- spec-parser: merge_include now merges repos, variants, certs, incorporation
- forge-engine: auto-increment UID/GID from existing passwd/group files
- forge-engine: replace shell-based APT source addition with direct file write
- forge-engine/forge-oci: OS field is now distro-aware (solaris vs linux)
- forge-engine: apply owner/group via lchown on file/dir/symlink overlays
- forge-oci: diff_ids now use uncompressed tar digests per OCI image spec
- forge-oci: track real uncompressed_size instead of hardcoded 0
- forge-engine/forge-builder: use spec metadata version instead of "latest"
- Add disk_gb field to BuilderNode/BuilderConfig with 20GB default,
fixing debootstrap failure caused by 2GB cloud image running out of
space. Cloud-init growpart/resize_rootfs expand the partition.
- Replace walkdir-based copy_rootfs with cp -a to preserve symlinks,
fixing grub-install failure caused by broken merged-/usr symlinks
(/lib, /bin, /sbin -> /usr/*) in modern Ubuntu.
- Add network verification step that checks DNS before building and
auto-fixes resolv.conf with SLIRP DNS (10.0.2.3) if needed.
- Add diagnostic collection on failure (debootstrap log, resolv.conf,
disk space) before VM teardown.
- Include build stderr/stdout in RemoteBuildFailed error for better
error reporting.
- Install build dependencies (debootstrap, qemu-utils, etc.) inside
the builder VM before running the build.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Introduce the forge-builder crate that automatically delegates builds to
an ephemeral VM when the host can't build locally (e.g., QCOW2 targets
without root, or OmniOS images on Linux). The builder detects these
conditions, spins up a VM via vm-manager with user-mode networking,
uploads inputs, streams the remote build output, and retrieves artifacts.
Key changes:
- New forge-builder crate with detection, binary resolution, VM lifecycle
management, file transfer, and miette diagnostic errors
- BuilderNode added to spec-parser schema for per-spec VM config
- --local and --use-builder CLI flags on the build command
- Feature-gated (default on) integration in forger CLI
- Fix ext4 QCOW2 grub-install failure by using absolute paths in chroot
- Improve debootstrap to pass --components and write full sources.list
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Extend spec-parser schema with distro, AptMirror, filesystem, and
push-to fields for Ubuntu image support
- Add debootstrap/apt tool wrappers and Phase 1 distro dispatch
(OmniOS IPS vs Ubuntu apt)
- Add ext4+GPT+EFI QCOW2 build path alongside existing ZFS pipeline
- Add partition tools (sgdisk, mkfs) and loopback partprobe support
- Add ORAS-compatible OCI artifact push/pull for QCOW2 files with
custom media types (vnd.cloudnebula.qcow2)
- Add --artifact flag to forger push command
- Add auto-push from Phase 2 when target has push-to set
- Add omnios-rust-ci and ubuntu-rust-ci KDL image specs
- Update inspect command to display new fields
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Standalone workspace with 4 crates for building optimized OS images
and publishing to OCI registries:
- spec-parser: KDL image spec parsing with include resolution and
profile-based conditional filtering
- forge-oci: OCI image creation (tar layers, manifests, Image Layout)
and registry push via oci-client
- forge-engine: Build pipeline with Phase 1 (rootfs assembly via native
package managers with -R) and Phase 2 (QCOW2/OCI/artifact targets),
plus dyn-compatible ToolRunner trait for external tool execution
- forger: CLI binary with build, validate, inspect, push, and targets
commands
Ported KDL specs and overlay files from the vm-manager prototype.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
