Volt CLI: source-available under AGPSL v5.0

Complete infrastructure platform CLI:
- Container runtime (systemd-nspawn)
- VoltVisor VMs (Neutron Stardust / QEMU)
- Stellarium CAS (content-addressed storage)
- ORAS Registry
- GitOps integration
- Landlock LSM security
- Compose orchestration
- Mesh networking

Copyright (c) Armored Gates LLC. All rights reserved.
Licensed under AGPSL v5.0

tests/hybrid/test-manifests/full-hybrid.toml

@@ -0,0 +1,65 @@
+# full-hybrid.toml — Hybrid-native workload with all options for Volt
+#
+# Exercises every configurable isolation knob:
+#   - Custom kernel profile
+#   - Strict seccomp
+#   - Landlock LSM (no AppArmor, ever)
+#   - Full cgroups v2 resource limits
+#   - CPU pinning
+#   - I/O weight control
+#   - Network port forwarding
+#   - Read-only rootfs layer
+#   - Private user namespace
+
+[workload]
+name = "test-hybrid-full"
+type = "hybrid"
+image = "ubuntu:24.04"
+
+[resources]
+memory = "2G"
+memory_soft = "1G"
+cpu_weight = 200
+cpu_set = "0-1"
+io_weight = 150
+pids_max = 8192
+
+[network]
+mode = "private"
+bridge = "voltbr0"
+dns = ["1.1.1.1", "1.0.0.1"]
+
+[[network.port_forward]]
+host_port = 8080
+container_port = 80
+protocol = "tcp"
+
+[[network.port_forward]]
+host_port = 8443
+container_port = 443
+protocol = "tcp"
+
+[kernel]
+profile = "server"
+# custom_path = "/var/lib/volt/kernels/vmlinuz-custom"
+
+[security]
+seccomp = "strict"
+landlock = "server"
+private_users = true
+read_only_rootfs = false
+
+[environment]
+VOLT_ENV = "test"
+APP_MODE = "production"
+LOG_LEVEL = "info"
+
+[[volumes]]
+host_path = "/tmp/volt-test-data"
+container_path = "/data"
+read_only = false
+
+[[volumes]]
+host_path = "/etc/ssl/certs"
+container_path = "/etc/ssl/certs"
+read_only = true