Skip to content

feat: publish a debug-only firecracker binary (gdb-enabled)#26

Open
kalyazin wants to merge 1 commit into
mainfrom
kalyazin/debug-fc-binary
Open

feat: publish a debug-only firecracker binary (gdb-enabled)#26
kalyazin wants to merge 1 commit into
mainfrom
kalyazin/debug-fc-binary

Conversation

@kalyazin

@kalyazin kalyazin commented Jun 12, 2026

Copy link
Copy Markdown

For each FC version, also build and publish a debug variant alongside the prod binary: a release (optimized) build with debug symbols kept and the upstream gdb feature enabled (--features gdb), plus its split DWARF companion. Used only for debugging guest kernels on dev nodes.

Published as firecracker-debug (+ firecracker-debug.debug) next to firecracker. Client nodes resolve the FC binary at exactly <version>/<arch>/firecracker, so the differently-named debug artifacts are never pulled by prod; the dev debugging workflow fetches them explicitly, matched to a snapshot's firecracker version.

  • build.sh: second build with --features gdb, emit firecracker-debug + repoint the debuglink to the renamed DWARF companion.
  • release.yml: build skip-check requires both prod and debug assets; publish attaches firecracker-debug-[.debug]; deploy uploads them to each env's GCS bucket at the firecracker-debug[.debug] name.
  • upload-release-to-gcs.sh: also uploads the debug artifacts to the parallel path.

@cla-bot cla-bot Bot added the cla-signed label Jun 12, 2026
@cursor

cursor Bot commented Jun 12, 2026
edited
Loading

Copy link
Copy Markdown

PR Summary

Low Risk
CI and storage path changes only; production nodes still fetch firecracker by name, so prod rollout behavior is unchanged.

Overview
Adds a second release build with the gdb feature that outputs firecracker-debug and firecracker-debug.debug, with the GNU debuglink pointed at the renamed DWARF file. The release workflow only skips per-arch builds when both firecracker-<arch> and firecracker-debug-<arch> are already on the release, uploads the debug release assets, and mirrors prod plus debug objects into GCS under separate names so prod clients still resolve only firecracker. validate.py and its tests treat missing debug assets as needing a build; upload-release-to-gcs.sh maps the new release asset names to the matching GCS paths.

Reviewed by Cursor Bugbot for commit cd25338. Bugbot is set up for automated code reviews on this repo. Configure here.

cursor[bot]
cursor Bot reviewed Jun 12, 2026
View reviewed changes
Comment thread .github/workflows/release.yml
@kalyazin kalyazin force-pushed the kalyazin/debug-fc-binary branch from 75f6b58 to e080826 Compare June 12, 2026 17:46
cursor[bot]
cursor Bot reviewed Jun 12, 2026
View reviewed changes

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit e080826. Configure here.

Comment thread build.sh
@kalyazin @claude
feat: publish a debug-only firecracker binary (gdb-enabled)
cd25338 
For each FC version, also build and publish a debug variant alongside the prod
binary: a release (optimized) build with debug symbols kept and the upstream gdb
feature enabled (`--features gdb`), plus its split DWARF companion. Used only for
debugging guest kernels on dev nodes.

Published as `firecracker-debug` (+ `firecracker-debug.debug`) next to
`firecracker`. Client nodes resolve the FC binary at exactly
`<version>/<arch>/firecracker`, so the differently-named debug artifacts are never
pulled by prod; the dev debugging workflow fetches them explicitly, matched to a
snapshot's firecracker version.

- build.sh: second build with `--features gdb`, emit firecracker-debug + repoint
  the debuglink to the renamed DWARF companion.
- release.yml: build skip-check requires both prod and debug assets; publish
  attaches firecracker-debug-<arch>[.debug]; deploy uploads them to each env's
  GCS bucket at the firecracker-debug[.debug] name.
- validate.py: the has_new_artifacts gate (which decides whether publish
  downloads and uploads the freshly built artifacts) now requires both the
  prod and the debug binary, so a release that already has the prod binary
  but not the debug one still gets published.
- upload-release-to-gcs.sh: also uploads the debug artifacts to the parallel path.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: Nikita Kalyazin <nikita.kalyazin@e2b.dev>
@kalyazin kalyazin force-pushed the kalyazin/debug-fc-binary branch from e080826 to cd25338 Compare June 12, 2026 20:33
@kalyazin kalyazin marked this pull request as ready for review June 15, 2026 14:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

cla-signed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kalyazin