a0244075e7
Phase 1 (Critical): - Fix broken config includes: redbear-minimal -> redbear-mini in wifi/bt experimental configs - Fix 05_boot-essential.target dependency: 00_base -> 04_drivers for correct boot ordering - Fix IOMMU service dependency: 00_base -> 05_boot-essential - Fix firmware-loader dependency: 00_base -> 05_boot-essential - Fix messagebus shell: /usr/bin/zsh -> /usr/bin/false (security) - Add offline gate to fetch-firmware.sh (REPO_OFFLINE=1 blocks network access) - Add --upstream gate to fetch-all-sources.sh (network access requires explicit opt-in) - Gate U-Boot wget calls in mk/qemu.mk with REPO_OFFLINE check - Fix patch-inclusion-gate.sh: rewrite from Python deps to pure shell implementation - Fix build-redbear.sh: remove direct patch application, let repo fetch handle it atomically Phase 2 (High): - Increase redbear-full filesystem_size: 4096 -> 8192 MiB for KDE desktop - Deprecate redbear-greeter-services.toml (orphaned, not included by any config) - Add cascade rebuild target to Makefile (make cascade.<package>) - Gate cargo-update.sh with REDBEAR_ALLOW_UPSTREAM - Add deprecation notice to apply-patches.sh - Make protected recipe list data-driven via config/protected-recipes.toml - Replace 127-entry hardcoded Rust matches! with TOML config file reader Phase 3 (Medium): - Fix 5 phantom doc references in local/AGENTS.md (retired/removed docs) - Fix stale config names: redbear-minimal -> redbear-mini across scripts - Fix duplicate references in docs/README.md - Fix run_full.sh and run_mini.sh: hardcoded paths -> relative paths + error handling
56 lines
2.0 KiB
Bash
Executable File
56 lines
2.0 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# patch-inclusion-gate.sh — block image creation unless Red Bear patches are wired.
|
|
#
|
|
# Verifies that:
|
|
# 1. Every patch file referenced in recipe.toml exists on disk
|
|
# 2. Every patch file in local/patches/ is wired into at least one recipe
|
|
#
|
|
# Public scripts that create harddrive images or live ISOs must call this before
|
|
# invoking `make all`, `make live`, or a direct image target.
|
|
|
|
set -euo pipefail
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
|
|
|
|
cd "$PROJECT_ROOT"
|
|
|
|
if [ "${REDBEAR_SKIP_PATCH_INCLUSION_GATE:-0}" = "1" ]; then
|
|
echo "WARNING: REDBEAR_SKIP_PATCH_INCLUSION_GATE=1; patch inclusion gate bypassed" >&2
|
|
exit 0
|
|
fi
|
|
|
|
errors=0
|
|
|
|
# Check 1: every patch referenced in recipe.toml must exist on disk
|
|
while IFS= read -r recipe_toml; do
|
|
recipe_dir="$(dirname "$recipe_toml")"
|
|
patch_list=$(grep -oP 'patches\s*=\s*\[([^\]]*)\]' "$recipe_toml" 2>/dev/null | grep -oP '"[^"]+\.patch"' | tr -d '"' || true)
|
|
|
|
for patch_name in $patch_list; do
|
|
patch_path="$recipe_dir/$patch_name"
|
|
if [ ! -f "$patch_path" ]; then
|
|
echo "ERROR: $recipe_toml references '$patch_name' but file not found at $patch_path" >&2
|
|
errors=$((errors + 1))
|
|
fi
|
|
done
|
|
done < <(find recipes local/recipes -name "recipe.toml" -not -path "*/source/*" 2>/dev/null)
|
|
|
|
# Check 2: every patch in local/patches/ should be wired into at least one recipe
|
|
while IFS= read -r patch_file; do
|
|
patch_name=$(basename "$patch_file")
|
|
component=$(basename "$(dirname "$patch_file")")
|
|
|
|
wired=$(grep -rl "\"$patch_name\"" recipes/ local/recipes/ --include="recipe.toml" 2>/dev/null | head -1 || true)
|
|
if [ -z "$wired" ]; then
|
|
echo "WARNING: local/patches/$component/$patch_name is not wired into any recipe.toml" >&2
|
|
fi
|
|
done < <(find local/patches -name "*.patch" -type f 2>/dev/null)
|
|
|
|
if [ "$errors" -gt 0 ]; then
|
|
echo "ERROR: $errors patch reference(s) broken. Fix before building." >&2
|
|
exit 1
|
|
fi
|
|
|
|
echo ">>> Patch inclusion gate passed"
|