Foundry Reference | IngressLabs

Runtime Map

Control boundary

Command ingress

Public commands, HTTP clients, and MCP tools normalize requests before durable fleet mutation.

Protocol: CLI, JSON-RPC, HTTP
State: Request scope only

Coordinator boundary

Runs, work rows, leases, host health, endpoint rows, and event ingest cross the coordinator.

Protocol: /v1/runs, /v1/work/*, /v1/leases/*
State: Control store truth

Lease execution

Workers poll assigned work, renew lease tokens, execute host-local runtime adapters, and complete rows.

Protocol: poll, renew, complete
State: Assignment + lease token

Artifact residency

Registry refs resolve to immutable digests; hosts report verified cache residency before placement.

Protocol: resolve, prewarm, verify
State: Digest + manifest metadata

Event projection

Worker events are accepted after run, work, host, redaction, sequence, and lease validation.

Protocol: ingest, replay, tail
State: Cursor + outbox rows

Foundry lineage

Agent assets, child runs, population state, promotion records, and lineage inspection stay reviewable.

Protocol: plan, run, fork, promote
State: Lineage + child run IDs

HTTP

Coordinator API

MethodRouteBehavior

GET/v1/health

Coordinator health.

GET/v1/fleet/status

Aggregate fleet counts from the selected store.

POST/v1/hosts/register

Upsert host identity, labels, capabilities, health, capacity, free resources, and placement ceilings.

POST/v1/hosts/heartbeat

Refresh host heartbeat while preserving existing metadata unless supplied.

POST/v1/hosts/residency

Accept verified host artifact/cache residency rows.

POST/v1/artifacts/resolve

Resolve registry refs to immutable verified digests.

POST/v1/artifacts/prewarm

Record verified artifact residency and optionally commit run artifact manifests.

POST/v1/artifacts/residency/verify

Return present and missing verified digests for a host.

POST/v1/artifacts/manifests

Commit artifact manifest metadata without storing bytes in control state.

POST/v1/runs

Create a run and optional initial work rows; wave admission may deny before rows are created.

GET/v1/runs/{runId}

Read the run-scoped store snapshot.

POST/v1/work/poll

Lease next matching pending work item for a host or return no work.

POST/v1/leases/renew

Renew an active lease by current lease token.

POST/v1/work/complete

Complete work by current lease token; stale tokens are rejected.

POST/v1/events/ingest

Accept worker event ingest after run, work, host, event sequence, redaction, and lease validation.

PUT/v1/vms/{vm_id}/endpoint

Register a VM endpoint for forwarding and exposure metadata.

DELETE/v1/vms/{vm_id}/endpoint

Remove endpoint metadata during cleanup or reconciliation.

CONNECT/v1/vms/{vm_id}/ports/{port}

Forward a run-owned VM port through the coordinator boundary.

MCP

stdio JSON-RPC 2.0

initializenotifications/initializedpingtools/listtools/callstructuredContent

Health

doctor mcp_capability_audit

Command substrate

fck_command_plan fck_command_run fck_operation_start fck_operation_inspect fck_operation_logs fck_operation_cancel

Discovery

targets_list kernels_list kernel_inspect kernel_diff

Agent workflow

agent_plan agent_test run_agent_workflow eval_plan eval_run

Runs

runs_list runs_inspect inspect_result runs_logs runs_artifacts proof_graph proof_capsule_inspect fetch_artifact rerun_failed

Cache / registry / object

cache_list cache_inspect cache_export cache_import cache_prune registry_list registry_manifest_inspect registry_verify registry_tag registry_gc cache_explain object_manifest_inspect object_artifact_fetch object_cache_explain object_store_policy_explain

Install / workflow / backup

install_plan install_status install_apply install_rollback install_teardown workflow_inspect operation_inspect backup_inspect

Network / kernel

network_proof_inspect network_recommendations network_policy_explain network_counters network_cleanup_proof kernel_evidence_explain kernel_network_matrix_diff

Guard

guard_plan guard_run guard_inspect guard_findings guard_policy_explain guard_verify_bundle guard_fetch_artifact

Scenarios

scenarios_list scenario_inspect scenario_recommendations

Agent Compose

agent_compose_config agent_compose_up agent_compose_task agent_compose_ps agent_compose_logs agent_compose_gates agent_compose_down

Agent Foundry

agent_registry_search agent_registry_resolve agent_registry_inspect agent_registry_verify agent_registry_prewarm agent_registry_pack agent_foundry_plan agent_foundry_run agent_fork agent_lineage agent_population_status agent_child_inspect agent_child_cull agent_promote agent_tournament agent_foundry_proof

Session handoff

checkpoint_create checkpoint_list checkpoint_inspect session_grant session_grants session_inspect session_attach session_fork session_revoke memory_dump

Events / fleet / cloud

events_replay events_tail nats_status fleet_status fleet_hosts fleet_host_inspect fleet_work fleet_placements fleet_cache_residency host_drain host_undrain cloud_project_list cloud_project_inspect cloud_quota_explain cloud_rbac_explain cloud_admission_check cloud_token_status cloud_token_revoke

Windows desktop

desktop_screenshot desktop_ui_tree desktop_find desktop_click desktop_type desktop_hotkey desktop_wait_for_text desktop_launch_app desktop_run_powershell

Args

Required MCP inputs

ToolsRequired

fck_command_plan / fck_command_run / fck_operation_start

argv

fck_operation_inspect / fck_operation_logs / fck_operation_cancel

operationId

agent_plan / agent_test / run_agent_workflow / eval_plan / eval_run

workflow

runs_inspect / runs_logs / runs_artifacts / proof_graph / proof_capsule_inspect / network_* / events_*

runId

fetch_artifact / guard_fetch_artifact

runId path

cache_inspect / registry_manifest_inspect / registry_verify

ref

cache_export

destination plus ref or target; allowMutation: true

cache_import / registry_tag / registry_gc / cache_prune

write-capable inputs plus allowMutation: true; prune and GC require dryRun or force

agent_registry_resolve / inspect / verify

ref

agent_registry_prewarm

ref host allowMutation: true

agent_registry_pack

file allowMutation: true

agent_foundry_plan / agent_tournament

file

agent_foundry_run

file allowMutation: true

agent_fork

parentRunId agentRef allowMutation: true

agent_lineage / agent_child_inspect / agent_child_cull / agent_promote / agent_foundry_proof

lineageId, childRunId, runId, targetRef, or reason as operation requires; write tools require allowMutation: true

install_plan / install_status / install_apply / install_rollback / install_teardown

file; mutating lifecycle tools require allowMutation: true

object_manifest_inspect / object_artifact_fetch

storeDir manifestId; fetch also requires name

checkpoint_* / session_* / memory_dump

runId, checkpoint, grantId, name, from, to, or reason

cloud_* / host_drain / host_undrain

projectId, tokenId, action, or host; mutating tools require allowMutation: true

desktop_*

host session plus text, x/y, keys, app, or script for specific actions

Schemas

48 contracts

TemporalWorkflowEvidenceOperationResultRunRecordRunInspectionRunLogFileProofSummaryLogRecord / LogBundleObjectManifestObjectGeeseFSMountRecordObjectRestoreDrillResultEvidenceIndexScenarioSummaryAgentComposeTaskEvidenceAgentComposeTrustSummaryMCPToolResultFlowSummaryNetworkInspectionNetworkProofSummaryPortForwardSessionExposureRouteGuardDecision / GuardFindingGuardBundleFailureSummaryFailureCapsuleCleanupEvidenceRunCleanupEvidenceKernelCatalogEntry / KernelDiffCacheEntryRegistryCacheTransferEvidenceWorkspaceCacheEvidenceWorkflowCacheEvidenceTimingEvidencePermissionSummaryAgentCatalogEvaluationSummarySnapshotManifestCheckpointManifestSessionGrantMemoryDumpRemoteEvidenceSyncCacheExplanationImageManifestFleetWorkAssignmentFleetPlacementCloudProjectServiceAccountProjectQuotaAdmissionDecision

Events

JSONL stream

exec.started / exec.finished

Command execution through fck exec or fck shell with target, exit, duration, and evidence logs.

fleet.host.*

Registration, heartbeat, drain, and offline transitions.

fleet.placement.* / fleet.cache.* / fleet.cleanup.*

Placement, cache residency, artifact manifests, IPAM rows, capacity pressure, cleanup leak accounting, and wave admission.

vm_endpoint.* / vm.process.exited

Endpoint registration, state updates, abnormal runtime exits, endpoint removal, and cleanup verification.

service.exposure.*

Native and Envoy route creation, readiness, access summaries, removal, and policy failures.

session.grant.* / session.attach.* / session.fork.*

Session grants, visibility denials, leases, attach operations, restored forks, and revocation decisions.

remote.evidence.synced

Remote one-off, Guard, Service Compose, or Agent Compose evidence copied into local .fck/runs.

registry.cache.push / registry.cache.pull

Cache transfer proofs for registry mirror workflows and cacheable handoff channels.

policy.* / secret.leak.detected

Execution limits, evaluation policy, and redacted secret-leak evidence.

evaluation.* / security.* / tool.* / logic.* / performance.*

Evaluation plans, assertions, findings, canary sinks, tool policy violations, degraded collectors, and performance gates.

FCK API and MCP surface.