fix(ci): add in-rootfs agent verification and build logging

The agent binary verified after cargo build has vsock support, but the
same binary inside the built rootfs does not. Add verification steps
to catch this: log source/dest sizes during rootfs build, and mount
the rootfs after build to verify the agent inside has vsock strings.

Author: richiemcilroy

.github/workflows/build-images.yml

@@ -71,6 +71,22 @@ jobs:
           sudo make toolchain \
             TOOLCHAIN=${{ github.event.inputs.toolchain }}
 
+      - name: Verify agent inside rootfs has vsock
+        run: |
+          ROOTFS="images/output/ubuntu-22.04/${{ github.event.inputs.toolchain || 'base' }}/rootfs.ext4"
+          MNT=$(mktemp -d)
+          sudo mount -o loop,ro "$ROOTFS" "$MNT"
+          AGENT="$MNT/usr/local/bin/sandchest-guest-agent"
+          echo "Agent binary inside rootfs:"
+          ls -la "$AGENT"
+          VSOCK_COUNT=$(strings "$AGENT" | grep -c vsock || true)
+          echo "vsock string count: $VSOCK_COUNT"
+          sudo umount "$MNT" && rmdir "$MNT"
+          if [ "$VSOCK_COUNT" -lt 10 ]; then
+            echo "ERROR: agent binary inside rootfs is missing vsock support ($VSOCK_COUNT strings)"
+            exit 1
+          fi
+
       - name: Validate image
         working-directory: images
         run: ./scripts/validate-image.sh --output output/ubuntu-22.04/${{ github.event.inputs.toolchain || 'base' }}

images/scripts/build-rootfs.sh

@@ -159,8 +159,11 @@ if [[ -n "$AGENT_BIN" ]]; then
         exit 1
     fi
     echo ">>> Installing guest agent..."
+    echo "    Source: $(ls -la "$AGENT_BIN")"
     cp "$AGENT_BIN" "${MOUNT_POINT}/usr/local/bin/sandchest-guest-agent"
     chmod +x "${MOUNT_POINT}/usr/local/bin/sandchest-guest-agent"
+    echo "    Installed: $(ls -la "${MOUNT_POINT}/usr/local/bin/sandchest-guest-agent")"
+    echo "    vsock strings: $(strings "${MOUNT_POINT}/usr/local/bin/sandchest-guest-agent" | grep -c vsock || echo 0)"
 else
     echo ">>> Skipping guest agent (no --agent-bin provided)"
     echo "    Install manually: cp agent /usr/local/bin/sandchest-guest-agent"