Boot Fruix from distinct FreeBSD source revisions

2026-04-03 20:03:09 +02:00
parent 8150508676
commit 865012ea0c
4 changed files with 342 additions and 1 deletions
--- a/docs/PROGRESS.md
+++ b/docs/PROGRESS.md
@@ -1,5 +1,53 @@
 # Progress

+## 2026-04-03 — Phase 17.2 completed: Fruix now boots systems from distinct declared FreeBSD source revisions
+
+Completed work:
+
+- added boot validation harness:
+  - `tests/system/run-phase17-source-revisions-qemu.sh`
+- the new harness renders the Phase 17 Git and `src.txz` operating-system templates and boots both systems through the validated:
+  - QEMU
+  - UEFI
+  - TCG
+  - `shepherd-pid1`
+  path
+- validated booted source identities:
+  - Git source:
+    - ref: `stable/15`
+    - commit: `332708a606f6bf0841c1d4a74c0d067f5640fe89`
+  - `src.txz` source:
+    - `https://download.freebsd.org/releases/amd64/15.0-RELEASE/src.txz`
+    - sha256:
+      - `83c3e8157b6d7afcae57167fda75693bf1e5f581ca149a6ecb2d398b71bdfab0`
+- confirmed image/build metadata for both boots records:
+  - declared source kind
+  - ref/commit or archive URL/sha256
+  - materialized source store path
+  - distinct native base store sets
+- wrote:
+  - `docs/reports/phase17-source-revision-boots-freebsd.md`
+
+Validation:
+
+- `PASS phase17-source-revisions-qemu`
+- validated distinct booted closures:
+  - Git:
+    - `/frx/store/d6cbcc76f57fa9c392a80fe20e7499f7a837aab4fb96ea056e624cde95bc70c8-fruix-system-fruix-freebsd`
+  - `src.txz`:
+    - `/frx/store/02268e19930facb32e12b6ec191f2e5704d1e81033baf3637a889ad15924ff88-fruix-system-fruix-freebsd`
+- validated both guests reached the validated runtime state:
+  - Shepherd as PID 1
+  - `sshd` running
+- validated distinct materialized source stores and distinct native kernel/bootloader/runtime outputs for the two boots
+
+Current assessment:
+
+- Phase 17.2 is complete
+- Fruix can now both build **and boot** systems from distinct declared FreeBSD source revisions
+- the next step is Phase 17.3:
+  - document the intended policy for source provenance, caching, invalidation, and update semantics before installation work depends on it
+
 ## 2026-04-03 — Phase 17.1 completed: side-by-side FreeBSD source revisions now coexist in `/frx/store`

 Completed work:
--- a/docs/PROG_SUMMARY.md
+++ b/docs/PROG_SUMMARY.md
@@ -29,6 +29,7 @@ Completed milestones include:
  into `/frx/store`, with cache-backed provenance under `/frx/var/cache/fruix/freebsd-source`.
 - **Source-driven native base builds**: native FreeBSD kernel/bootloader/runtime artifacts now consume those materialized source snapshots rather than ambient `/usr/src`, and their build metadata records both the declared source and the effective materialized source identity.
 - **Side-by-side source revisions**: Fruix can now keep distinct FreeBSD source identities side by side in `/frx/store` and produce distinct native base outputs from them, even when the visible base version label is held constant.
+- **Source-driven boot validation**: Fruix can now also boot systems built from distinct declared FreeBSD source revisions while preserving those source identities in image/build metadata.
 - **Base upgrade story**: Fruix can now keep distinct declared base versions side by side in `/frx/store` and roll forward / back between them through the normal system deployment flow.

 ## Major pain points now behind us
@@ -43,7 +44,7 @@ Completed milestones include:
 ## Major pain points still ahead

 - **True store-native runtime artifacts**: some historical build/install prefixes are still embedded in binaries and metadata. They are no longer required at runtime, but the local Guile/guile-extra/Shepherd build/install flow should still be moved to a genuinely store-native prefix from the start.
- **Source-revision boot validation**: Fruix now has side-by-side source-driven native outputs, but it still needs stronger boot validation and update/rollback exercises across distinct fetched source revisions.
+- **Source provenance/update policy**: Fruix now has side-by-side source-driven boots, but it still needs the repo-level policy for source caching, refresh, invalidation, and update semantics before later installation/deployment work depends on it.
 - **Boot-path simplification**: Fruix now supports both the legacy `freebsd-init+rc.d-shepherd` path and the more Guix-like `shepherd-pid1` path. We still need to decide whether Shepherd PID 1 becomes the preferred/default architecture.
 - **Reduce transitional FreeBSD glue**: more of the current bootstrap/activation/runtime setup should become cleaner and less prototype-specific over time.
 - **Tooling and platform constraints**: local bhyve remains blocked by missing nested virtualization under Xen, and XO permissions still prevent creating/importing new VDIs; current validation must keep reusing the approved VM/VDI path.
--- a/docs/reports/phase17-source-revision-boots-freebsd.md
+++ b/docs/reports/phase17-source-revision-boots-freebsd.md
@@ -0,0 +1,98 @@
+# Phase 17.2: boot systems from distinct declared FreeBSD source revisions
+
+Date: 2026-04-03
+
+## Goal
+
+Phase 17.2 extends Phase 17.1 from:
+
+- side-by-side source-driven builds
+
+to:
+
+- side-by-side source-driven **boots**.
+
+The important requirement was not visible runtime behavior differences between the guests. The requirement was that Fruix should be able to:
+
+- build bootable systems from at least two distinct declared source revisions
+- boot both systems with the validated native base path
+- preserve source identity in the resulting system/image metadata
+
+## Implementation
+
+Added boot validation harness:
+
+- `tests/system/run-phase17-source-revisions-qemu.sh`
+
+This script renders the Phase 17 source templates from Phase 17.1 and then boots two systems under the already-validated QEMU/UEFI/TCG path:
+
+- Git-backed source:
+  - ref: `stable/15`
+  - pinned commit: `332708a606f6bf0841c1d4a74c0d067f5640fe89`
+- release archive source:
+  - `https://download.freebsd.org/releases/amd64/15.0-RELEASE/src.txz`
+  - sha256:
+    - `83c3e8157b6d7afcae57167fda75693bf1e5f581ca149a6ecb2d398b71bdfab0`
+
+The harness reuses:
+
+- `tests/system/run-phase11-shepherd-pid1-qemu.sh`
+
+and checks both guest runtime behavior and image/build provenance metadata.
+
+## Validation
+
+Passing run:
+
+- `PASS phase17-source-revisions-qemu`
+
+Confirmed booted systems from two distinct source identities:
+
+```text
+git_closure=/frx/store/d6cbcc76f57fa9c392a80fe20e7499f7a837aab4fb96ea056e624cde95bc70c8-fruix-system-fruix-freebsd
+txz_closure=/frx/store/02268e19930facb32e12b6ec191f2e5704d1e81033baf3637a889ad15924ff88-fruix-system-fruix-freebsd
+```
+
+Confirmed source metadata recorded in image/build artifacts:
+
+```text
+git_source_kind=git
+git_source_ref=stable/15
+git_source_commit=332708a606f6bf0841c1d4a74c0d067f5640fe89
+git_materialized_source_store=/frx/store/c9928605fa906b90a600dafeebe5005dd18ad3b8e62b7111d9d13ad60ee56490-freebsd-source-stable15-side-a
+
+txz_source_kind=src-txz
+txz_source_url=https://download.freebsd.org/releases/amd64/15.0-RELEASE/src.txz
+txz_source_sha256=83c3e8157b6d7afcae57167fda75693bf1e5f581ca149a6ecb2d398b71bdfab0
+txz_materialized_source_store=/frx/store/5eaeff5c6c55a95b6531d9cf2e1824cd4368d81c614608426bee1a5d2a664dc5-freebsd-source-release15-side-b
+```
+
+Confirmed distinct native base outputs used by the two boots:
+
+```text
+git_native_base_stores=/frx/store/4b615431ec25c500a3bf0ed70ce39e2ebf4f584994a53756268e4383962bc86b-freebsd-native-kernel-15.0-source-side-by-side,/frx/store/3a5a0b2b88b4757cf9cb4e3040f992d8fdb5bd9a7f1b186da983854cd95392c5-freebsd-native-bootloader-15.0-source-side-by-side,/frx/store/177f78e7f2932986a380187eb09dc34cc2cd9a146c5ed1fe1f00aae15ddf78d9-freebsd-native-runtime-15.0-source-side-by-side
+
+txz_native_base_stores=/frx/store/0c5141a86fa9c1974102f2bd8766eb3ab787b97dcccb71f17d80aefbe8ed4f3e-freebsd-native-kernel-15.0-source-side-by-side,/frx/store/3de6592f50a735d8461662cb393fc413325ce24ded45d4bb494525896f8cb5eb-freebsd-native-bootloader-15.0-source-side-by-side,/frx/store/46d256305198ee7d745b9032c71085aba97d55fdf7a0d3d2017dd4455173205d-freebsd-native-runtime-15.0-source-side-by-side
+```
+
+Confirmed both guests booted successfully through the validated PID 1 path:
+
+- Shepherd ran as PID 1 in both boots
+- `sshd` was running in both boots
+- boot backend:
+  - `qemu-uefi-tcg`
+
+Validation artifacts:
+
+- Git serial log:
+  - `/tmp/fruix-phase17-source-qemu.7Za50q/git/serial.log`
+- `src.txz` serial log:
+  - `/tmp/fruix-phase17-source-qemu.7Za50q/txz/serial.log`
+
+## Result
+
+Phase 17.2 is complete.
+
+Fruix now boots systems built from at least two distinct declared FreeBSD source revisions while preserving those source identities in system/image metadata.
+
+That means Phase 17 is no longer just about build-time coexistence. The validated native boot path now also works across distinct source identities.