diff --git a/docs/ROADMAP.md b/docs/ROADMAP.md index 8e09f94..457f654 100644 --- a/docs/ROADMAP.md +++ b/docs/ROADMAP.md @@ -9,6 +9,31 @@ For the historical record of what landed in each release, see --- +## ⚡ STRATEGY PIVOT — 2026-05-06 + +**Decision: skip v0.6 kickstart polish. Pivot directly to v0.7 +BlueBuild OCI path.** + +Reasons: +- v0.5.32 produced a green ISO (2.7 GB) on the Forgejo runner. Proof + point achieved. +- Continuing to debug `livecd-creator` + `anaconda` quirks for v0.6 + polish is sunk-cost work on tooling we retire at v1.0 anyway. +- v0.7 spike already has a working BlueBuild recipe + `ostreecontainer` + kickstart directive. Layering veilor branding + installer + power CLI + on top of secureblue beats re-deriving the same hardening from + scratch. +- Ergonomic CLI tools (`veilor-postinstall`, `veilor-doctor`, + `veilor-update`) translate cleanly to v0.7: `bootc upgrade` replaces + `dnf upgrade`. Move them into v0.7 scope. + +**v0.5.0 is the final kickstart-path release.** Tag, freeze, ship as +proof-of-work / portfolio anchor. **v0.6 cancelled as a milestone.** + +Active focus: `v0.7-bluebuild-spike` branch. + +--- + ## Lessons learned through v0.5.x install grind Five things v0.5.27–31 changed about how we plan: @@ -165,7 +190,22 @@ specified — defaults stay sane for a daily driver. --- -## v0.6 — ergonomics (PROMOTED — install grind proved we need this) +## v0.6 — CANCELLED 2026-05-06 (folded into v0.7) + +Per the strategy pivot at the top of this file: v0.6 kickstart polish +will not ship. Continuing on the kickstart path means more +livecd-creator + anaconda debugging on tooling that's retired at v1.0. +The flagship v0.6 deliverables (`veilor-postinstall`, `veilor-doctor`, +`veilor-update`, opt-in installer ISO, first-boot Plymouth dialog, +Bluetooth helper) move into **v0.7 scope** with `bootc upgrade` +replacing `dnf upgrade` in the update path. + +The original v0.6 plan is preserved below for reference but is **not +the active roadmap**. + +--- + +## v0.6 — ergonomics (HISTORICAL — superseded by v0.7) Smooth the operator experience so day-to-day work doesn't fight the hardening. `veilor-postinstall` and `veilor-doctor` were v0.6 background @@ -204,7 +244,28 @@ distro from a kickstart. --- -## v0.7 — public flex + bootc spike +## v0.7 — BlueBuild OCI mainline (ACTIVE — primary focus 2026-05-06+) + +This was originally planned as "public flex + bootc spike". Post-pivot, +v0.7 is now the **primary active milestone** — it absorbs all v0.6 +ergonomic work and becomes the next ship target. + +Scope: +- BlueBuild recipe (`bluebuild/recipe.yml`) layering on + `ghcr.io/secureblue/securecore-kinoite-hardened-userns` +- `kickstart/install-ostreecontainer.ks` — 10-line kickstart that calls + `ostreecontainer --url=ghcr.io/veilor-org/veilor-os:43 --transport=registry` + and lets Anaconda's LUKS UX drive the install +- veilor brand layer: KDE black theme, gum installer assets, custom + Konsole profile, branded `os-release` +- `veilor-power` 3-mode CLI (lifted as-is from v0.5.x overlay) +- `veilor-postinstall` (formerly v0.6 flagship) — first-login TUI +- `veilor-doctor` (formerly v0.6) — boot-time + weekly drift check +- `veilor-update` rewritten on `bootc upgrade` (was `dnf upgrade`) +- Forgejo registry as primary OCI publish target; GHCR mirror optional +- cosign key-pair signing of OCI image (replaces broken keyless flow) + +Public-flex items kept from original v0.7 entry: Take veilor-os out of "private repo, contained audience" mode. Order matters: people demand threat model FIRST when a security distro goes