build system audit: implement Phase 1-3 fixes comprehensively

Phase 1 (Critical):
- Fix broken config includes: redbear-minimal -> redbear-mini in wifi/bt experimental configs
- Fix 05_boot-essential.target dependency: 00_base -> 04_drivers for correct boot ordering
- Fix IOMMU service dependency: 00_base -> 05_boot-essential
- Fix firmware-loader dependency: 00_base -> 05_boot-essential
- Fix messagebus shell: /usr/bin/zsh -> /usr/bin/false (security)
- Add offline gate to fetch-firmware.sh (REPO_OFFLINE=1 blocks network access)
- Add --upstream gate to fetch-all-sources.sh (network access requires explicit opt-in)
- Gate U-Boot wget calls in mk/qemu.mk with REPO_OFFLINE check
- Fix patch-inclusion-gate.sh: rewrite from Python deps to pure shell implementation
- Fix build-redbear.sh: remove direct patch application, let repo fetch handle it atomically

Phase 2 (High):
- Increase redbear-full filesystem_size: 4096 -> 8192 MiB for KDE desktop
- Deprecate redbear-greeter-services.toml (orphaned, not included by any config)
- Add cascade rebuild target to Makefile (make cascade.<package>)
- Gate cargo-update.sh with REDBEAR_ALLOW_UPSTREAM
- Add deprecation notice to apply-patches.sh
- Make protected recipe list data-driven via config/protected-recipes.toml
- Replace 127-entry hardcoded Rust matches! with TOML config file reader

Phase 3 (Medium):
- Fix 5 phantom doc references in local/AGENTS.md (retired/removed docs)
- Fix stale config names: redbear-minimal -> redbear-mini across scripts
- Fix duplicate references in docs/README.md
- Fix run_full.sh and run_mini.sh: hardcoded paths -> relative paths + error handling
This commit is contained in:
2026-05-28 17:24:50 +03:00
parent 2b11b20a2f
commit a0244075e7
22 changed files with 280 additions and 234 deletions
+24 -7
View File
@@ -1,9 +1,26 @@
#!/bin/bash
#!/usr/bin/env bash
set -euo pipefail
# Ensure cargo bin (cbindgen, rustup, etc.) is in PATH
case ":${PATH}:" in
*":$HOME/.cargo/bin:"*) ;;
*) export PATH="$HOME/.cargo/bin:$PATH" ;;
esac
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
IMAGE="${1:-$PROJECT_ROOT/build/x86_64/redbear-mini/harddrive.img}"
BIOS="${OVMF_BIOS:-/usr/share/edk2/x64/OVMF_CODE.4m.fd}"
RAM="${QEMU_RAM:-8192}"
qemu-system-x86_64 -m 8G -drive if=pflash,format=raw,readonly=on,file=/usr/share/edk2/x64/OVMF_CODE.4m.fd -drive file=/home/kellito/Builds/RedBear-OS/build/x86_64/redbear-mini.iso,format=raw -device virtio-gpu-pci -enable-kvm -serial mon:stdio
if [ ! -f "$IMAGE" ]; then
echo "ERROR: Image not found at $IMAGE" >&2
echo " Run 'make all CONFIG_NAME=redbear-mini' first." >&2
exit 1
fi
if [ ! -f "$BIOS" ]; then
echo "ERROR: OVMF firmware not found at $BIOS" >&2
echo " Install edk2-ovmf or set OVMF_BIOS to the correct path." >&2
exit 1
fi
exec qemu-system-x86_64 \
-m "${RAM}" \
-drive if=pflash,format=raw,readonly=on,file="$BIOS" \
-drive file="$IMAGE",format=raw \
-serial mon:stdio