Merged
Conversation
New Starlark builtins: apk_create(), apk_publish(), sysroot_stage(). Classes append apk_tasks() for packaging. Units using unit() directly still get Go-side packaging as fallback. Per-task container resolution allows tasks to override the unit-level container.
Packaging is now fully Starlark-driven via project(tasks_append = [apk_tasks]). The apk_tasks predeclared returns a "package" task that calls apk_create, apk_publish, and sysroot_stage. The Go executor no longer does any packaging — it just runs tasks. Classes no longer append apk_tasks themselves; the project-level tasks_append handles it for all units.
Sysroot staging is a build system concern, not a packaging step. It now runs in the executor after all tasks complete for non-image/ non-container units, ensuring it works regardless of packaging policy.
The tasks_append mechanism and Starlark packaging builtins need more design work (module-level vs project-level policy, composition model). Revert to Go-side APK packaging in the executor for now. Per-task container resolution is kept.
Switch go_binary() from toolchain-musl to golang:1.24-alpine external container. Set GOARCH/GOOS/CGO_ENABLED=0 at build time to cross-compile for the target architecture while always running the host-arch container.
Default to no bwrap and POSIX sh for build commands. Classes that need sysroot isolation (autotools, cmake, image) opt in with sandbox=True and shell="bash". External containers like golang:1.24 work out of the box since they only need sh and no bwrap. Add simpleiot unit (go_binary, v0.18.5) as first consumer of the updated Go class with cross-compilation via GOARCH/GOOS.
Mozilla CA bundle for TLS verification. Generates individual .crt files, concatenated bundle, and OpenSSL hash symlinks from Debian's ca-certificates source.
Two design specs for upcoming work: - starlark-packaging-images.md: move APK creation and image assembly into composable Starlark tasks with Go builtins for tar/gzip/hash - file-templates.md: replace inline heredocs with external Go text/template files in unit-name directories
Units declare services = ["sshd"] for init scripts they provide. APK .PKGINFO now stores service metadata. Image assembly reads services from installed APKs and auto-creates S50/S<N> symlinks. The image() services parameter is removed.
Add ports field to qemu_config() so machines define default port forwarding (e.g., ports = ["2222:22", "8118:8118"]). CLI --port flags extend machine defaults. Fix bug where multiple ports created duplicate QEMU netdevs — now combined into a single -netdev with multiple hostfwd options.
Units can declare cache_dirs mapping container paths to project cache subdirectories. The executor creates the host directories and mounts them into the container. The Go class uses this to persist GOMODCACHE and GOCACHE across builds, avoiding repeated module downloads. Wire the unit environment field through the executor so classes can set env vars (like GOMODCACHE/GOCACHE) that apply to all tasks, including custom ones provided by individual units.
QEMU hostfwd expects "tcp::hostport-:guestport" but we were passing "tcp::hostport:guestport". Convert the ":" separator in port specs to "-:" for QEMU.
Services declared with an S<NN> prefix (like S10network) were getting a symlink created on top of the actual script file, causing a symlink loop. These scripts are already named for rcS to find — skip the symlink creation entirely.
Replace manual switch-based flag parsing with Go's flag.NewFlagSet in build, run, flash, init, clean, log, refs, and graph commands. Adds automatic --help, consistent flag syntax, and repeatable flags via a stringSlice type (used for --port). ~70 lines net reduction.
- Hoist reserved-kwargs set to package var for visibility - Add direct tests on starlarkToGo covering error paths - Tighten Extra field comment to match current behavior
Replace the placeholder install_file/install_template builtins (which
delegated to thread-locals set by internal/build.SetTemplateContext)
with pure constructors that return an *InstallStepValue. The new value
type is a frozen, hashable starlark.Value carrying Kind/Src/Dest/Mode.
ParseTaskList now recognizes *InstallStepValue alongside strings and
callables, materializing it as Step{Install: &InstallStep{...}}.
Task 2 of docs/superpowers/plans/2026-04-23-file-templates.md will
remove SetTemplateContext and add executor dispatch for InstallStep
steps.
… wiring
The executor now handles install_file / install_template steps via a new
step.Install branch that calls doInstallStep directly on the host. The
side-effecting fnInstallFile / fnInstallTemplate Starlark builtins and the
thread-local TemplateContext / templateKey / SetTemplateContext wiring in
internal/build/ have been deleted. Install-step builtins live in
internal/starlark/ and return pure InstallStepValue values (Task 1);
ParseTaskList materializes them into Step{Install: *InstallStep}; this task
plugs that into executor dispatch.
templates.go keeps BuildTemplateContext, resolveTemplatePath, and expandEnv
and adds doInstallStep + installStepLabel. templates_test.go's old
Starlark-threaded tests are replaced with direct doInstallStep tests.
BuildPredeclared now exposes only run().
Drop the "Status: Spec" banner from docs/file-templates.md now that the feature ships in base-files, network-config, and simpleiot. Rewrite the Unreleased changelog entry to describe the user-visible feature (install_file / install_template as step-value builtins, unified context map, files-dir hashing) rather than the internal dispatch refactor.
doInstallStep runs on the host, so $DESTDIR in install paths must expand to the host-side destdir, not the container's /build/destdir bind mount. Override DESTDIR / SRCDIR / SYSROOT with host paths when calling doInstallStep; leave the main env untouched so shell steps still see container paths.
Go's stdlib flag package stops parsing flags at the first positional argument, so 'yoe build base-image --machine qemu-x86_64' treated --machine as a unit name. Put --machine before the positional.
…site
Two related Starlark/build changes:
- Classes (autotools, cmake, go_binary) now merge a unit's tasks=[...] into
their default task list instead of replacing it. Same-named tasks replace
in place, new names append, and task("name", remove=True) drops a base task.
Shared helper lives at modules/units-core/classes/tasks.star. simpleiot
drops its duplicated build task as a result.
- install_file/install_template now capture BaseDir from the .star file
containing the call, so a helper like base_files() in
units/base/base-files.star finds its templates regardless of which unit
ultimately registers them. Previously a helper invoked from
images/dev-image.star looked under images/base-files-dev/ and broke the
dev-image build. Switching to starlark.ExecFileOptions on all exec paths
so CallFrame positions are populated for BaseDir capture.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.