clawdie/clawdie-iso
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' into prepare-0.11.0-publish-docs

Browse source
This commit is contained in:
clawdie 2026-06-22 07:28:18 +02:00
commit ff36ef1800
6 changed files with 24 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
build.cfg
View file

@ -113,7 +113,7 @@ COLIBRI_COST_MODE="${COLIBRI_COST_MODE:-smart}"
# COLIBRI_STAGE_AGENT=NO stages the daemon without the agent (debug builds). # COLIBRI_STAGE_AGENT=NO stages the daemon without the agent (debug builds).
# Pin a tag for reproducible images; the agent has no FreeBSD release, so the # Pin a tag for reproducible images; the agent has no FreeBSD release, so the
# build host compiles it: (cd $ZOT_REPO && git checkout $ZOT_VERSION && # build host compiles it: (cd $ZOT_REPO && git checkout $ZOT_VERSION &&
# ZOT_BUILD_VERSION="${ZOT_VERSION:-v0.2.29}" && VERSION="${ZOT_BUILD_VERSION#v}" make build) # ZOT_BUILD_VERSION="${ZOT_VERSION:-v0.2.42}" && VERSION="${ZOT_BUILD_VERSION#v}" make build)
COLIBRI_STAGE_AGENT="${COLIBRI_STAGE_AGENT:-YES}" COLIBRI_STAGE_AGENT="${COLIBRI_STAGE_AGENT:-YES}"
# Development-only local fake-agent binary. Auto mode includes it for dev # Development-only local fake-agent binary. Auto mode includes it for dev
# builds and omits it from release/prod images; override with YES/NO for # builds and omits it from release/prod images; override with YES/NO for
@ -125,7 +125,7 @@ if [ "${COLIBRI_STAGE_TEST_AGENT}" = "auto" ]; then
*) COLIBRI_STAGE_TEST_AGENT="YES" ;; *) COLIBRI_STAGE_TEST_AGENT="YES" ;;
esac esac
fi fi
ZOT_VERSION="${ZOT_VERSION:-v0.2.29}" ZOT_VERSION="${ZOT_VERSION:-v0.2.42}"
ZOT_REPO="${ZOT_REPO:-/home/clawdie/ai/zot}" ZOT_REPO="${ZOT_REPO:-/home/clawdie/ai/zot}"
ZOT_ARTIFACT_DIR="${ZOT_ARTIFACT_DIR:-}" ZOT_ARTIFACT_DIR="${ZOT_ARTIFACT_DIR:-}"
# Optional: bake the operator's DeepSeek key into the agent's auth.json (0600). # Optional: bake the operator's DeepSeek key into the agent's auth.json (0600).

4
build.sh
View file

@ -378,8 +378,8 @@ preflight_zot_artifacts() {
command -v go >/dev/null 2>&1 || \ command -v go >/dev/null 2>&1 || \
echo " NOTE: go toolchain not found on this host — install it: pkg install go" echo " NOTE: go toolchain not found on this host — install it: pkg install go"
echo " The agent has no FreeBSD release — build it first:" echo " The agent has no FreeBSD release — build it first:"
echo " (cd ${_resolved_zot_repo} && git checkout ${ZOT_VERSION:-v0.2.29} && \\" echo " (cd ${_resolved_zot_repo} && git checkout ${ZOT_VERSION:-v0.2.42} && \\"
echo " ZOT_BUILD_VERSION=\"\${ZOT_VERSION:-v0.2.29}\" && VERSION=\"\${ZOT_BUILD_VERSION#v}\" make build)" echo " ZOT_BUILD_VERSION=\"\${ZOT_VERSION:-v0.2.42}\" && VERSION=\"\${ZOT_BUILD_VERSION#v}\" make build)"
echo " Or set COLIBRI_STAGE_AGENT=NO to skip agent staging." echo " Or set COLIBRI_STAGE_AGENT=NO to skip agent staging."
exit 1 exit 1
fi fi

4
docs/LIVE-COLIBRI-REBUILD.md
View file

@ -195,8 +195,8 @@ if [ ! -d zot-build/.git ]; then
fi fi
cd zot-build cd zot-build
git fetch --prune origin git fetch --prune origin
git checkout v0.2.29 # the zot tag this image ships (see build-manifest.json) git checkout v0.2.42 # the zot tag this image ships (see build-manifest.json)
ZOT_BUILD_VERSION="${ZOT_VERSION:-v0.2.29}" ZOT_BUILD_VERSION="${ZOT_VERSION:-v0.2.42}"
VERSION="${ZOT_BUILD_VERSION#v}" make build VERSION="${ZOT_BUILD_VERSION#v}" make build
./bin/zot --version ./bin/zot --version
``` ```

2
docs/RELEASE-0.11.0-HANDOFF.md
View file

@ -12,7 +12,7 @@ this build happens on FreeBSD.
| clawdie-iso | `7f55770` | v0.11.0 | `ISO_VERSION=0.11.0` | | clawdie-iso | `7f55770` | v0.11.0 | `ISO_VERSION=0.11.0` |
| colibri | `b626082` | v0.11.0 | MIT; 230 tests green; fmt + clippy clean | | colibri | `b626082` | v0.11.0 | MIT; 230 tests green; fmt + clippy clean |
| clawdie-ai | `393b0c7` | — | clean on forge main | | clawdie-ai | `393b0c7` | — | clean on forge main |
| zot | `1a24a20` | — | agent (front door); pinned by `ZOT_VERSION` | | zot | `821f51a` | v0.2.42 | agent (front door); pinned by `ZOT_VERSION` |
Locally-runnable gates pass on colibri + clawdie-iso (fmt, `CARGO_CRATES` and Locally-runnable gates pass on colibri + clawdie-iso (fmt, `CARGO_CRATES` and
agent-jail drift checks, markdown). CI Actions are **dormant** (no runner) — gates agent-jail drift checks, markdown). CI Actions are **dormant** (no runner) — gates

30
docs/RELEASE-BUILD-RUNBOOK.md
View file

@ -1,6 +1,6 @@
# Release Build Runbook # Release Build Runbook
**Current target:** `0.10.0` ("Operator Image") · **Channel:** `release` **Current target:** `0.11.0` ("Operator Image") · **Channel:** `release`
How to cut a reproducible, publishable operator image from merged sources. This How to cut a reproducible, publishable operator image from merged sources. This
is the `BUILD_CHANNEL=release` path — distinct from the everyday is the `BUILD_CHANNEL=release` path — distinct from the everyday
@ -20,11 +20,11 @@ use `BUILD_CHANNEL=dev` and skip the pinning discipline below.
commits are then written to `build-manifest.json`, so the image can be rebuilt commits are then written to `build-manifest.json`, so the image can be rebuilt
from that record. from that record.
- **Own product version.** `ISO_VERSION` is an explicit product number - **Own product version.** `ISO_VERSION` is an explicit product number
(`0.10.0`), not a component's. Component versions are provenance, not identity. (`0.11.0`), not a component's. Component versions are provenance, not identity.
- **Fits the stick.** The build aborts before shipping if the live filesystem - **Fits the stick.** The build aborts before shipping if the live filesystem
has less than `IMAGE_MIN_FREE_MB` (default 1024) free. has less than `IMAGE_MIN_FREE_MB` (default 1024) free.
Output: `tmp/output/clawdie-quindecim-0.10.0.img` (`quindecim` = FreeBSD 15). Output: `tmp/output/clawdie-quindecim-0.11.0.img` (`quindecim` = FreeBSD 15).
--- ---
@ -68,7 +68,7 @@ Any output from `status --porcelain` (modified _or_ untracked) will fail the
release gate. Clean it before continuing — do not `.gitignore` your way past it. release gate. Clean it before continuing — do not `.gitignore` your way past it.
> `zot` ships at a pinned tag. Check out the tag you intend to release > `zot` ships at a pinned tag. Check out the tag you intend to release
> (`ZOT_VERSION`, default `v0.2.29`) so the recorded commit is the tag's commit. > (`ZOT_VERSION`, default `v0.2.42`) so the recorded commit is the tag's commit.
--- ---
@ -83,10 +83,10 @@ cargo clippy --workspace --all-targets -- -D warnings
# zot agent binary (native FreeBSD build) # zot agent binary (native FreeBSD build)
cd ../zot cd ../zot
git checkout v0.2.29 # the release tag git checkout v0.2.42 # the release tag
ZOT_BUILD_VERSION="${ZOT_VERSION:-v0.2.29}" ZOT_BUILD_VERSION="${ZOT_VERSION:-v0.2.42}"
VERSION="${ZOT_BUILD_VERSION#v}" make build VERSION="${ZOT_BUILD_VERSION#v}" make build
./bin/zot --version # expect: zot 0.2.29 ./bin/zot --version # expect: zot 0.2.42
cd ../clawdie-iso cd ../clawdie-iso
``` ```
@ -115,11 +115,11 @@ ls -l ../colibri/target/release/colibri-daemon \
```sh ```sh
cd ../clawdie-iso cd ../clawdie-iso
sudo env BUILD_CHANNEL=release ISO_VERSION=0.10.0 \ sudo env BUILD_CHANNEL=release ISO_VERSION=0.11.0 \
./build.sh --clawdie-ref main ./build.sh --clawdie-ref main
``` ```
- `ISO_VERSION=0.10.0` — also the `build.cfg` default; an empty/`auto` value - `ISO_VERSION=0.11.0` — also the `build.cfg` default; an empty/`auto` value
fails fast. fails fast.
- `--clawdie-ref main` bundles current `clawdie-ai` main (its commit is recorded - `--clawdie-ref main` bundles current `clawdie-ai` main (its commit is recorded
as provenance). Use `--clawdie-version X.Y.Z` instead to pin a clawdie-ai tag. as provenance). Use `--clawdie-version X.Y.Z` instead to pin a clawdie-ai tag.
@ -129,13 +129,13 @@ sudo env BUILD_CHANNEL=release ISO_VERSION=0.10.0 \
What you should see, in order: What you should see, in order:
1. **Banner**`ISO : 0.10.0-release (zot v0.2.29)`. 1. **Banner**`ISO : 0.11.0-release (zot v0.2.42)`.
2. **Release gate** — silent on success; on failure it lists each modified repo 2. **Release gate** — silent on success; on failure it lists each modified repo
and exits. (Fix the tree; don't switch to `dev` for a real release.) and exits. (Fix the tree; don't switch to `dev` for a real release.)
3. **Preflight** — confirms the colibri binaries and `zot/bin/zot` exist. 3. **Preflight** — confirms the colibri binaries and `zot/bin/zot` exist.
4. **Image space report**`df`/`du` of the live filesystem, then 4. **Image space report**`df`/`du` of the live filesystem, then
`Free space OK (… MB, floor 1024 MB)` — or an abort if it won't fit. `Free space OK (… MB, floor 1024 MB)` — or an abort if it won't fit.
5. **Output**`Done : tmp/output/clawdie-quindecim-0.10.0.img`. 5. **Output**`Done : tmp/output/clawdie-quindecim-0.11.0.img`.
--- ---
@ -147,7 +147,7 @@ cat tmp/output/build-manifest.json # or USB_SHARE copy
Confirm: Confirm:
- `"iso_version": "0.10.0"`, `"version_scheme": "product"`, - `"iso_version": "0.11.0"`, `"version_scheme": "product"`,
`"build_channel": "release"`. `"build_channel": "release"`.
- `zot_commit`, `colibri_commit`, `clawdie_ai_commit`, `iso_repo_commit` are all - `zot_commit`, `colibri_commit`, `clawdie_ai_commit`, `iso_repo_commit` are all
real SHAs (not `unknown`). real SHAs (not `unknown`).
@ -184,7 +184,7 @@ If anything fails out of the box, this is not the cut — fix, rebuild, and the
Follow `skills/iso-publish/SKILL.md`: compress to `.xz`, write the `.sha256`, and Follow `skills/iso-publish/SKILL.md`: compress to `.xz`, write the `.sha256`, and
the publish manifest, then `scripts/publish.sh` to the CMS downloads jail. the publish manifest, then `scripts/publish.sh` to the CMS downloads jail.
`FLASHING.md` is the operator-facing flashing guide (already references the `FLASHING.md` is the operator-facing flashing guide (already references the
`0.10.0` artifact name). `0.11.0` artifact name).
--- ---
@ -192,7 +192,7 @@ the publish manifest, then `scripts/publish.sh` to the CMS downloads jail.
- [ ] All four repos clean (`git status --porcelain` empty) and on the release ref. - [ ] All four repos clean (`git status --porcelain` empty) and on the release ref.
- [ ] `cargo test --workspace` + `cargo clippy -D warnings` green on colibri. - [ ] `cargo test --workspace` + `cargo clippy -D warnings` green on colibri.
- [ ] `BUILD_CHANNEL=release ISO_VERSION=0.10.0 ./build.sh` completes; gate passed, - [ ] `BUILD_CHANNEL=release ISO_VERSION=0.11.0 ./build.sh` completes; gate passed,
preflight passed, free-space check passed. preflight passed, free-space check passed.
- [ ] `build-manifest.json`: channel `release`, all commits real, all - [ ] `build-manifest.json`: channel `release`, all commits real, all
`*_modified` `false`. `*_modified` `false`.
@ -203,7 +203,7 @@ the publish manifest, then `scripts/publish.sh` to the CMS downloads jail.
## Notes / gotchas ## Notes / gotchas
- **Future cuts:** bump `ISO_VERSION` in `build.cfg` (e.g. `0.10.1`, `1.0.0`). - **Future cuts:** bump `ISO_VERSION` in `build.cfg` (e.g. `0.11.1`, `1.0.0`).
Everything else here is unchanged. Everything else here is unchanged.
- **`dev` vs `release`:** `dev` skips the clean-tree gate — fine for proving a - **`dev` vs `release`:** `dev` skips the clean-tree gate — fine for proving a
change, never for a published artifact. change, never for a published artifact.

4
scripts/stage-zot-iso.sh
View file

@ -4,7 +4,7 @@
# zot is the agent-harness consolidation target (one static Go binary). It has no # zot is the agent-harness consolidation target (one static Go binary). It has no
# FreeBSD release, so build it on the host first and point ZOT_ARTIFACT_DIR here: # FreeBSD release, so build it on the host first and point ZOT_ARTIFACT_DIR here:
# (cd ../zot && git checkout "$ZOT_VERSION" \ # (cd ../zot && git checkout "$ZOT_VERSION" \
# && ZOT_BUILD_VERSION="${ZOT_VERSION:-v0.2.29}" \ # && ZOT_BUILD_VERSION="${ZOT_VERSION:-v0.2.42}" \
# && VERSION="${ZOT_BUILD_VERSION#v}" make build) # && VERSION="${ZOT_BUILD_VERSION#v}" make build)
# #
# Credentials: zot resolves provider keys as --api-key -> provider env var -> # Credentials: zot resolves provider keys as --api-key -> provider env var ->
@ -36,7 +36,7 @@ ZOT_HOME="${OP_HOME}/${ZOT_HOME_REL}"
if [ ! -x "${BIN_SRC}" ]; then if [ ! -x "${BIN_SRC}" ]; then
echo "missing executable zot artifact: ${BIN_SRC}" >&2 echo "missing executable zot artifact: ${BIN_SRC}" >&2
echo "hint: (cd \$ZOT_REPO && ZOT_BUILD_VERSION=\"\${ZOT_VERSION:-v0.2.29}\" && VERSION=\"\${ZOT_BUILD_VERSION#v}\" make build)" >&2 echo "hint: (cd \$ZOT_REPO && ZOT_BUILD_VERSION=\"\${ZOT_VERSION:-v0.2.42}\" && VERSION=\"\${ZOT_BUILD_VERSION#v}\" make build)" >&2
exit 66 exit 66
fi fi