release-targets: codename parameterisation, resolute default, Bianbu target, exposed.map overrides#295
Merged
Conversation
Contributor
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
WalkthroughManual release-target files were changed to replace literal Debian/Ubuntu codenames with symbolic Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Tip 💬 Introducing [Slack Agent](https://www.coderabbit.ai/agent): Turn conversations into code.Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.
Built for teams:
One agent for your entire SDLC. Right inside Slack. 👉 Get your free trial and get 200 agent minutes per Slack user (a $50 value). Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
github-actions
Bot
added
05
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@release-targets/targets-release-standard-support.manual`:
- Around line 100-102: The release manifest is missing thinkpad-x13s (BRANCH
sc8280xp) in the stable GNOME targets though it exists in the noble GNOME and
Cinnamon blocks; verify whether omission is intentional and if not, add
thinkpad-x13s with BRANCH: sc8280xp to the items list in
release-targets/targets-release-standard-support.manual so it mirrors the noble
entries, or add a comment explaining why sc8280xp is deferred (e.g., not
validated on resolute) to avoid regressions and maintain parity with oldstable
GNOME.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 7779469e-84ef-446d-9542-b99c6de1c5f0
📒 Files selected for processing (1)
release-targets/targets-release-standard-support.manual
github-actions
Bot
added
GitHub Actions
igorpecovnik
changed the title
Contributor
There was a problem hiding this comment.
🧹 Nitpick comments (2)
scripts/generate_targets.py (1)
43-65:resolve_release_tokensis correct; one fragility worth keeping in mind.The regex
RELEASE:\s*DEBIAN\bis unanchored and applied to the assembled YAML text, so it would also matchRELEASE: DEBIANif it ever showed up inside a YAML comment or a quoted string value. There are no such occurrences in the current generated/manual content (the PR explicitly removed bare codename words from comments), so this is safe today — just be aware that a future "describe a target withRELEASE: DEBIANin a comment" could silently get rewritten. If you ever want to harden this, anchoring on indentation (^\s+RELEASE:\s*DEBIAN\bwithre.MULTILINE) would restrict to map keys.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@scripts/generate_targets.py` around lines 43 - 65, The current resolve_release_tokens uses unanchored regexes that can match RELEASE: DEBIAN/UBUNTU inside comments or quoted strings; to harden it, anchor the patterns to line starts and use re.MULTILINE (e.g., change the two re.sub calls in resolve_release_tokens to match r"^\s*RELEASE:\s*"+re.escape(RELEASE_TOKEN_DEBIAN)+r"\b" and r"^\s*RELEASE:\s*"+re.escape(RELEASE_TOKEN_UBUNTU)+r"\b" and pass flags=re.MULTILINE or compile with re.MULTILINE) so only YAML map keys are replaced..github/workflows/generate-build-lists.yaml (1)
94-110: Passinputs.*viaenv:rather than direct expression interpolation.The current
"${{ inputs.debian_standard || 'trixie' }}"form expands inside the shell script before bash quoting, so any"/`/$in a dispatched value can break out of the quoted argument and inject shell. Dispatch is gated by team membership so the practical risk is low, but this is the GitHub-recommended pattern for any user-controlledinputs.*reachingrun:.♻️ Suggested refactor
- name: Run generate_targets.py # `inputs.*` is only populated on workflow_dispatch; push / # repository_dispatch fire with empty inputs, so each `||` # falls back to the same default the script's argparse uses. # Net effect: codename promotion is a workflow_dispatch knob; # automatic re-runs use the script's pinned defaults. + env: + DEBIAN_STANDARD: ${{ inputs.debian_standard || 'trixie' }} + UBUNTU_STANDARD: ${{ inputs.ubuntu_standard || 'noble' }} + DEBIAN_NIGHTLY: ${{ inputs.debian_nightly || 'forky' }} + UBUNTU_NIGHTLY: ${{ inputs.ubuntu_nightly || 'resolute' }} + DEBIAN_COMMUNITY: ${{ inputs.debian_community || 'trixie' }} + UBUNTU_COMMUNITY: ${{ inputs.ubuntu_community || 'noble' }} + DEBIAN_APPS: ${{ inputs.debian_apps || 'trixie' }} + UBUNTU_APPS: ${{ inputs.ubuntu_apps || 'noble' }} run: | python3 scripts/generate_targets.py image-info.json release-targets \ - --debian-standard "${{ inputs.debian_standard || 'trixie' }}" \ - --ubuntu-standard "${{ inputs.ubuntu_standard || 'noble' }}" \ - --debian-nightly "${{ inputs.debian_nightly || 'forky' }}" \ - --ubuntu-nightly "${{ inputs.ubuntu_nightly || 'resolute' }}" \ - --debian-community "${{ inputs.debian_community || 'trixie' }}" \ - --ubuntu-community "${{ inputs.ubuntu_community || 'noble' }}" \ - --debian-apps "${{ inputs.debian_apps || 'trixie' }}" \ - --ubuntu-apps "${{ inputs.ubuntu_apps || 'noble' }}" \ + --debian-standard "$DEBIAN_STANDARD" \ + --ubuntu-standard "$UBUNTU_STANDARD" \ + --debian-nightly "$DEBIAN_NIGHTLY" \ + --ubuntu-nightly "$UBUNTU_NIGHTLY" \ + --debian-community "$DEBIAN_COMMUNITY" \ + --ubuntu-community "$UBUNTU_COMMUNITY" \ + --debian-apps "$DEBIAN_APPS" \ + --ubuntu-apps "$UBUNTU_APPS" \ 2>&1 | tee -a generation.log🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/generate-build-lists.yaml around lines 94 - 110, The Run generate_targets.py step is interpolating inputs directly into the run script which risks shell injection; change to pass each inputs.* into the job environment and reference those env vars inside the run command. Add an env: block on the step mapping each input (e.g. DEBIAN_STANDARD from inputs.debian_standard with the same fallback, UBUNTU_STANDARD, DEBIAN_NIGHTLY, etc.), then in the run string replace the "${{ inputs... }}" expansions with their corresponding "$DEBIAN_STANDARD", "$UBUNTU_STANDARD", "$DEBIAN_NIGHTLY", "$UBUNTU_NIGHTLY", "$DEBIAN_COMMUNITY", "$UBUNTU_COMMUNITY", "$DEBIAN_APPS", "$UBUNTU_APPS" variables (keeping proper double quotes around each) so the values are expanded by the shell from env vars rather than by GitHub before shell parsing.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In @.github/workflows/generate-build-lists.yaml:
- Around line 94-110: The Run generate_targets.py step is interpolating inputs
directly into the run script which risks shell injection; change to pass each
inputs.* into the job environment and reference those env vars inside the run
command. Add an env: block on the step mapping each input (e.g. DEBIAN_STANDARD
from inputs.debian_standard with the same fallback, UBUNTU_STANDARD,
DEBIAN_NIGHTLY, etc.), then in the run string replace the "${{ inputs... }}"
expansions with their corresponding "$DEBIAN_STANDARD", "$UBUNTU_STANDARD",
"$DEBIAN_NIGHTLY", "$UBUNTU_NIGHTLY", "$DEBIAN_COMMUNITY", "$UBUNTU_COMMUNITY",
"$DEBIAN_APPS", "$UBUNTU_APPS" variables (keeping proper double quotes around
each) so the values are expanded by the shell from env vars rather than by
GitHub before shell parsing.
In `@scripts/generate_targets.py`:
- Around line 43-65: The current resolve_release_tokens uses unanchored regexes
that can match RELEASE: DEBIAN/UBUNTU inside comments or quoted strings; to
harden it, anchor the patterns to line starts and use re.MULTILINE (e.g., change
the two re.sub calls in resolve_release_tokens to match
r"^\s*RELEASE:\s*"+re.escape(RELEASE_TOKEN_DEBIAN)+r"\b" and
r"^\s*RELEASE:\s*"+re.escape(RELEASE_TOKEN_UBUNTU)+r"\b" and pass
flags=re.MULTILINE or compile with re.MULTILINE) so only YAML map keys are
replaced.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 1e41a98f-99e8-4247-a38d-509a2748195e
📒 Files selected for processing (3)
.github/workflows/generate-build-lists.yamlrelease-targets/targets-release-standard-support.manualscripts/generate_targets.py
igorpecovnik
added a commit
that referenced
this pull request
Apr 25, 2026
Commit e1e5c5d ("promote Ubuntu resolute to stable, demote noble to oldstable") added a second set of Ubuntu blocks (`minimal-stable-ubuntu-uefi` + `desktop-stable-ubuntu-gnome-uefi`, both pinned to resolute) alongside the existing noble blocks that were renamed `*-oldstable-*`. Under the RELEASE codename substitution introduced in 6590973 both blocks resolve to the same `--ubuntu-standard` codename per generator invocation, so stable and oldstable are duplicates — the same image gets built twice, once under each label. The structural split was the right answer to "promote resolute" when that meant editing literal codenames in YAML; with the symbolic token + flag flip, it's an extra build matrix slot that produces nothing new. Drop the two `*-stable-*` resolute blocks. Rename the three `*-oldstable-*` blocks back to `*-stable-*` (their pre-e1e5c5d names). Drop the `(stable)` / `(oldstable)` annotations from header comments — those distinctions are no longer real, the codename comes from the flag now. Net result: file is byte-for-byte the pre-PR-#295 state from main, plus the four `RELEASE: noble|trixie` → `RELEASE: UBUNTU|DEBIAN` token swaps and four codename words removed from descriptive comments. Promoting Ubuntu standard to resolute now becomes a `--ubuntu-standard=resolute` flag flip on the workflow dispatch, no manual file edits.
igorpecovnik
added
Ready to merge
github-actions
Bot
added
Needs review
Contributor
There was a problem hiding this comment.
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
release-targets/targets-release-nightly.manual (1)
38-77:⚠️ Potential issue | 🟡 MinorDefault-run output for the legacy
*-trixie/*-nobleblocks now changes (intentional collapse — please confirm).Pre-PR,
minimal-cli-stable-debian-cloud-trixieemittedRELEASE: trixieandminimal-cli-stable-ubuntu-cloud-nobleemittedRELEASE: noble. With the new substitution model and the nightly defaults (--debian-nightly=forky,--ubuntu-nightly=resolute), both legacy blocks now resolve to the same codename asminimal-cli-unstable-debian-cloud/minimal-cli-stable-ubuntu-cloud, making them byte-for-byte duplicate target stanzas (samevars, sameitems). Two implications worth confirming:
- The "unflagged run is byte-identical to previous output" property in the PR description does not hold for these two stanzas — their
RELEASE:flips fromtrixie/nobletoforky/resoluteat defaults. If the byte-identical check still passes, it's likely because these blocks were already changed (or compared post-substitution); worth double-checking what the reference output actually contains.- Two identical stanzas under different YAML keys means CI will build the same image twice per nightly run. The comments correctly flag this; just want to make sure that's an acceptable cost until the planned follow-up drops them or introduces a
DEBIAN_TESTING/DEBIAN_STABLEtoken split.The comments on Lines 38–42 and 59–62 already document this clearly, so this is a heads-up rather than a blocker.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@release-targets/targets-release-nightly.manual` around lines 38 - 77, The legacy targets minimal-cli-stable-debian-cloud-trixie and minimal-cli-stable-ubuntu-cloud-noble now resolve to the same RELEASE values as their unstable counterparts, causing byte-identical duplicate builds; update these stanzas to restore explicit codenames or deduplicate them: either set explicit vars RELEASE: trixie and RELEASE: noble in the minimal-cli-stable-debian-cloud-trixie and minimal-cli-stable-ubuntu-cloud-noble blocks respectively, or remove one of each duplicate block (or introduce distinct tokens like DEBIAN_STABLE/DEBIAN_TESTING) so CI does not build the same image twice under different keys and the unflagged default output remains byte-identical to previous runs.
🧹 Nitpick comments (1)
scripts/generate_targets.py (1)
43-65: Substitution is not actually comment-safe — anchor the regex to the line start.The PR description claims "block-key/comment safety", but the current pattern
r"RELEASE:\s*DEBIAN\b"has no anchor and will rewrite the token wherever it appears, including inside YAML comments. Concrete examples in this PR:
release-targets/targets-release-nightly.manualLines 38–42 and 59–62 contain comments like# both blocks resolve to RELEASE: DEBIAN under the substitution model— afterresolve_release_tokens()runs, those comments becomeRELEASE: forky(or whatever--debian-nightlyis), so the meta-documentation about the substitution model itself gets rewritten and loses its explanatory value.- Per the AI summary, similar wording exists in
release-targets/README.md.It's not a correctness bug for YAML loaders (comments are still comments), but it directly contradicts the stated guarantee and silently mutates documentation. A line-anchored variant fixes both:
♻️ Anchor to start-of-line so only real YAML keys are substituted
yaml_text = re.sub( - r"RELEASE:\s*" + re.escape(RELEASE_TOKEN_DEBIAN) + r"\b", + r"^(\s*)RELEASE:(\s*)" + re.escape(RELEASE_TOKEN_DEBIAN) + r"\b", f"RELEASE: {debian}", yaml_text, + flags=re.MULTILINE, ) yaml_text = re.sub( - r"RELEASE:\s*" + re.escape(RELEASE_TOKEN_UBUNTU) + r"\b", + r"^(\s*)RELEASE:(\s*)" + re.escape(RELEASE_TOKEN_UBUNTU) + r"\b", f"RELEASE: {ubuntu}", yaml_text, + flags=re.MULTILINE, )(If you want to preserve the original indent/spacing in the substitution, switch the replacement to
r"\1RELEASE:\2{debian}"style. The simpler anchored form above is enough to keep comments untouched and still matches every real YAML stanza ingenerate_*_yaml()and the manual files, since they all useRELEASE: TOKENat the start of the line.)🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@scripts/generate_targets.py` around lines 43 - 65, The substitution in resolve_release_tokens currently matches RELEASE tokens anywhere (including in comments); change the regexes to anchor to the start of a line (allowing optional leading indentation) and run with the re.MULTILINE flag so only actual YAML key lines are replaced; update the two calls that match RELEASE_TOKEN_DEBIAN and RELEASE_TOKEN_UBUNTU in resolve_release_tokens to use a start-of-line pattern (optionally capturing the leading whitespace so you can preserve indentation in the replacement) and pass re.MULTILINE to re.sub.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Outside diff comments:
In `@release-targets/targets-release-nightly.manual`:
- Around line 38-77: The legacy targets minimal-cli-stable-debian-cloud-trixie
and minimal-cli-stable-ubuntu-cloud-noble now resolve to the same RELEASE values
as their unstable counterparts, causing byte-identical duplicate builds; update
these stanzas to restore explicit codenames or deduplicate them: either set
explicit vars RELEASE: trixie and RELEASE: noble in the
minimal-cli-stable-debian-cloud-trixie and minimal-cli-stable-ubuntu-cloud-noble
blocks respectively, or remove one of each duplicate block (or introduce
distinct tokens like DEBIAN_STABLE/DEBIAN_TESTING) so CI does not build the same
image twice under different keys and the unflagged default output remains
byte-identical to previous runs.
---
Nitpick comments:
In `@scripts/generate_targets.py`:
- Around line 43-65: The substitution in resolve_release_tokens currently
matches RELEASE tokens anywhere (including in comments); change the regexes to
anchor to the start of a line (allowing optional leading indentation) and run
with the re.MULTILINE flag so only actual YAML key lines are replaced; update
the two calls that match RELEASE_TOKEN_DEBIAN and RELEASE_TOKEN_UBUNTU in
resolve_release_tokens to use a start-of-line pattern (optionally capturing the
leading whitespace so you can preserve indentation in the replacement) and pass
re.MULTILINE to re.sub.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: e74419e7-3753-4e17-8ecd-2c54ca457557
📒 Files selected for processing (5)
release-targets/README.mdrelease-targets/targets-release-community-maintained.manualrelease-targets/targets-release-nightly.manualrelease-targets/targets-release-standard-support.manualscripts/generate_targets.py
✅ Files skipped from review due to trivial changes (2)
- release-targets/README.md
- release-targets/targets-release-community-maintained.manual
🚧 Files skipped from review as they are similar to previous changes (1)
- release-targets/targets-release-standard-support.manual
Contributor
There was a problem hiding this comment.
🧹 Nitpick comments (5)
scripts/generate_targets.py (4)
29-30: Ruff S105 here is a false positive — safe to ignore or silence.Ruff is flagging
RELEASE_TOKEN_DEBIAN/RELEASE_TOKEN_UBUNTUas possible hardcoded passwords because of the_TOKEN_substring in the name. These are obviously placeholder strings, not credentials. If the noise is unwanted, a# noqa: S105on each line (or a per-file ignore in your ruff config) clears it without renaming.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@scripts/generate_targets.py` around lines 29 - 30, Ruff is flagging RELEASE_TOKEN_DEBIAN and RELEASE_TOKEN_UBUNTU as S105 false positives; to silence this, add a per-line noqa comment by appending "# noqa: S105" to the RELEASE_TOKEN_DEBIAN and RELEASE_TOKEN_UBUNTU definitions, or alternatively add a per-file or project-level S105 ignore in your ruff config if you prefer to suppress this rule for the file.
1192-1192: Target names still hardcode codenames (forky,resolute,trixie,noble) — flag-flip promotion is incomplete.The PR's stated goal is that "Promoting nightly to a new Debian … becomes a single flag flip, not a 30-place codename rename." But target keys like
nightly-forky-all,nightly-resolute-gnome,nightly-resolute-xfce,nightly-resolute-riscv64-xfce,nightly-resolute-minimal,community-trixie-all,community-noble-gnome,community-noble-kde-neon,community-noble-xfce,community-noble-riscv64-xfce, andcommunity-noble-minimalare emitted as static strings and are not run throughresolve_release_tokens(which only matchesRELEASE: <token>). After flipping--debian-nightlyfromforkyto (say)trixie, the YAML will containnightly-forky-all:withRELEASE: trixie— internally inconsistent, and any downstream tooling/dashboards keyed on these target names will silently break or need a parallel rename.Two reasonable options:
- Make target names codename-agnostic (e.g.,
nightly-debian-all,nightly-ubuntu-gnome,community-debian-all,community-ubuntu-gnome, …) — this also matches what the manual/standard side already does (minimal-stable-debian,desktop-stable-ubuntu-xfce).- Or substitute the codename into the name at generate time using the same per-scope codenames already threaded through
main().Option 1 is the cheaper and more consistent fix and aligns nightly/community naming with the rest of the file.
Also applies to: 1217-1217, 1239-1239, 1261-1261, 1283-1283, 1458-1458, 1503-1503, 1529-1529, 1555-1555, 1582-1582, 1609-1609
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@scripts/generate_targets.py` at line 1192, The generated target keys are hardcoded with codenames (e.g., nightly-forky-all, community-noble-gnome) causing mismatch after a RELEASE token flip; update the generator in scripts/generate_targets.py (where targets are emitted in the same scope as resolve_release_tokens and main()) to produce codename-agnostic keys (e.g., nightly-debian-all, nightly-ubuntu-gnome, community-debian-all) instead of embedding the codename, or alternatively substitute the codename at generation time using the per-scope codename passed through main() and the same token resolution machinery; change the static string keys referenced around the existing occurrences (nightly-forky-all, nightly-resolute-*, community-trixie-*, community-noble-*) to the chosen codename-agnostic names (or build them from the resolved codename) so emitted YAML keys remain consistent with RELEASE values and downstream tooling.
1128-1138: Docstrings/comments still pin specific codenames (Forky,Resolute,Noble,bookworm).
generate_nightly_yamldocstring (1130–1138) andgenerate_community_yamldocstring (1308–1313) describe the output in terms ofForky/Resolute/Noble, and the inline notes at lines 1297 and 1628 refer toresolute/noble/bookworm. After this PR, those codenames are runtime-configurable via--debian-{nightly,community}/--ubuntu-{nightly,community}, so the docs are now stale and misleading. Also,bookwormis no longer used anywhere in the generator, so the loongarch notes are doubly wrong.Suggest making these generic (e.g., "Debian minimal CLI", "Ubuntu desktop", "loongarch boards only get the Debian minimal image").
Also applies to: 1297-1297, 1307-1314, 1628-1628
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@scripts/generate_targets.py` around lines 1128 - 1138, Update the stale hard-coded release codenames in the generate_nightly_yaml and generate_community_yaml docstrings and any inline comments that reference "Forky", "Resolute", "Noble", or "bookworm" to use generic descriptions (e.g., "Debian minimal CLI", "Ubuntu desktop", "Debian minimal for loongarch") because Debian/Ubuntu codenames are now runtime-configurable via the --debian-{nightly,community} and --ubuntu-{nightly,community} flags; specifically, edit the docstrings in generate_nightly_yaml and generate_community_yaml and the nearby inline notes that currently mention resolute/noble/bookworm to remove codename assertions and to state that codenames are configurable at runtime and that loongarch boards receive the Debian minimal CLI image.
54-64: Regex isn't anchored beforeRELEASE:, so it can match a suffix of an unrelated key.The pattern
RELEASE:\s*DEBIAN\bhas a\bafter the token but no anchor beforeRELEASE. A YAML key likeKERNEL_RELEASE: DEBIAN(or any future*_RELEASE: DEBIAN) would still be substituted because_RELEASE:ends with the same characters. The PR description claims "word-boundary and block-key/comment safety", which would require(?<!\w)RELEASE:(or^\s*RELEASE:per-line) to actually hold.No such key exists today, so no current breakage — but worth tightening defensively since the cost is one lookbehind.
♻️ Suggested tightening
yaml_text = re.sub( - r"RELEASE:\s*" + re.escape(RELEASE_TOKEN_DEBIAN) + r"\b", + r"(?<!\w)RELEASE:\s*" + re.escape(RELEASE_TOKEN_DEBIAN) + r"\b", f"RELEASE: {debian}", yaml_text, ) yaml_text = re.sub( - r"RELEASE:\s*" + re.escape(RELEASE_TOKEN_UBUNTU) + r"\b", + r"(?<!\w)RELEASE:\s*" + re.escape(RELEASE_TOKEN_UBUNTU) + r"\b", f"RELEASE: {ubuntu}", yaml_text, )🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@scripts/generate_targets.py` around lines 54 - 64, The current re.sub calls replace any occurrence of "RELEASE: TOKEN" even when it's part of a longer key (e.g., "KERNEL_RELEASE: DEBIAN"); tighten the regex in the two replacements so it only matches a block key by anchoring before RELEASE, e.g. use a multiline start anchor or negative-word lookbehind (patterns like (?m)^\s*RELEASE:\s* + re.escape(RELEASE_TOKEN_DEBIAN) + \b and similarly for RELEASE_TOKEN_UBUNTU) and apply them to the same yaml_text variables so only top-level RELEASE keys are substituted..github/workflows/generate-build-lists.yaml (1)
10-42: Defaults are duplicated three times — workflow input defaults, inline||fallbacks, andSCOPE_DEFAULTSin the script.Each codename default now lives in three places:
workflow_dispatch.inputs.*.default(lines 14, 18, 22, 26, 30, 34, 38, 42)${{ inputs.* || '<literal>' }}fallback in the run step (lines 102–109)SCOPE_DEFAULTSinscripts/generate_targets.pyIf any of these drift (e.g., a future codename promotion updates only the workflow input default but forgets the inline fallback),
push/repository_dispatchruns andworkflow_dispatchruns will silently produce different outputs. Two cheaper alternatives:
- Drop the
|| '<literal>'fallbacks and just pass"${{ inputs.* }}"— argparse in the script will fall back toSCOPE_DEFAULTSwhen the value is empty… but only if you also handle empty strings in argparse (currentlydefault=...only kicks in when the flag is absent, not when it's passed as""). So this needs a small tweak in the script (e.g.,type=lambda v: v or defaults["debian"]).- Or, simpler and zero script change: drop the
inputs.*.defaultblock and rely on the||fallback as the single source of truth for non-script defaults. The dispatch UI will show empty fields, which is mildly less friendly but eliminates one of the three copies.Not a blocker for this PR, but worth a note before the next codename promotion lands.
Also applies to: 100-110
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/generate-build-lists.yaml around lines 10 - 42, Remove the duplicated inline "|| '<literal>'" fallbacks in the workflow run step and pass the raw inputs (e.g., use "${{ inputs.debian_standard }}" etc.), and update the script's argparse logic in scripts/generate_targets.py to treat empty strings as missing by using a small type/coerce function (e.g., change the argparse.add_argument for each scope to use type=lambda v: v or SCOPE_DEFAULTS["debian"/"ubuntu"/...]) or equivalent post-processing so SCOPE_DEFAULTS is the single source of truth; reference the workflow input names (debian_standard, ubuntu_standard, debian_nightly, ubuntu_nightly, debian_community, ubuntu_community, debian_apps, ubuntu_apps) and the SCOPE_DEFAULTS mapping when making the change.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In @.github/workflows/generate-build-lists.yaml:
- Around line 10-42: Remove the duplicated inline "|| '<literal>'" fallbacks in
the workflow run step and pass the raw inputs (e.g., use "${{
inputs.debian_standard }}" etc.), and update the script's argparse logic in
scripts/generate_targets.py to treat empty strings as missing by using a small
type/coerce function (e.g., change the argparse.add_argument for each scope to
use type=lambda v: v or SCOPE_DEFAULTS["debian"/"ubuntu"/...]) or equivalent
post-processing so SCOPE_DEFAULTS is the single source of truth; reference the
workflow input names (debian_standard, ubuntu_standard, debian_nightly,
ubuntu_nightly, debian_community, ubuntu_community, debian_apps, ubuntu_apps)
and the SCOPE_DEFAULTS mapping when making the change.
In `@scripts/generate_targets.py`:
- Around line 29-30: Ruff is flagging RELEASE_TOKEN_DEBIAN and
RELEASE_TOKEN_UBUNTU as S105 false positives; to silence this, add a per-line
noqa comment by appending "# noqa: S105" to the RELEASE_TOKEN_DEBIAN and
RELEASE_TOKEN_UBUNTU definitions, or alternatively add a per-file or
project-level S105 ignore in your ruff config if you prefer to suppress this
rule for the file.
- Line 1192: The generated target keys are hardcoded with codenames (e.g.,
nightly-forky-all, community-noble-gnome) causing mismatch after a RELEASE token
flip; update the generator in scripts/generate_targets.py (where targets are
emitted in the same scope as resolve_release_tokens and main()) to produce
codename-agnostic keys (e.g., nightly-debian-all, nightly-ubuntu-gnome,
community-debian-all) instead of embedding the codename, or alternatively
substitute the codename at generation time using the per-scope codename passed
through main() and the same token resolution machinery; change the static string
keys referenced around the existing occurrences (nightly-forky-all,
nightly-resolute-*, community-trixie-*, community-noble-*) to the chosen
codename-agnostic names (or build them from the resolved codename) so emitted
YAML keys remain consistent with RELEASE values and downstream tooling.
- Around line 1128-1138: Update the stale hard-coded release codenames in the
generate_nightly_yaml and generate_community_yaml docstrings and any inline
comments that reference "Forky", "Resolute", "Noble", or "bookworm" to use
generic descriptions (e.g., "Debian minimal CLI", "Ubuntu desktop", "Debian
minimal for loongarch") because Debian/Ubuntu codenames are now
runtime-configurable via the --debian-{nightly,community} and
--ubuntu-{nightly,community} flags; specifically, edit the docstrings in
generate_nightly_yaml and generate_community_yaml and the nearby inline notes
that currently mention resolute/noble/bookworm to remove codename assertions and
to state that codenames are configurable at runtime and that loongarch boards
receive the Debian minimal CLI image.
- Around line 54-64: The current re.sub calls replace any occurrence of
"RELEASE: TOKEN" even when it's part of a longer key (e.g., "KERNEL_RELEASE:
DEBIAN"); tighten the regex in the two replacements so it only matches a block
key by anchoring before RELEASE, e.g. use a multiline start anchor or
negative-word lookbehind (patterns like (?m)^\s*RELEASE:\s* +
re.escape(RELEASE_TOKEN_DEBIAN) + \b and similarly for RELEASE_TOKEN_UBUNTU) and
apply them to the same yaml_text variables so only top-level RELEASE keys are
substituted.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: c2a2585f-238d-449f-b333-e75eb8c32157
📒 Files selected for processing (5)
.github/workflows/generate-build-lists.yamlrelease-targets/README.mdrelease-targets/targets-release-community-maintained.manualrelease-targets/targets-release-standard-support.manualscripts/generate_targets.py
🚧 Files skipped from review as they are similar to previous changes (2)
- release-targets/targets-release-standard-support.manual
- release-targets/README.md
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@scripts/generate_targets.py`:
- Around line 35-39: SCOPE_DEFAULTS has incorrect Ubuntu codenames: update the
"ubuntu" entries for the "standard" and "community" scopes in the SCOPE_DEFAULTS
dict so they match the previous/default pin (change from "resolute" to "noble");
edit the dictionary literal where SCOPE_DEFAULTS is defined and replace the
ubuntu value for the "standard" and "community" keys accordingly.
- Around line 54-63: The regex used to replace tokens in yaml_text is too broad
and can match keys like FOO_RELEASE; update both substitutions (the ones
referencing RELEASE_TOKEN_DEBIAN and RELEASE_TOKEN_UBUNTU) to only match the
YAML key at the start of a line by using a multiline anchored pattern (e.g. use
^\s*RELEASE:\s*... with the re.MULTILINE flag or a (?m) prefix) so only the
literal RELEASE key is replaced; keep the same replacement values but ensure the
regex anchors to line starts to avoid touching keys that contain _RELEASE.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: a2a0d044-5281-4c43-8377-e0c893a95494
📒 Files selected for processing (1)
scripts/generate_targets.py
Replace the literal Debian / Ubuntu codenames in
release-targets/*.manual and the hardcoded sections of
scripts/generate_targets.py with two symbolic tokens — DEBIAN and
UBUNTU — that get substituted at generation time. Each output file
(standard-support, nightly, community-maintained, apps) gets its own
(debian, ubuntu) flag pair plumbed through to
resolve_release_tokens(), so promoting any release line is a single
CLI flag flip in the workflow rather than a multi-place rename.
Mechanics:
* SCOPE_DEFAULTS at module top centralises the per-scope pair.
Defaults (trixie/noble for standard + community + apps,
forky/resolute for nightly) reproduce the pre-refactor literal
pins exactly — running with no flags is bit-identical to
pre-refactor output, modulo the symbolic-token round-trip.
* resolve_release_tokens() rewrites `RELEASE: UBUNTU` /
`RELEASE: DEBIAN` to the supplied codenames. Anchored to
start-of-line so a sibling key like `KERNEL_RELEASE: UBUNTU`
can't have its substring overwritten and end up with a corrupted
value. Indentation is captured and restored; \b word-boundary on
the token side prevents false-matching `UBUNTU_FOO`-style
identifiers; re.escape on the token guards against regex
metacharacters.
* generate_exposed_map() also accepts the per-scope codename pairs
and bakes the right pair into each board's regex (stable boards
→ standard codenames, community boards → community codenames).
Without this, YAML output would track promotions but exposed.map
would keep matching old codenames, dropping "recommended images"
off the website.
* .github/workflows/generate-build-lists.yaml exposes all 8 flags
as workflow_dispatch.inputs with matching defaults; push and
repository_dispatch triggers (which carry no inputs) get the
SCOPE_DEFAULTS via `${{ inputs.X || 'default' }}`.
* release-targets/README.md documents the per-scope flags and the
promotion workflow.
* Descriptive comments in the manual fragments and emit functions
no longer mention specific codenames since the codename is now
dynamic ("Debian trixie minimal" → "Debian minimal").
Promoting Ubuntu standard to a new release becomes:
- workflow_dispatch with `ubuntu_standard=<codename>`
- done
No code change, no PR, no rename across N files.
Flip --ubuntu-standard and --ubuntu-community defaults from noble to resolute. The substitution machinery from the previous commit makes this a one-line change to SCOPE_DEFAULTS plus the workflow input default. Apps and nightly defaults stay unchanged (apps tracks the last LTS for build-image stability; nightly was already on resolute). Output codenames in standard-support and community-maintained release-targets YAMLs move from noble → resolute on next regeneration. Per-board exposed.map regexes pick up resolute via the threading landed in the previous commit; there's no separate place to update. The workflow inputs can still be overridden per-run for one-off backfills (e.g. workflow_dispatch with ubuntu_standard=noble would emit a noble-targeted set without touching this file).
The generator's hardcoded desktop blocks all set DESKTOP_TIER
explicitly (mid for normal blocks, minimal only for the
riscv64-xfce slow-hardware block) but the three manual desktop
override blocks lacked it entirely:
standard-support desktop-stable-ubuntu-gnome-uefi (no TIER)
standard-support desktop-stable-ubuntu-cinnamon-uefi (no TIER)
community desktop-stable-debian-xfce (no TIER)
Add DESKTOP_TIER: "mid" to all three, matching the generator's
default desktop tier. Same insertion point — right after
DESKTOP_APPGROUPS_SELECTED — so the var ordering is consistent
with the script-emitted blocks.
mid is the right default here:
- The two standard-support blocks target UEFI / Qualcomm /
MediaTek hardware that comfortably runs the mid bundle
(browsers + programming appgroup is already selected).
- The community block runs on aml-s9xx-box and only enables
XFCE without any appgroups — mid is still appropriate;
minimal would drop standard XFCE companion utils.
Emit a `desktop-stable-ubuntu-riscv64-bianbu` target alongside the existing XFCE one, scoped to legacy-branch riscv64 boards only and pinned to the noble release. Why so narrow: - Bianbu's PVR DRI userspace is built against the SpacemiT BSP kernel that lives on the legacy branch — current/edge kernels won't have a matching DRI driver, so a Bianbu image on those branches would boot to llvmpipe at best. - archive.spacemit.com only ships SpacemiT's Mesa fork (the 24.01bbx build with the PVR DRI backend, pinned via configng's bianbu.yaml, see armbian/configng#897) for noble snapshots. The resolute archive has no matching snapshots yet — only resolute-customization and resolute-porting at v4.0betaN exist server-side, with no resolute* base. So `RELEASE: noble` is hardcoded literal here, not the substitutable `UBUNTU` token, otherwise the release-targets-promote-resolute-to-stable flag flip on the parent branch would silently retarget Bianbu at a release that can't build. Tier=mid because bianbu-minimal is intentionally bare-bones (DE meta + K1 hardware enablement only); mid adds the full Bianbu desktop + camera stack, which is what users picking a Bianbu image expect. Items reference *stable-legacy-riscv64 (already defined upstream when legacy_riscv64 is non-empty), so the same gate applies and the block is skipped on builds with no legacy riscv64 boards.
generate_exposed_map() picks the (release, branch, suffix) tuple
algorithmically — riscv64 → xfce_desktop, fast video → gnome,
slow video → xfce, headless → ubuntu minimal, loongarch → no
desktop pattern. When a vendor BSP is tied to a combination outside
the algorithmic default — e.g. SpacemiT K1 boards on noble/legacy
with Bianbu desktop, where archive.spacemit.com only ships the PVR
DRI Mesa fork (24.01bbx) for noble and the matching kernel BSP
lives on the legacy branch — the algorithm picks the wrong target
and "recommended images" point at images that never get built.
Add a sidecar release-targets/exposed.map.overrides.yaml whose
entries can redirect either of the two regex patterns
generate_exposed_map emits per board:
overrides:
- boardfamily: <name> # OR boards: [b1, b2, ...]
minimal: # pattern 1 override
release: <codename>
branch: <branch>
suffix: <token> # default "minimal"
desktop: # pattern 2 override
release: <codename>
branch: <branch>
suffix: <token> # full literal tail, e.g. bianbu_desktop
Either inner block may be omitted to leave that pattern at its
algorithmic default. Inside each block, every field is optional
and falls through.
A per-board entry overlays a boardfamily entry block-by-block, then
field-by-field. A per-board entry that sets only `minimal:` keeps
the family's `desktop:` block intact; a per-board
`desktop: {suffix: x}` keeps the family's
`desktop.{release, branch}` while replacing only `suffix`. Use this
to carve a partial exception out of a boardfamily rule without
repeating its other blocks.
First-shipped overrides:
* spacemit boardfamily → minimal=noble/legacy,
desktop=noble/legacy/bianbu_desktop. Matches the build target
`desktop-stable-ubuntu-riscv64-bianbu` (added in a separate
commit) and the configng pinning of Bianbu's Mesa fork
(armbian/configng#897).
* bananapif3 + musepipro per-board overlay → minimal=trixie/current
(those two boards do ship a current-branch trixie minimal
alongside the noble/legacy desktop), desktop unchanged from the
family entry via the overlay merge.
Loader is regex-only (no bash sourcing); cycles in source-via-yaml
references are guarded by a visited set; malformed entries (no
match key, non-mapping inner blocks, unknown top-level keys) are
dropped with a warning so a typo can't silently rewrite the
recommended-image set for every board in the world.
igorpecovnik
force-pushed
the
release-targets-promote-resolute-to-stable
branch
from
41ef642 to
09109b8
Compare
igorpecovnik
changed the title
Six concrete fixes plus a tidy of the section flow:
* Replace the literal "Ubuntu Noble" sprinkled through "Generated
files" — the standard-support and community defaults flipped
from noble to resolute in the previous commits in this branch,
so those references were stale and would mislead anyone using
the README to figure out what the matrix produces today. Switch
to neutral wording that points at the per-scope flag instead of
naming a specific codename.
* Document `exposed.map.overrides.yaml`. It's a real input (loaded
by `load_exposed_overrides` and consumed by
`generate_exposed_map`) but was completely missing from the
inputs table and the configuration-file-formats section. Adds
the schema and the merge semantics ("per-board entries overlay
boardfamily entries block-by-block then field-by-field") so the
next person editing it has a reference.
* Document `exposed.map` itself as a generated output. Previously
"Generated Files" only listed the four `targets-release-*.yaml`
files, even though `exposed.map` is also written.
* Mention `reusable.yml` (the virtual-board mechanism) in the
inputs table. Its own header has a thorough schema explanation,
so this README just points at it rather than duplicating.
* Update the manual-fragment example to include `DESKTOP_TIER:
"mid"` on a desktop block. It's required for armbian-config's
tiered install to pick the right tier; without it the install
falls back to the parser default and silently produces a
different package set than intended.
* Replace the `--ubuntu-nightly oracular` example with
`questing`. oracular is Ubuntu 24.10 and was already past EOL,
so as a forward-looking example it aged badly.
Section-level cleanup: rename "Configuration Files" → "Inputs" and
"Generated Files" → "Outputs" with a one-line preamble each, then
collapse the per-target enumeration into a description of what
*categories* the generator emits (minimal / desktop / apps and the
arch / branch / DE axes they fan out across) rather than a literal
list that was already incomplete and would need editing on every
new emit.
Net: +131 / -167 lines. README is more accurate, more complete, and
slightly shorter.
igorpecovnik
added
Ready to merge
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Five-commit refresh of the release-targets generator pipeline. The driving change is the codename-token substitution that lets a release line be promoted with a single workflow-input flip; the rest are short follow-ups that build on it.
4dc31cddca9fb6--ubuntu-standard+--ubuntu-communitydefaults to resolute052c8c7fd6f5c309109b835dceddrelease-targets/README.mdrefresh — docs the new inputs / outputs / overrides schema, drops stale codename references(1) Per-scope DEBIAN/UBUNTU codename substitution
Replace literal Debian / Ubuntu codenames in
release-targets/*.manualand the hardcoded sections ofscripts/generate_targets.pywith two symbolic tokens —DEBIANandUBUNTU— that get substituted with real codenames at generation time. Each of the four output files gets its own (debian, ubuntu) flag pair, so promoting any release line is a single CLI flag flip instead of a multi-place rename.What gets templated
DEBIANtrixieDEBIANforkyUBUNTUnobleUBUNTUresoluteRELEASE: sid(apps-kali) stays literal — Kali tracks Debian unstable forever, that's not a "current Debian stable" pin.Per-scope flags
SCOPE_DEFAULTSat module top centralises the per-scope pair. Pre-promotion defaults (trixie/noble for standard + community + apps, forky/resolute for nightly) reproduce the pre-refactor literal pins exactly — running with no flags is bit-identical to the pre-refactor output (modulo the symbolic-token round-trip).Substitution mechanics
resolve_release_tokens()usesre.sub(r'(?m)^(\s*)RELEASE:\s*<TOKEN>\b', ...)— anchored to start-of-line so only the literalRELEASE:YAML key is matched. A hypothetical sibling key likeKERNEL_RELEASE: UBUNTUwould otherwise have itsRELEASE: UBUNTUsubstring matched and overwritten, leavingKERNEL_RELEASE: <codename>(corrupted value, prefix preserved). Leading indentation is captured and restored in the replacement so the YAML's whitespace stays intact; the\bword boundary on the token side prevents false-matching againstUBUNTU_FOO-style identifiers;re.escapeon the token guards against regex metacharacters.exposed.map threading
generate_exposed_mapregex patterns previously had_trixie_and_noble_hardcoded — separate from the YAML-output flags. Promoting via--*-standardwould update the*.yamlfiles but exposed.map would keep matching old codenames, and "recommended images" on the website would silently drop off.The function now takes the four codenames (debian/ubuntu × standard/community) as keyword args; per-board it picks the right pair based on
board_type(stable boards → standard flags; community boards → community flags) and bakes that pair into the regex pattern strings. A single flag flip atomically updates both the build matrix and the recommended-images filter.Workflow plumbing
.github/workflows/generate-build-lists.yamlexposes all 8 flags asworkflow_dispatch.inputswith matching defaults. TheRun generate_targets.pystep uses${{ inputs.X || 'default' }}so push /repository_dispatchtriggers (which don't carry inputs) still get the right defaults.Promoting a release line becomes:
<distro>_<scope>inputNo code changes, no PR, no rename across N files.
Comment cleanup
Descriptive comments in the manual fragments and emit functions no longer mention specific codenames since the codename is now dynamic ("Debian trixie minimal" → "Debian minimal").
(2) Promote standard + community defaults to resolute
Flip
--ubuntu-standardand--ubuntu-communitydefaults fromnobletoresolute. The substitution machinery from commit 1 makes this a one-line change toSCOPE_DEFAULTSplus the matching workflow-input default. Apps and nightly defaults stay unchanged (apps tracks the last LTS for build-image stability; nightly was already on resolute).Output codenames in standard-support and community-maintained release-targets YAMLs move from noble → resolute on next regeneration. Per-board exposed.map regexes pick up resolute via the threading from commit 1; there's no separate place to update.
The workflow inputs can still be overridden per-run for one-off backfills (e.g.
workflow_dispatchwithubuntu_standard=noblewould emit a noble-targeted set without touching this file).(3) DESKTOP_TIER on the manual desktop blocks
The manual
*-desktopblocks inrelease-targets/*.manualwere missing theDESKTOP_TIERvar that armbian-config'smodule_desktops installreads to pick which tier (minimal / mid / full) to assemble. Without it, the install silently fell back to the parser's default and produced a different package set than the operator intended.Adds
DESKTOP_TIER: "mid"to each manual desktop block in:release-targets/targets-release-standard-support.manualrelease-targets/targets-release-community-maintained.manualThree-line addition total. Auto-generated desktop blocks emitted by
generate_*_yamlalready setDESKTOP_TIER; this just brings the manually-curated ones into line.(4) Bianbu desktop riscv64 build target
Add
desktop-stable-ubuntu-riscv64-bianbualongside the existingdesktop-stable-ubuntu-riscv64-xfceblock. Scoped narrowly:RELEASE: noblehardcoded literal (not the substitutableUBUNTUtoken), because archive.spacemit.com only ships SpacemiT's Mesa fork (24.01bbx, with the PVR DRI backend) for noble snapshots. Resolute archives have no matching snapshots yet — onlyresolute-customizationandresolute-portingat v4.0betaN exist server-side. KeepingRELEASEliteral prevents the parent branch's resolute-as-stable flag flip from silently retargeting Bianbu at a release that can't build.mid(bianbu-minimal is intentionally bare; mid is the canonical Bianbu desktop).Items reference
*stable-legacy-riscv64(already defined upstream whenlegacy_riscv64is non-empty), so the same gate applies and the block is skipped on builds with no legacy riscv64 boards.Companion configng work: armbian/configng#897 lands the per-package APT pin for the Bianbu Mesa fork.
(5) exposed.map per-board(family) regex overrides
generate_exposed_map()picks the (release, branch, suffix) tuple algorithmically:xfce_desktopgnome_desktopxfce_desktopminimalWhen a vendor BSP is tied to a combination outside that algorithmic default — e.g. SpacemiT K1 on noble/legacy/bianbu, where the algorithm would otherwise emit
_<ubuntu>_<board's branch>_xfce_desktopfor these riscv64 boards — the algorithm picks the wrong target and "recommended images" point at images that never get built.Add a sidecar
release-targets/exposed.map.overrides.yamlwhose entries can redirect either of the two regex patterns the generator emits per board:Either inner block may be omitted to leave that pattern at its algorithmic default. Inside each block, every field is optional and falls through.
A per-board entry overlays a boardfamily entry block-by-block then field-by-field. A per-board entry that sets only
minimal:keeps the family'sdesktop:block intact; a per-boarddesktop: {suffix: x}keeps the family'sdesktop.{release, branch}while replacing onlysuffix. Use this to carve a partial exception out of a family rule without repeating its other blocks.First-shipped overrides:
spacemitboardfamily →minimal: noble/legacy,desktop: noble/legacy/bianbu_desktop. Matches the build target from commit 4 and the configng pinning of Bianbu's Mesa fork.bananapif3+musepiproper-board overlay →minimal: trixie/current(those two boards do ship a current-branch trixie minimal alongside the noble/legacy desktop), desktop unchanged from the family entry via the overlay merge.Loader is regex-only (no bash sourcing); cycles in source-via-yaml references are guarded by a visited set; malformed entries (no match key, non-mapping inner blocks, unknown top-level keys) are dropped with a warning so a typo can't silently rewrite the recommended-image set for every board in the world.
Commit history
Branch was squashed from 15 → 5 commits; the cancelled-out misstep pair (an oldstable block split that was added then removed) was folded into the substitution group and drops out of the history entirely.
4dc31cd— per-scope DEBIAN/UBUNTU codename substitution. SymbolicDEBIAN/UBUNTUtokens in YAML, per-scope CLI flags wired through toresolve_release_tokens(anchored to start-of-line so a siblingKERNEL_RELEASE: UBUNTUcan't be corrupted), workflow inputs, descriptive comments stripped of literal codenames, exposed.map regex threaded with the same per-scope pair, README docs.dca9fb6— promote standard + community defaults from noble to resolute. TwoSCOPE_DEFAULTSentries flipped + matching workflow input defaults. Apps and nightly stay where they were.052c8c7— DESKTOP_TIER on the manual desktop blocks so configng's tiered install picks the right tier for the manually-defined targets.fd6f5c3— Bianbu desktop riscv64 build target. Emitsdesktop-stable-ubuntu-riscv64-bianbufor legacy-branch SpacemiT K1 boards on noble — the only combination where archive.spacemit.com publishes the matching PVR DRI Mesa fork.09109b8— per-board(family) regex overrides for exposed.map. Sidecarrelease-targets/exposed.map.overrides.yamlwithminimal:/desktop:blocks per entry; per-board entries overlay boardfamily entries field-by-field. First entries: spacemit family (noble/legacy/bianbu_desktop) + bananapif3 + musepipro per-board overlay (trixie/current minimal).35dcedd—release-targets/README.mdrefresh to match the new surface area. Documentsexposed.map.overrides.yaml(was missing entirely), addsexposed.mapandreusable.ymlto the inputs/outputs tables, drops theUbuntu Noblereferences that went stale with commit 2, updates the.manualexample to includeDESKTOP_TIER(now required by armbian-config), and replaces anoracular(EOL) example withquesting. Net –36 lines; the per-target enumeration was already incomplete and got collapsed into a category description.Test plan
python3 scripts/generate_targets.py --helplists all 8 per-scope flags with correct defaults.resolve_release_tokensround-trip verified onUBUNTU/DEBIANtokens, whitespace variants, word-boundary safety, and start-of-line anchoring (synthetic adversarial input withKERNEL_RELEASE: UBUNTUconfirms it stays untouched).generate_exposed_mapsmoke test: stable board uses--*-standardcodenames, community board uses--*-communitycodenames, defaults produce the same patterns as before.load_exposed_overridesvalidation: empty entries / non-mapping inner blocks / unknown top-level keys / cyclic source-via-yaml all dropped or terminated with warnings.match_exposed_overrideoverlay merge: family-only / per-board-only / both / neither all produce the expected effective tuple.DESKTOP_TIER: midpresent on every manual desktop block after regeneration.ubuntu_nightly=oracularproduces nightly YAML targeting oracular while standard stays on resolute.desktop-stable-ubuntu-riscv64-bianbublock appears in regenerated standard-support YAML when at least onelegacy_riscv64board is in scope, withRELEASE: nobleliteral (not substituted to resolute).exposed.mappost-regeneration: K1 boards (musebook,musepipro,bananapif3,orangepir2s) match_noble_legacy_bianbu_desktop(andbananapif3/musepiproadditionally match_trixie_current_minimalfor the minimal pattern).