Remove runtime-bundle image dependencies

Hard-cut banger away from source-checkout runtime bundles as an implicit source of\nimage and host defaults. Managed images now own their full boot set,\nimage build starts from an existing registered image, and daemon startup\nno longer synthesizes a default image from host paths.\n\nResolve Firecracker from PATH or firecracker_bin, make SSH keys config-owned\nwith an auto-managed XDG default, replace the external name generator and\npackage manifests with Go code, and keep the vsock helper as a companion\nbinary instead of a user-managed runtime asset.\n\nUpdate the manual scripts, web/CLI forms, config surface, and docs around\nthe new build/manual flow and explicit image registration semantics.\n\nValidation: GOCACHE=/tmp/banger-gocache go test ./..., bash -n scripts/*.sh,\nand make build.
2026-03-21 18:34:53 -03:00 · 2026-03-21 18:34:53 -03:00 · 572bf32424
commit 572bf32424
parent 01c7cb5e65
44 changed files with 1194 additions and 3456 deletions
--- a/scripts/customize.sh
+++ b/scripts/customize.sh
@ -31,49 +31,10 @@ parse_size() {

 SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 REPO_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
-DEFAULT_RUNTIME_DIR="$REPO_ROOT/build/runtime"
-if [[ ! -d "$DEFAULT_RUNTIME_DIR" && -d "$REPO_ROOT/runtime" ]]; then
-  DEFAULT_RUNTIME_DIR="$REPO_ROOT/runtime"
-fi
-RUNTIME_DIR="${BANGER_RUNTIME_DIR:-$DEFAULT_RUNTIME_DIR}"
-if [[ ! -d "$RUNTIME_DIR" ]]; then
-  log "runtime bundle not found: $RUNTIME_DIR"
-  log "run 'make runtime-bundle' or set BANGER_RUNTIME_DIR"
-  exit 1
-fi
-source "$SCRIPT_DIR/lib/packages.sh"
 STATE="${BANGER_STATE_DIR:-${XDG_STATE_HOME:-$HOME/.local/state}/banger/image-build}"
 VM_ROOT="$STATE/vms"
 mkdir -p "$VM_ROOT"

-BUNDLE_METADATA="$RUNTIME_DIR/bundle.json"
-
-bundle_path() {
-  local key="$1"
-  local fallback="$2"
-  local rel=""
-
-  if [[ -f "$BUNDLE_METADATA" ]] && command -v jq >/dev/null 2>&1; then
-    rel="$(jq -r --arg key "$key" '.[$key] // empty' "$BUNDLE_METADATA" 2>/dev/null || true)"
-  fi
-  if [[ -n "$rel" && "$rel" != "null" ]]; then
-    printf '%s\n' "$RUNTIME_DIR/$rel"
-    return
-  fi
-  printf '%s\n' "$fallback"
-}
-
-BASE_ROOTFS="$RUNTIME_DIR/rootfs.ext4"
-FC_BIN="$RUNTIME_DIR/firecracker"
-
-KERNEL="$(bundle_path default_kernel "$RUNTIME_DIR/wtf/root/boot/vmlinux-6.8.0-94-generic")"
-INITRD="$(bundle_path default_initrd "$RUNTIME_DIR/wtf/root/boot/initrd.img-6.8.0-94-generic")"
-SSH_KEY="$RUNTIME_DIR/id_ed25519"
-VSOCK_AGENT="$(bundle_path vsock_agent_path "$RUNTIME_DIR/banger-vsock-agent")"
-if [[ "$VSOCK_AGENT" == "$RUNTIME_DIR/banger-vsock-agent" && ! -x "$VSOCK_AGENT" ]]; then
-  VSOCK_AGENT="$(bundle_path vsock_ping_helper_path "$RUNTIME_DIR/banger-vsock-pingd")"
-fi
-
 BR_DEV="br-fc"
 BR_IP="172.16.0.1"
 CIDR="24"
@ -102,16 +63,34 @@ resolve_banger_bin() {

 BANGER_BIN="$(resolve_banger_bin)"
 NAT_ACTIVE=0
+FC_BIN="$("$BANGER_BIN" internal firecracker-path)"
+SSH_KEY="$("$BANGER_BIN" internal ssh-key-path)"
+VSOCK_AGENT="$("$BANGER_BIN" internal vsock-agent-path)"

 banger_nat() {
  local action="$1"
  "$BANGER_BIN" internal nat "$action" --guest-ip "$GUEST_IP" --tap "$TAP_DEV"
 }

+load_package_preset() {
+  local preset="$1"
+  local -n out="$2"
+  mapfile -t out < <("$BANGER_BIN" internal packages "$preset")
+  (( ${#out[@]} > 0 ))
+}
+
+write_rootfs_manifest_metadata() {
+  local rootfs_path="$1"
+  local manifest_hash="$2"
+  printf '%s\n' "$manifest_hash" > "${rootfs_path}.packages.sha256"
+}
+
 BASE_ROOTFS=""
 OUT_ROOTFS=""
 SIZE_SPEC=""
 INSTALL_DOCKER=0
+KERNEL=""
+INITRD=""
 MISE_VERSION="v2025.12.0"
 MISE_INSTALL_PATH="/usr/local/bin/mise"
 MISE_ACTIVATE_LINE='eval "$(/usr/local/bin/mise activate bash)"'
@ -122,8 +101,7 @@ TMUX_RESURRECT_REPO="https://github.com/tmux-plugins/tmux-resurrect"
 TMUX_CONTINUUM_REPO="https://github.com/tmux-plugins/tmux-continuum"
 TMUX_MANAGED_START="# >>> banger tmux plugins >>>"
 TMUX_MANAGED_END="# <<< banger tmux plugins <<<"
-MODULES_DIR="$(bundle_path default_modules_dir "$RUNTIME_DIR/wtf/root/lib/modules/6.8.0-94-generic")"
-PACKAGES_FILE="$(banger_packages_file)"
+MODULES_DIR=""
 while [[ $# -gt 0 ]]; do
  case "$1" in
    --out)
@ -187,6 +165,10 @@ if [[ "$OUT_ROOTFS" == *.ext4 ]]; then
 else
  WORK_SEED="${OUT_ROOTFS}.work-seed"
 fi
+if [[ -z "$KERNEL" ]]; then
+  log "kernel path is required; pass --kernel"
+  exit 1
+fi
 if [[ ! -f "$KERNEL" ]]; then
  log "kernel not found: $KERNEL"
  exit 1
@ -214,26 +196,22 @@ if ! command -v jq >/dev/null 2>&1; then
  exit 1
 fi
 if ! command -v sha256sum >/dev/null 2>&1; then
-  log "sha256sum required to record package manifest metadata"
-  exit 1
-fi
-if [[ ! -f "$PACKAGES_FILE" ]]; then
-  log "package manifest not found: $PACKAGES_FILE"
+  log "sha256sum required to record package preset metadata"
  exit 1
 fi
 if [[ ! -x "$VSOCK_AGENT" ]]; then
  log "vsock agent not found or not executable: $VSOCK_AGENT"
-  log "run 'make build' or refresh the runtime bundle"
+  log "run 'make build'"
  exit 1
 fi

 APT_PACKAGES=()
-if ! banger_packages_read_array APT_PACKAGES "$PACKAGES_FILE"; then
-  log "package manifest is empty: $PACKAGES_FILE"
+if ! load_package_preset debian APT_PACKAGES; then
+  log "debian package preset is empty"
  exit 1
 fi
-if ! PACKAGES_HASH="$(printf '%s\n' "${APT_PACKAGES[@]}" | banger_packages_hash_stream)"; then
-  log "failed to hash package manifest: $PACKAGES_FILE"
+if ! PACKAGES_HASH="$(printf '%s\n' "${APT_PACKAGES[@]}" | sha256sum | awk '{print $1}')"; then
+  log "failed to hash package preset"
  exit 1
 fi
 printf -v APT_PACKAGES_ESCAPED '%q ' "${APT_PACKAGES[@]}"
@ -587,7 +565,7 @@ for _ in $(seq 1 200); do
  fi
  sleep 0.05
 done
-banger_write_rootfs_manifest_metadata "$OUT_ROOTFS" "$PACKAGES_HASH"
+write_rootfs_manifest_metadata "$OUT_ROOTFS" "$PACKAGES_HASH"
 log "building work seed $WORK_SEED"
 "$BANGER_BIN" internal work-seed --rootfs "$OUT_ROOTFS" --out "$WORK_SEED"
 log "done"