Move OCI push from builder VM (where GITHUB_TOKEN is unavailable) to the
host side. Add --skip-push and --builder-image CLI flags so the build
pipeline can be bootstrapped before builder OCI images exist. KDL specs
now include public cloud image URLs as default builder images.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add disk_gb field to BuilderNode/BuilderConfig with 20GB default,
fixing debootstrap failure caused by 2GB cloud image running out of
space. Cloud-init growpart/resize_rootfs expand the partition.
- Replace walkdir-based copy_rootfs with cp -a to preserve symlinks,
fixing grub-install failure caused by broken merged-/usr symlinks
(/lib, /bin, /sbin -> /usr/*) in modern Ubuntu.
- Add network verification step that checks DNS before building and
auto-fixes resolv.conf with SLIRP DNS (10.0.2.3) if needed.
- Add diagnostic collection on failure (debootstrap log, resolv.conf,
disk space) before VM teardown.
- Include build stderr/stdout in RemoteBuildFailed error for better
error reporting.
- Install build dependencies (debootstrap, qemu-utils, etc.) inside
the builder VM before running the build.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Extend spec-parser schema with distro, AptMirror, filesystem, and
push-to fields for Ubuntu image support
- Add debootstrap/apt tool wrappers and Phase 1 distro dispatch
(OmniOS IPS vs Ubuntu apt)
- Add ext4+GPT+EFI QCOW2 build path alongside existing ZFS pipeline
- Add partition tools (sgdisk, mkfs) and loopback partprobe support
- Add ORAS-compatible OCI artifact push/pull for QCOW2 files with
custom media types (vnd.cloudnebula.qcow2)
- Add --artifact flag to forger push command
- Add auto-push from Phase 2 when target has push-to set
- Add omnios-rust-ci and ubuntu-rust-ci KDL image specs
- Update inspect command to display new fields
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Standalone workspace with 4 crates for building optimized OS images
and publishing to OCI registries:
- spec-parser: KDL image spec parsing with include resolution and
profile-based conditional filtering
- forge-oci: OCI image creation (tar layers, manifests, Image Layout)
and registry push via oci-client
- forge-engine: Build pipeline with Phase 1 (rootfs assembly via native
package managers with -R) and Phase 2 (QCOW2/OCI/artifact targets),
plus dyn-compatible ToolRunner trait for external tool execution
- forger: CLI binary with build, validate, inspect, push, and targets
commands
Ported KDL specs and overlay files from the vm-manager prototype.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
