#!/usr/bin/env bash # patch-inclusion-gate.sh — block image creation unless Red Bear patches are wired. # # Verifies that: # 1. Every patch file referenced in recipe.toml exists on disk # 2. Every patch file in local/patches/ is wired into at least one recipe # # Public scripts that create harddrive images or live ISOs must call this before # invoking `make all`, `make live`, or a direct image target. set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)" cd "$PROJECT_ROOT" if [ "${REDBEAR_SKIP_PATCH_INCLUSION_GATE:-0}" = "1" ]; then echo "WARNING: REDBEAR_SKIP_PATCH_INCLUSION_GATE=1; patch inclusion gate bypassed" >&2 exit 0 fi errors=0 # Check 1: every patch referenced in recipe.toml must exist on disk while IFS= read -r recipe_toml; do recipe_dir="$(dirname "$recipe_toml")" patch_list=$(grep -oP 'patches\s*=\s*\[([^\]]*)\]' "$recipe_toml" 2>/dev/null | grep -oP '"[^"]+\.patch"' | tr -d '"' || true) for patch_name in $patch_list; do patch_path="$recipe_dir/$patch_name" if [ ! -f "$patch_path" ]; then echo "ERROR: $recipe_toml references '$patch_name' but file not found at $patch_path" >&2 errors=$((errors + 1)) fi done done < <(find recipes local/recipes -name "recipe.toml" -not -path "*/source/*" 2>/dev/null) # Check 2: every patch in local/patches/ should be wired into at least one recipe while IFS= read -r patch_file; do patch_name=$(basename "$patch_file") component=$(basename "$(dirname "$patch_file")") wired=$(grep -rl "\"$patch_name\"" recipes/ local/recipes/ --include="recipe.toml" 2>/dev/null | head -1 || true) if [ -z "$wired" ]; then echo "WARNING: local/patches/$component/$patch_name is not wired into any recipe.toml" >&2 fi done < <(find local/patches -name "*.patch" -type f 2>/dev/null) if [ "$errors" -gt 0 ]; then echo "ERROR: $errors patch reference(s) broken. Fix before building." >&2 exit 1 fi echo ">>> Patch inclusion gate passed"