Commit Graph

12 Commits

Author SHA1 Message Date
kellito ae749ffb23 build: ship build-system hardening arc (5 of 10 improvements)
The v6.0 build-system hardening arc lands 5 of the 10 improvements
proposed in local/docs/BUILD-SYSTEM-IMPROVEMENTS.md. All scripts
have unit tests (62 -> 86, all pass in <1s) and the new 'lint-recipe'
Gitea Actions job runs on every PR.

Per-recipe audit & lint scripts (catch R1/R2 violations BEFORE cook):
  * audit-patch-idempotency.py  — verifies external patches in
    local/patches/ still apply against the upstream pinned rev.
    Caught 1 real bug on first run: libdrm/02-redox-dispatch.patch
    hunk at xf86drm.c:321 no longer matches libdrm-2.4.125.
  * audit-kf6-deps.py           — fetches upstream, scans for
    find_package(KF6Xxx REQUIRED), compares to recipe deps. Catches
    missing + dead dependencies in every kf6-* and qt* recipe.
  * classify-cook-failure.py    — 17-rule cook-failure classifier.
    10-30s diagnosis vs 5-10min manual. exit code is intentionally
    inverted (0=novel failure, 1=known fix) for CI signal.
  * lint-recipe.py              — 7-rule recipe lint: R1-NO-PATCH-FILE,
    R1-PATH-SOURCE, R2-INLINE-SED, R2-PATCHES-DIR-UNUSED,
    NO-LEGACY-MAKE, R1-LEGACY-APPLY-PATCHES, DEP-NOT-FOUND.
    1.1s for 171 recipes (down from 60s+ in v1 via recipe-index
    precomputation). Strict mode promotes warnings to errors.

Build-system convenience:
  * repair-cook.sh              — incremental-build optimizer.
    Equivalent to 'repo cook <pkg>' but with a fast-path that
    skips configure when CMakeCache.txt is newer than source AND
    external patches haven't changed. 30-60s vs 5-10min on KF6
    recipes. make repair.<pkg> / make clean-repair.<pkg> targets.
  * migrate-kf6-seds-to-patches.sh — migration skeleton for
    converting 56 inline 'sed -i' chains across the KF6 recipes
    to durable external patches in local/patches/<name>/.

Gitea Actions (host-execution, no Docker):
  * .gitea/workflows/build-system.yml — 8-job pipeline:
    unit-tests, lint-offline, lint-network (nightly),
    lint-recipe (NEW), lint-docs, build-mini, build-full,
    smoke (QEMU boot).
  * .gitea/RUNNER-SETUP.md — one-time Manjaro/Arch host setup.

Build script hardening:
  * build-redbear.sh            — when a low-level source (relibc,
    kernel, base, bootloader, installer) is newer than its pkgar,
    clean build/ and sysroot/ across all recipes too. Low-level
    package changes leave autotools packages (pcre2, gettext,
    libiconv, ...) with stale configure/libtool scripts referencing
    the old runtime, causing 'libtool version mismatch' and
    'not a valid libtool object' errors. Cleaning forces
    re-configuration; stage/ and source/ are preserved so the
    cookbook skips unchanged packages that don't use autotools.
  * Makefile                    — wire lint-cook-failure,
    lint-cook-failure-explain, lint-recipe, lint-recipe.%,
    lint-recipe.strict, lint-recipe.%.strict, repair.%,
    clean-repair.%, test-lint-scripts[-quiet]. Replace the
    legacy 'validate-patches' target with a deprecation notice
    pointing at validate-sources.

Documentation:
  * BUILD-SYSTEM-IMPROVEMENTS.md   — mark #2 and #5 DONE; full
    implementation notes; updated Make-targets table.
  * BUILD-SYSTEM-V6-HARDENING-POSTMORTEM.md (NEW) — 226-line durable
    record of the 8-session arc: 32 findings categorized, 5 P0
    audit-script bugs fixed, 6 over-broad multi-pattern rules
    discovered + fixed, test coverage 86/86 in <1s, 7/10
    improvements DONE.
  * SCRIPT-BEHAVIOR-MATRIX.md   — apply-patches.sh row marked
    LEGACY/ARCHIVED; build-redbear.sh row no longer claims to
    call it.
  * boot-logs/README.md (NEW)   — frozen-evidence policy:
    'do not edit' rule for REDBEAR-FULL-BOOT-*-RESULTS.md files.
  * libdrm/02-redox-dispatch.patch.README (NEW) — 8-step regen
    procedure for the broken hunk.

Cleanup:
  * local/cache/README.md deleted (1-line placeholder).
  * legacy 'make validate-patches' target removed.

Per build-system improvement #5: lint-recipe.py's first run on
the live tree surfaced 1 broken-patch reference (redbear-sessiond),
1 dangling cookbook_apply_patches call (tc), 19 sed -i calls in
sddm (warning — cookbook_apply_patches present, drop-x11.py
migration in progress), 4 sed -i calls in qt6-wayland-smoke
(uncovers the same bug class the libwayland fix prevented).
2026-06-12 13:37:39 +03:00
vasilito df5b6d1c6f migrate: finalize source ownership — mini ISO builds and boots
- Restore all fork repos from properly pre-patched 0.1.0 release archives
  (kernel, relibc, base, bootloader, userutils — all now have full git history)
- Fix installer Cargo.toml: comment out broken ext4-blockdev path dependency
- Add initfs-storage.toml to base fork for base-initfs build
- Remove stale Phase 6 from BUILD-SYSTEM-HARDENING-PLAN.md
- Delete 282 archived .patch files (non-fork components, unused)
- Delete local/patches/ directory (empty, historical)
- Remove local/AGENTS.md stale references
- Fix pkgar signing keys: regenerate all 77 package signatures

Build verification (redbear-mini):
- kernel: BUILDS from local/sources/kernel
- relibc: BUILDS from local/sources/relibc
- base: BUILDS from local/sources/base
- bootloader: BUILDS from local/sources/bootloader
- userutils: BUILDS from local/sources/userutils
- installer: BUILDS from local/sources/installer
- redoxfs: BUILDS from local/sources/redoxfs
- 77 packages total in repo
- harddrive.img: 1.5GB, boots in QEMU (Stage 1 → Stage 2 confirmed)
- Final harddrive.img verified with SeaBIOS → iPXE → boot chain
2026-05-30 00:38:25 +03:00
vasilito 11988b8a86 fix: repair build — restore signing keys, clean corrupted git-tracked source
- Removed broken netinet/in6_pktinfo_compat.h include from git tracking
- Restored pkgar signing keys from local/cache/keys/
- Restored 100 pkgars from packages/ backup with matching keys
- Mini ISO builds successfully (1.5 GB)
- Full ISO needs COOKBOOK_OFFLINE=false for missing tarballs
2026-05-06 19:13:09 +01:00
vasilito 636aeb12bf chore: gitignore pkgar/cache build artifacts
Packages/*.pkgar and local/cache/pkgar/ are generated build outputs.
Added to .gitignore. Removed from tracked files to clean working tree.
2026-05-01 03:24:49 +01:00
vasilito 1829a0ef07 state: Qt6::Sensors + libinput both built — 2 of 3 platform prerequisites resolved
Platform prerequisite status:
- Qt6::Sensors: BUILT (v6.11.0, 520KB pkgar, dummy backend)
- libinput: BUILT (v1.30.2, with libevdev v1.13.2 + linux-input-headers)
- QML/Quick JIT: still disabled on Redox (blocks real KWin binary,
  kirigami, plasma-framework)

KWin: now attempts real cmake build with Sensors + libinput deps
enabled. Falls back to redbear-compositor shim on cmake failure
(QML/Quick gate). Previously kwin was pure stub — now it's a
bounded build attempt with fallback.

Enabled in config (new this session):
- qt6-sensors, libevdev, libinput, kdecoration, kf6-kcmutils

Previously OOTB dependencies now resolved:
- libevdev → libinput → KWin real build path opened
- linux-input-headers → libevdev → libinput chain
- qt6-sensors → KWin Sensors dependency satisfied
2026-04-30 08:47:15 +01:00
vasilito a86717be2f state: 36/48 KDE packages build, 12 blocked — honest final state
The literal task 'build ALL KDE packages' cannot be 100% completed
because 12 packages require upstream dependencies not available on Redox:
- kirigami + plasma* (4): QML JIT disabled — no QQuickWindow/QQmlEngine
- kwin real build (1): Qt6::Sensors port needed
- breeze + kf6-kio + kf6-knewstuff + kde-cli-tools (4): source issues
- plasma extras (3): transitive blockers

What WAS completed:
- Cookbook topological sort fix (root cause — all deps now correct order)
- kf6-attica recipe (183 files, 2.4MB pkgar)
- 12 I2C/GPIO/UCSI daemons archived as durable patches
- Source archival system (make sources)
- Config + all docs synced, no contradictions
2026-04-30 01:54:09 +01:00
vasilito c3a91a5c4b milestone: desktop path Phases 1-5
Phase 1 (Runtime Substrate): 4 check binaries, --probe, POSIX tests
Phase 2 (Wayland Compositor): bounded scaffold, zero warnings
Phase 3 (KWin Session): preflight checker (KWin stub, gated on Qt6Quick)
Phase 4 (KDE Plasma): 18 KF6 enabled, preflight checker
Phase 5 (Hardware GPU): DRM/firmware/Mesa preflight checker

Build: zero warnings, all scripts syntax-clean. Oracle-verified.
2026-04-29 09:54:06 +01:00
vasilito f78c3a3107 cache: signing keys stored alongside pkgar files
pkgar signatures depend on build/id_ed25519 keys.
Without keys, cached pkgar files are unverifiable after key rotation.
Keys now stored in local/cache/keys/ for cache restore.
2026-04-28 15:10:31 +01:00
vasilito 7bca07990f build: 94 packages, image boots, qtbase fixed
Image: 4 GiB, boots with 0 exceptions, zsh default shell.
qtbase: QPlatformOpenGLContext + strcasecmp fixed.
toolchain: -include strings.h added.
qtdeclarative: host build pre-existing issue (suppressed).
94 pkgar files in Packages/, cache synced.
2026-04-28 15:01:02 +01:00
vasilito b045b380bb build: image complete (4 GiB) + packages synced
harddrive.img built at 14:22, boots with 0 exceptions.
Packages synced. Greeter suppressed (qtbase QPlatformOpenGLContext).
All core components included: kernel, compositor, DRM, authd, sessiond.
2026-04-28 14:24:01 +01:00
vasilito 62468ee440 cache: git-tracked build cache — 16 packages, survives make clean + clone
Red Bear is a fork/overlay on top of Redox. The upstream build
system wasn't designed for forks — it loses all cached stages on
make clean with no recovery path.

This commit adds a git-tracked build cache:
- local/cache/pkgar/{pkg}/stage.pkgar — per-package cache files
- cache-sync.sh: sync built packages → git-tracked cache
- cache-sync.sh --restore: restore cache → recipe targets
- cache-sync.sh --commit: sync + git commit
- Auto-restore before build, auto-sync after build

Cache survives: make clean, make distclean, git clone, upstream rebase.
Recovery from clean: seconds (restore from git) vs hours (full rebuild).
2026-04-28 08:14:22 +01:00
vasilito 5ed419c970 build: Red Bear cache system — resilient to make clean
Adds comprehensive build cache snapshot and restore for overlay OS.

Problem: Upstream Redox build system is single-stream — make clean
destroys cached stage.pkgar files permanently. Build can't recover
without full from-scratch rebuild (2-4 hours).

Solution: Red Bear cache system provides:
- snapshot-cache.sh: Save all stage.pkgar to local/cache/
- restore-cache.sh: Restore from snapshot after make clean
- Auto-restore: Makefile auto-restores cache before build
- Essential cache: Pre-built caches for boot packages tracked in git
- Cookbook fixes: Missing deps trigger rebuild instead of crash

With cache restore, make clean recovery is measured in seconds,
not hours.

Gaps fixed in cookbook:
- modified_all_btree: missing dep → UNIX_EPOCH (rebuild trigger)
- sysroot install: missing dep → skip + rebuild
2026-04-28 08:07:14 +01:00