Org#336 (server-layer-split): autotune presumes layer-split build artifacts
## What Containerization stack for lucebox-hub. Dockerfile + docker-bake.hcl build the lucebox-hub image (build-env and runtime stages); scripts/build_image.sh drives local builds; server/scripts/entrypoint.sh emits IMAGE_INFO / HOST_INFO sidecars consumed by /props. GitHub Actions add .github/workflows/docker.yml (build & publish), update ci.yml, and add release-luce-bench.yml for tagging. Workspace-root files (pyproject.toml, uv.lock, Makefile, lefthook.yml, .gitignore, README) live here because the Dockerfile uv-syncs the workspace at build time. ## Why Provides the reproducible image and CI pipeline every other split PR deploys into. Centralizing build/publish here keeps Dockerfile, entrypoint, and workspace-root pinning in one reviewable change. ## Dependencies - Luce-Org#335 (lucebox-cli): Dockerfile COPYs lucebox/ into the image - Luce-Org#337 (lucebench-harness): Dockerfile COPYs luce-bench/ into the image
easel
added a commit
to easel/lucebox-hub
that referenced
this pull request
Jun 4, 2026
… adapters ## What New lucebox/ Python package exposing the hub CLI (autotune, sweep, profile, smoke, models, config, download, host-check, docker_run) plus the lucebox.sh launcher wrapper and install.sh. Adds the harness/ adapter package wrapping external coding agents (claude_code, codex, hermes, openclaw, opencode, pi) that autotune sweeps drive. Ships scripts/check_lucebox_wrapper_sandbox.sh and scripts/test_lucebox_sh.sh for wrapper validation, full pytest coverage under lucebox/tests/, and the bragi autotune profile-sweep protocol docs. ## Why This is the user-facing surface of lucebox-hub: one CLI to launch the image, tune layer-split / pflash settings against a host, run sweeps, and dispatch bench runs. Splitting it out keeps Python-side review independent of the C++ server and Docker stack reviews. ## Dependencies - Luce-Org#334 (docker-stack): docker_run.py launches the lucebox-hub image - Luce-Org#337 (lucebench-harness): lucebox bench delegates to luce-bench (workspace dep) - Luce-Org#336 (server-layer-split): autotune presumes layer-split build artifacts
# Conflicts: # README.md
easel
added a commit
to easel/lucebox-hub
that referenced
this pull request
Jun 4, 2026
… adapters ## What New lucebox/ Python package exposing the hub CLI (autotune, sweep, profile, smoke, models, config, download, host-check, docker_run) plus the lucebox.sh launcher wrapper and install.sh. Adds the harness/ adapter package wrapping external coding agents (claude_code, codex, hermes, openclaw, opencode, pi) that autotune sweeps drive. Ships scripts/check_lucebox_wrapper_sandbox.sh and scripts/test_lucebox_sh.sh for wrapper validation, full pytest coverage under lucebox/tests/, and the bragi autotune profile-sweep protocol docs. ## Why This is the user-facing surface of lucebox-hub: one CLI to launch the image, tune layer-split / pflash settings against a host, run sweeps, and dispatch bench runs. Splitting it out keeps Python-side review independent of the C++ server and Docker stack reviews. ## Dependencies - Luce-Org#334 (docker-stack): docker_run.py launches the lucebox-hub image - Luce-Org#337 (lucebench-harness): lucebox bench delegates to luce-bench (workspace dep) - Luce-Org#336 (server-layer-split): autotune presumes layer-split build artifacts
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
5 issues found across 13 files
Reply with feedback, questions, or to request a fix.
Re-trigger cubic
easel
added a commit
to easel/lucebox-hub
that referenced
this pull request
Jun 4, 2026
… adapters ## What New lucebox/ Python package exposing the hub CLI (autotune, sweep, profile, smoke, models, config, download, host-check, docker_run) plus the lucebox.sh launcher wrapper and install.sh. Adds the harness/ adapter package wrapping external coding agents (claude_code, codex, hermes, openclaw, opencode, pi) that autotune sweeps drive. Ships scripts/check_lucebox_wrapper_sandbox.sh and scripts/test_lucebox_sh.sh for wrapper validation, full pytest coverage under lucebox/tests/, and the bragi autotune profile-sweep protocol docs. ## Why This is the user-facing surface of lucebox-hub: one CLI to launch the image, tune layer-split / pflash settings against a host, run sweeps, and dispatch bench runs. Splitting it out keeps Python-side review independent of the C++ server and Docker stack reviews. ## Dependencies - Luce-Org#334 (docker-stack): docker_run.py launches the lucebox-hub image - Luce-Org#337 (lucebench-harness): lucebox bench delegates to luce-bench (workspace dep) - Luce-Org#336 (server-layer-split): autotune presumes layer-split build artifacts
easel
added a commit
to easel/lucebox-hub
that referenced
this pull request
Jun 5, 2026
… adapters ## What New lucebox/ Python package exposing the hub CLI (autotune, sweep, profile, smoke, models, config, download, host-check, docker_run) plus the lucebox.sh launcher wrapper and install.sh. Adds the harness/ adapter package wrapping external coding agents (claude_code, codex, hermes, openclaw, opencode, pi) that autotune sweeps drive. Ships scripts/check_lucebox_wrapper_sandbox.sh and scripts/test_lucebox_sh.sh for wrapper validation, full pytest coverage under lucebox/tests/, and the bragi autotune profile-sweep protocol docs. ## Why This is the user-facing surface of lucebox-hub: one CLI to launch the image, tune layer-split / pflash settings against a host, run sweeps, and dispatch bench runs. Splitting it out keeps Python-side review independent of the C++ server and Docker stack reviews. ## Dependencies - Luce-Org#334 (docker-stack): docker_run.py launches the lucebox-hub image - Luce-Org#337 (lucebench-harness): lucebox bench delegates to luce-bench (workspace dep) - Luce-Org#336 (server-layer-split): autotune presumes layer-split build artifacts
- Makefile clean-models: validate MODELS_DIR before rm -rf; reject /, empty, $HOME, and top-level system dirs to prevent catastrophic deletion when overriding the variable. - entrypoint.sh _emit_gpu_array: split nvidia-smi CSV on `,` (with per-field whitespace trim) rather than the literal `, ` two-char separator, so drivers that emit bare comma delimiters still parse GPU metadata correctly into /props.host. - entrypoint.sh draft auto-resolution: sort find matches lexicographi- cally before head -1 so the picked draft is deterministic across filesystems (find traversal order alone is FS-dependent). - entrypoint.sh multi-target: refuse to auto-select when multiple target GGUFs are present in models/. Die with the candidate list so the operator must pick via DFLASH_TARGET — silently picking the alphabetical first has burned us on bench runs before. - docker.yml: add `on: push: branches: [main]` and include push-on-main in the bake-action push condition so main merges actually publish the rolling `:cuda12` tag (the metadata `enable=` rule already expected it).
Contributor
There was a problem hiding this comment.
1 issue found across 3 files (changes from recent commits).
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="server/scripts/entrypoint.sh">
<violation number="1" location="server/scripts/entrypoint.sh:446">
P2: Draft autodetection can abort under `set -euo pipefail` because `sort | head -n 1` may fail with SIGPIPE when multiple matches exist.</violation>
</file>
Reply with feedback, questions, or to request a fix.
Re-trigger cubic
| # Sort matches lexicographically so the pick is deterministic across | ||
| # filesystems (find's traversal order is filesystem-dependent without | ||
| # an explicit sort). First lexicographic match wins. | ||
| DRAFT_FILE="$(find -L "$DFLASH_DRAFT" -maxdepth 4 -type f -iname "$pattern" -print 2>/dev/null | sort | head -n 1)" |
Contributor
There was a problem hiding this comment.
P2: Draft autodetection can abort under set -euo pipefail because sort | head -n 1 may fail with SIGPIPE when multiple matches exist.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At server/scripts/entrypoint.sh, line 446:
<comment>Draft autodetection can abort under `set -euo pipefail` because `sort | head -n 1` may fail with SIGPIPE when multiple matches exist.</comment>
<file context>
@@ -436,7 +440,10 @@ if [ -d "$DFLASH_DRAFT" ]; then
+ # Sort matches lexicographically so the pick is deterministic across
+ # filesystems (find's traversal order is filesystem-dependent without
+ # an explicit sort). First lexicographic match wins.
+ DRAFT_FILE="$(find -L "$DFLASH_DRAFT" -maxdepth 4 -type f -iname "$pattern" -print 2>/dev/null | sort | head -n 1)"
if [ -n "$DRAFT_FILE" ]; then
# Mark the family-specific match so the log line below can
</file context>
Suggested change
| DRAFT_FILE="$(find -L "$DFLASH_DRAFT" -maxdepth 4 -type f -iname "$pattern" -print 2>/dev/null | sort | head -n 1)" | |
| DRAFT_FILE="$(find -L "$DFLASH_DRAFT" -maxdepth 4 -type f -iname "$pattern" -print 2>/dev/null | sort | sed -n '1p')" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Containerization and CI plumbing for lucebox-hub. Adds a Dockerfile + docker-bake.hcl + scripts/build_image.sh that build the image, an entrypoint that emits IMAGE_INFO / HOST_INFO sidecars consumed by /props schema-3/4, and GitHub Actions for image build (docker.yml), CI integration, and luce-bench release tagging. Also ships workspace-root files the build needs (pyproject.toml, uv.lock, Makefile, .gitignore, README, .dockerignore).
This PR is the foundational docker stack — siblings #335 (lucebox-cli) and #337 (luce-bench) layer their Python surfaces on top. To keep CI green on this branch alone, the root
pyproject.tomlworkspace members list,DockerfileCOPY directives, andMakefiletest target intentionally excludelucebox/,luce-bench/, andharness/— those re-appear in their respective sibling diffs.Files
Dockerfile,docker-bake.hcl,scripts/build_image.sh,server/scripts/entrypoint.sh,.dockerignore.github/workflows/docker.yml,.github/workflows/release-luce-bench.yml,.github/workflows/ci.ymlpyproject.toml,uv.lock,Makefile,.gitignore,README.mdDependencies
luceboxto the workspacememberslist, re-introduces theCOPY ./lucebox /src/lucebox(and runtime stage copy) into the Dockerfile, restores thelucebox/**/*.pyruff include, and wires thelucebox/testspath back intomake test. TheluceboxCLI subcommand routing inserver/scripts/entrypoint.shis already in place; it just won't resolve until the package lands.luce-benchto workspacemembers, re-introduces theCOPY ./luce-bench /src/luce-bench(and runtime stage copy) into the Dockerfile, restores theluce-bench/testspath inmake test, and unblocks therelease-luce-bench.ymltag-push workflow (currently shipped but won't fire until theluce-bench/source tree exists).This PR builds green on its own. Once #335 and #337 land they each add their own slice of workspace members, Dockerfile COPYs, and Makefile entries.
Test plan
uv lock --check+uv sync --frozenpass (workspace member list matches on-disk dirs)uv run --frozen --extra dev ruff check .passesdocker buildx bake cuda12-local --loadproduces a workinglucebox-hub:cuda12image on this branch alonescripts/build_image.shproduces the expectedlucebox-hub:build-envand runtime images/propsschema-3/4 consumes correctly.github/workflows/docker.ymlruns cleanly in CImake testruns the full lucebox + luce-bench suite; image build re-includes the lucebox CLI and the in-containerpython -m lucebenchsmoke path