docs(ROADMAP): pivot — v0.6 cancelled, v0.7 BlueBuild OCI is mainline
Strategy pivot 2026-05-06: v0.5.32 produced a green ISO on Forgejo runner. That's the kickstart-path proof point. Continuing v0.6 kickstart polish is sunk-cost work on tooling retired at v1.0. Pivot: - v0.5.0 is the FINAL kickstart-path release. Tag, freeze, ship. - v0.6 cancelled as a milestone. Original plan kept inline as HISTORICAL reference. - v0.7 promoted to primary active milestone. Absorbs the v0.6 ergonomic CLI tools (veilor-postinstall / veilor-doctor / veilor-update) with bootc upgrade replacing dnf upgrade. - Active branch: v0.7-bluebuild-spike. All future feature work lands there, not on main.
This commit is contained in:
obsidian-ai
parent
89c7df0ecc
commit
b13336192b
1 changed files with 63 additions and 2 deletions
|
|
@ -9,6 +9,31 @@ For the historical record of what landed in each release, see
|
|||
|
||||
---
|
||||
|
||||
## ⚡ STRATEGY PIVOT — 2026-05-06
|
||||
|
||||
**Decision: skip v0.6 kickstart polish. Pivot directly to v0.7
|
||||
BlueBuild OCI path.**
|
||||
|
||||
Reasons:
|
||||
- v0.5.32 produced a green ISO (2.7 GB) on the Forgejo runner. Proof
|
||||
point achieved.
|
||||
- Continuing to debug `livecd-creator` + `anaconda` quirks for v0.6
|
||||
polish is sunk-cost work on tooling we retire at v1.0 anyway.
|
||||
- v0.7 spike already has a working BlueBuild recipe + `ostreecontainer`
|
||||
kickstart directive. Layering veilor branding + installer + power CLI
|
||||
on top of secureblue beats re-deriving the same hardening from
|
||||
scratch.
|
||||
- Ergonomic CLI tools (`veilor-postinstall`, `veilor-doctor`,
|
||||
`veilor-update`) translate cleanly to v0.7: `bootc upgrade` replaces
|
||||
`dnf upgrade`. Move them into v0.7 scope.
|
||||
|
||||
**v0.5.0 is the final kickstart-path release.** Tag, freeze, ship as
|
||||
proof-of-work / portfolio anchor. **v0.6 cancelled as a milestone.**
|
||||
|
||||
Active focus: `v0.7-bluebuild-spike` branch.
|
||||
|
||||
---
|
||||
|
||||
## Lessons learned through v0.5.x install grind
|
||||
|
||||
Five things v0.5.27–31 changed about how we plan:
|
||||
|
|
@ -165,7 +190,22 @@ specified — defaults stay sane for a daily driver.
|
|||
|
||||
---
|
||||
|
||||
## v0.6 — ergonomics (PROMOTED — install grind proved we need this)
|
||||
## v0.6 — CANCELLED 2026-05-06 (folded into v0.7)
|
||||
|
||||
Per the strategy pivot at the top of this file: v0.6 kickstart polish
|
||||
will not ship. Continuing on the kickstart path means more
|
||||
livecd-creator + anaconda debugging on tooling that's retired at v1.0.
|
||||
The flagship v0.6 deliverables (`veilor-postinstall`, `veilor-doctor`,
|
||||
`veilor-update`, opt-in installer ISO, first-boot Plymouth dialog,
|
||||
Bluetooth helper) move into **v0.7 scope** with `bootc upgrade`
|
||||
replacing `dnf upgrade` in the update path.
|
||||
|
||||
The original v0.6 plan is preserved below for reference but is **not
|
||||
the active roadmap**.
|
||||
|
||||
---
|
||||
|
||||
## v0.6 — ergonomics (HISTORICAL — superseded by v0.7)
|
||||
|
||||
Smooth the operator experience so day-to-day work doesn't fight the
|
||||
hardening. `veilor-postinstall` and `veilor-doctor` were v0.6 background
|
||||
|
|
@ -204,7 +244,28 @@ distro from a kickstart.
|
|||
|
||||
---
|
||||
|
||||
## v0.7 — public flex + bootc spike
|
||||
## v0.7 — BlueBuild OCI mainline (ACTIVE — primary focus 2026-05-06+)
|
||||
|
||||
This was originally planned as "public flex + bootc spike". Post-pivot,
|
||||
v0.7 is now the **primary active milestone** — it absorbs all v0.6
|
||||
ergonomic work and becomes the next ship target.
|
||||
|
||||
Scope:
|
||||
- BlueBuild recipe (`bluebuild/recipe.yml`) layering on
|
||||
`ghcr.io/secureblue/securecore-kinoite-hardened-userns`
|
||||
- `kickstart/install-ostreecontainer.ks` — 10-line kickstart that calls
|
||||
`ostreecontainer --url=ghcr.io/veilor-org/veilor-os:43 --transport=registry`
|
||||
and lets Anaconda's LUKS UX drive the install
|
||||
- veilor brand layer: KDE black theme, gum installer assets, custom
|
||||
Konsole profile, branded `os-release`
|
||||
- `veilor-power` 3-mode CLI (lifted as-is from v0.5.x overlay)
|
||||
- `veilor-postinstall` (formerly v0.6 flagship) — first-login TUI
|
||||
- `veilor-doctor` (formerly v0.6) — boot-time + weekly drift check
|
||||
- `veilor-update` rewritten on `bootc upgrade` (was `dnf upgrade`)
|
||||
- Forgejo registry as primary OCI publish target; GHCR mirror optional
|
||||
- cosign key-pair signing of OCI image (replaces broken keyless flow)
|
||||
|
||||
Public-flex items kept from original v0.7 entry:
|
||||
|
||||
Take veilor-os out of "private repo, contained audience" mode. Order
|
||||
matters: people demand threat model FIRST when a security distro goes
|
||||
|
|
|
|||
Loading…
Reference in a new issue