jesus/lian-build
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
lian-build/CHANGES.md
Jesús Pérez 40be733797
chore: init repo
2026-05-04 18:23:52 +01:00

6 KiB
Raw Permalink Blame History

Changes

Record of accepted architectural decisions and visible surface changes for lian-build. Format follows Keep a Changelog; project is pre-1.0 so the SemVer guarantee is not yet in force — schema and CLI shape may break between minor versions until 0.1.0 is tagged.

Dates reflect the ADR acceptance date or the date the on-disk artefact was recorded; this project does not yet publish git tags or release builds.

[Unreleased] — 0.1.0

Architecture

  • adr-003 — Nickel coupled via subprocess, not library linkage (2026-05-03) All NCL → Rust conversions flow through directives::nickel_export(path, &[import_paths]), which spawns nickel export --format json and feeds serde. No nickel-lang* crate is added to Cargo.toml. nickel is a runtime requirement on $PATH.

  • adr-002 — CLI surface is subcommand-only with stdout reserved for structured envelopes (2026-05-03) lian-build now exposes {build, integrate} as clap subcommands. There is no default subcommand and no flat-arg compatibility shim. tracing_subscriber is pinned to with_writer(std::io::stderr) so stdout carries at most one envelope per invocation. Breaking for any caller invoking the legacy buildkit-launcher flat-arg form: migrate to lian-build build <args>.

  • adr-001 — lian-build is a standalone build substrate, not part of provisioning (2026-05-01) buildkit-launcher and buildkit_runner extracted from provisioning/platform/crates/buildkit-launcher and provisioning/extensions/components/buildkit_runner into this standalone project. Binary renamed from buildkit-launcher to lian-build.

Added

  • lian-build build subcommand. Accepts flat args or --directives <file.ncl>; directives take precedence over flat-arg fields when both are present (src/main.rs::resolve_build_plan).
  • lian-build integrate subcommand. Federated probe that reads a SecretDeliveryContext JSON envelope from stdin and emits a single ResultEnvelope JSON line on stdout (src/integration/).
  • BuildDirectives NCL vocabulary (schemas/build_directives.ncl) and matching Rust types in src/directives.rs with serde round-trip tests.
  • BuildSpec schema (schemas/build_spec.ncl) with bounded_cpu_ ≤ 256 and bounded_time_budget_ ≤ 1440 min contract bounds; honoured by sizing::resolve at the explicit-spec tier.
  • CachePolicy schema (schemas/cache_policy.ncl) with BuildMode = 'ci | 'session, SessionActor ('human | 'agent | 'ci_aux), and SessionCacheDisposition ('export | 'discard | 'rollback).
  • src/cache.rsbuild_cache_flags(workspace, mode, registry) returning import/export Vec<String>; enforces ci/<workspace>/* (canonical, read-only to sessions) and dev/<actor-id>-<workspace>/* (per-session). Invariants guarded by unit tests: ci_never_imports_dev, session_never_exports_ci, session_imports_both_layers, mode_switch_purity.
  • src/sizing.rs — three-tier resolution: explicit .build-spec.ncl → P95 historical (×1.2, floored) → language defaults (rust=4/8/60, go=2/4/30, java|kotlin|scala=4/8/45, default=2/4/30).
  • src/retry.rsMAX_OOM_RETRIES = 1 (hard bound), SIZE_TIERS walk cx22 → cx32 → cx42 → cx52. OOM is detected via exit-code 137 or stderr matching OOM / Killed.
  • src/orchestrator_client.rs — HTTP client wrapping responses in ApiResponse<T> { success, data, error }. Methods: spawn_runner, destroy_runner, get_p95, record_metrics.
  • src/buildctl_runner.rsrsync_context and run_buildctl over SSH.
  • src/nats_events.rsBuildEventPublisher over platform_nats::EventStream. Publishes started / completed / failed to <prefix>.<workspace>.build.<event>. Connect failures warn and disable publishing; they never fail a build.
  • defaults/build_directives.nclmake_* constructors and ci_cache_policy / session_cache_policy helpers.
  • examples/sample.ncl — example BuildDirectives instance.
  • Ontoref scaffolding: .ontology/{core,state,gate,manifest}.ncl, .ontoref/project.ncl, card.ncl, reflection/{backlog,qa}.ncl, reflection/modes/, catalog/{domains,modes}/.
  • Repository assets: assets/ (logo and branding), justfile with imports from justfiles/{build,test,ci}.just, .pre-commit-config.yaml.

Changed

  • Binary target renamed buildkit-launcherlian-build. The tracing env-filter directive remains the legacy crate name (buildkit_launcher=info) — explicitly noted in CLAUDE.md.
  • --platforms is now a comma-separated list (multi-platform builds); legacy single-value invocations remain valid.

Constraints (grep-checked, ADR-001)

  • no-provisioning-lib-importCargo.toml and src/ must not match platform-config|provisioning|stratum-. The platform-nats path-dep from stratumiops is explicitly allowed (it is shared infrastructure, not the provisioning workspace).
  • build-directives-ncl-vocabularysrc/ must not match provisioning_workspace|vapora_|woodpecker_.

Status (.ontology/state.ncl)

Dimension Current Desired
provider-pluggability-maturity hcloud-zot-only provider-trait-stable
session-multi-actor-maturity ci-single-actor multi-actor-stable
active-active-registry-maturity single-zot-libre-wuji active-active-verified
caller-integration-maturity provisioning-only multi-caller-stable
peer-publishing-status packaged production

ComputeProvider / RegistryProvider Rust traits are not yet declared; the orchestrator client is currently hcloud-shaped. Compute is selected via NCL discriminant but dispatch in core is monolithic — see ADR-001 and the provider-pluggability-maturity dimension.