another attempt to update#680
Draft
djs55 wants to merge 11 commits into
Draft
Conversation
Rebase of patricoferris/updating-mirage onto master, squashed into a single commit. Modernises the Mirage dependency stack (tcpip >= 9, hvsock >= 3.1, protocol-9p >= 2.1, cmdliner >= 1.1, mirage-mtime / mirage-sleep / mirage-flow-combinators replacing the deprecated mirage-clock / mirage-time / mirage-random / mirage-entropy / mirage-stack) and migrates the cmdliner API (Term.info -> Cmd.info / Cmd.v / Cmd.eval). Conflict resolution kept master's improvements where they superseded the branch: dune-build-info versioning (over the make-generated version.ml), dune lang 3.23, the (pkg disabled) dune-workspace, and discover.ml's conditional static linking. dune-project (depends) was updated to match the new vpnkit.opam so generate_opam_files stays consistent. Dockerfiles target ocaml/opam:alpine-ocaml-5.3 with plain opam. Squashed commits: Update Mirage packages Remove all Mirage_time.S and Mirage_clock.S Update opam file Remove mirage-clock-unix Upper-bound cohttp opam: remove mirage-entropy and relax upper bounds update Dockerfile for opam 2.2 and ocaml 5.3 dune: remove result (built-in) dune: remove mirage-profile and mirage-clock fix issue with bridge IPvs and duplicate MACs update licenses some minor tweak, reuse the mirage-mtime.mock implementation put both tests into a single executables stanza to avoid errors opam: add upper bound on charrua Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: David Scott <dave@recoil.org>
lwt made Lwt_unix.notification abstract (was int); alias the Notification module's t to it instead of int. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: David Scott <dave@recoil.org>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: David Scott <dave@recoil.org>
Regenerated with `dune pkg lock --workspace=dune-workspace.ci` so the lockdir matches the new dune-project dependencies (tcpip 9, hvsock 3.1, cmdliner 2.x, charrua 2.0, mirage-mtime/mirage-sleep, …). Fixes the tests-with-dune-pkg CI workflow which checks the lockdir is in sync. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: David Scott <dave@recoil.org>
djs55
force-pushed
the
updating-mirage-rebase
branch
from
e407e05 to
ed94a4d
Compare
The %%NAME%% %%VERSION%% watermarks (copied from cohttp) made `dune subst`
fail with "repository does not contain any version information" during the
Docker builds (bin-image and Dockerfile.test), which run the {dev} build with
no git version metadata. vpnkit doesn't use dune-release watermarking, so just
remove them. Pre-existing failure on master, not specific to this branch.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: David Scott <dave@recoil.org>
OCaml 5.x compiler-libs link against zstd; combined with the static link (-ccopt -static) the Alpine build needs libzstd.a, which isn't present by default. Add zstd-static to both Dockerfiles. Fixes 'ld: cannot find -lzstd' in the bin-image and Dockerfile.test builds. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: David Scott <dave@recoil.org>
Apply ocamlformat 0.20.1 (the version pinned in .ocamlformat) across the
repository. The tree had drifted from the pinned format, which failed
ocaml-ci's lint-fmt check. Also set 'comment-check = false' in .ocamlformat
so ocamlformat tolerates a few pre-existing misplaced (** ... *) doc comments
(warning 50) in src/dns/{operators,packet}.ml[i] instead of erroring out.
Kept as a single isolated commit, separate from the Mirage-update changes.
No semantic changes (formatting only; verified the tree still builds).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Signed-off-by: David Scott <dave@recoil.org>
djs55
force-pushed
the
updating-mirage-rebase
branch
from
2e1561a to
55ce1ba
Compare
…ound vpnkit links statically (-ccopt -static, src/bin/config/discover.ml). On glibc distros that split the static libc/libm into a separate package the link fails with 'cannot find -lc/-lm'. Debian/Ubuntu ship them by default; Fedora and openSUSE do not. Declare them as depexts (via vpnkit.opam.template) so opam/ocaml-ci installs glibc-static / glibc-devel-static. Verified in the ocaml/opam:fedora-43 and opensuse-16.0 images that the static link then succeeds. Also raise the sha (with-test) lower bound to 1.15: the unconstrained bound let ocaml-ci's lower-bound variant pick sha.1.10, whose C stubs no longer compile on modern GCC (implicit declaration of strcpy/memcpy). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: David Scott <dave@recoil.org>
Under flambda, consuming a virtual library (mirage-mtime, mirage-sleep) that ships a .cmi but no .cmx triggers warning 58; with ocaml-ci's -warn-error it becomes fatal, failing the +flambda variants. It is a benign cross-module inlining hint, so disable it project-wide. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: David Scott <dave@recoil.org>
Keeps the dune package-management lockdir in sync with dune-project (tests-with-dune-pkg checks this). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: David Scott <dave@recoil.org>
dune's @fmt formats dune files too; the warning-58 env stanza I added needed a blank line after the comment block. Restores lint-fmt. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: David Scott <dave@recoil.org>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
An attempt to rebase of @patricoferris's #646 using Claude 😓
Supersedes / continues #646 (branch
patricoferris:updating-mirage).tcpip >= 9,hvsock >= 3.1,protocol-9p >= 2.1,cmdliner >= 1.1, andmirage-mtime/mirage-sleep/mirage-flow-combinatorsreplacing the deprecatedmirage-clock/mirage-time/mirage-random/mirage-entropy/mirage-stack.Term.info→Cmd.info/Cmd.v/Cmd.eval).ocaml/opam:alpine-ocaml-5.3.The 14 commits of #646 were squashed into one while rebasing, since they overlapped heavily with master's build-system rework. Conflicts were resolved to keep master's improvements where they superseded the branch:
dune-build-infoversioning (over the make-generatedversion.ml),(lang dune 3.23), the(pkg disabled)dune-workspace, anddiscover.ml's conditional static linking.dune-project (depends)was updated to match the newvpnkit.opamsogenerate_opam_filesstays consistent.Two additional fixes were needed to build against current releases:
hostnet/luv_lwt.ml:Lwt_unix.notificationis now abstract (wasint) in lwt 6.x.dns_test: drop the deprecatedbigarray-compat(Bigarray is in the OCaml 5.x stdlib).Testing
Built on OCaml 5.3 (lwt 6.1.2, cmdliner 2.1.1, tcpip 9.0.1, charrua 2.0.0, mirage-mtime 5.2.0, …).
dune build @runtest— all unit tests pass.dune build @e2e— all self-contained tests pass (hosts files, TCP/UDP port forwards,--tcpv4-forwards, DHCP, all NAT tests, and a full host-resolver DNS config). The tests that require real outbound network (www.google.com,www.mobyproject.org, upstream DNS forwarding) were not exercised in my sandbox; an unmodifiedmasterbuild fails identically on those, so this is environmental, not a regression. CI should cover them.