Add `cargo xtask local-rust-deps` which uses `cargo metadata` to find
local path dependencies outside the workspace (e.g., from [patch] sections)
and outputs podman bind mount arguments.
This enables a cleaner workflow for local development against modified
dependencies like composefs-rs:
1. Add a [patch] section to Cargo.toml with real local paths
2. Run `just build` - the Justfile auto-detects and bind-mounts them
Benefits over the previous BOOTC_extra_src approach:
- No manual env var needed
- Paths work for both local `cargo build` and container builds
- No /run/extra-src indirection or Cargo.toml path munging required
- Auto-detection means it Just Works™
The Justfile's build target now calls `cargo xtask local-rust-deps` to
get bind mount args, falling back gracefully if there are no external deps.
The old BOOTC_extra_src mechanism is still supported for backwards compat.
Assisted-by: OpenCode (Opus 4.5)
Signed-off-by: Colin Walters <walters@verbum.org>
The composefs-rs PR 209 has been merged to main. This updates
bootc to use the containers/composefs-rs repository at the
merge commit.
Key API changes:
- Directory::default() -> Directory::new(Stat::uninitialized())
- read_filesystem() no longer takes stat_root parameter
- New read_container_root() for OCI containers (propagates /usr metadata to root)
- stat_root CLI flag renamed to no_propagate_usr_to_root with inverted logic
See https://github.com/containers/composefs-rs/pull/209
Signed-off-by: Colin Walters <walters@verbum.org>
Add support for bind-mounting an extra source directory into container
builds, primarily for developing against a local composefs-rs checkout.
Usage:
BOOTC_extra_src=$HOME/src/composefs-rs just build
The directory is mounted at /run/extra-src inside the container. When
using this, also patch Cargo.toml to use path dependencies pointing to
/run/extra-src/crates/....
Signed-off-by: Colin Walters <walters@verbum.org>
Assisted-by: OpenCode (Opus 4.5)
Signed-off-by: Colin Walters <walters@verbum.org>
Update composefs-rs from rev b636e0e9 to e9008489, adapting to API changes:
- merge_splitstream now takes 4 arguments instead of 3
- import_layer takes digest as string directly
- pull/seal return (digest, verity) as (String, ObjectID)
- SplitStreamWriter::new and write_stream have new signatures
- initialize_composefs_repository returns String instead of Sha256Digest
Co-authored-by: Allison Karlitskaya <allison.karlitskaya@redhat.com>
Assisted-by: OpenCode (Claude claude-sonnet-4-20250514)
Signed-off-by: Colin Walters <walters@verbum.org>
Add a comment noting that changes to the composefs-rs crate list should
also update the documentation files that reference them.
Assisted-by: OpenCode (Opus 4.5)
Signed-off-by: Colin Walters <walters@verbum.org>
This fleshes out what we had with a more rigorous
binding to the spec.
As part of this though, the ESP constant we had here was uppercase,
but the spec version uses lowercase. Add APIs to find a partition
by type, comparing case insensitively.
Assisted-by: Claude Code
Signed-off-by: Colin Walters <walters@verbum.org>
Split `dependencies` into three sections:
- Internal deps (crates in the same workspace)
- Workspace deps
- Deps only used by that sub-crate
Also make everything alphabetical.
Assisted-by: Claude Code
Signed-off-by: Colin Walters <walters@verbum.org>
Replace all serde_json::to_{string,vec,writer} with
equivalent canon_json::CanonJsonSerialize to make the
output stable / reproducible.
Signed-off-by: Etienne Champetier <e.champetier@ateme.com>
It seems the tracing crate is broken in this respect. Digging
through best practices, `anstream` is used by clap and looks sane.
We're basically just following their example.
Signed-off-by: Colin Walters <walters@verbum.org>
No major changes required; we get to drop one `unsafe` call
which is nice!
Looks like the ecosystem overall will need a fair bit of porting
before we can drop the 0.38 version though.
Signed-off-by: Colin Walters <walters@verbum.org>
# Background
The current usage instructions for bootc involve a long podman
invocation.
# Issue
It's hard to remember and type the long podman invocation, making the
usage of bootc difficult for users.
See https://issues.redhat.com/browse/BIFROST-610 and https://issues.redhat.com/browse/BIFROST-611
(Epic https://issues.redhat.com/browse/BIFROST-594)
# Solution
We want to make the usage of bootc easier by providing a new Fedora/RHEL
subpackage that includes a new binary `system-reinstall-bootc`. This binary
will simplify the usage of bootc by providing a simple command line
interface (configured either through CLI flags or a configuration file)
with an interactive prompt that allows users to reinstall the current
system using bootc.
The commandline will handle helping the user choose SSH keys / users,
warn the user about the destructive nature of the operation, and
eventually report issues they might run into in the various clouds (e.g.
missing cloud agent on the target image)
# Implementation
Added new system-reinstall-bootc crate that outputs the new
system-reinstall-bootc binary. This new crate depends on the existing utils crate.
Refactored the tracing initialization from the bootc binary into the
utils crate so that it can be reused by the new crate.
The new CLI can either be configured through commandline flags or
through a configuration file in a path set by the environment variable
`BOOTC_REINSTALL_CONFIG`.
The configuration file is a YAML file.
# Limitations
Only root SSH keys are supported. The multi user selection TUI is
implemented, but if you choose anything other than root you will get an
error.
# TODO
Missing docs, missing functionality. Everything is in alpha stage. User
choice / SSH keys / prompt disabling should also eventually be supported
to be configured through commandline arguments or the configuration
file.
Signed-off-by: Omer Tuchfeld <omer@tuchfeld.dev>
To make a bit clearer this is an internal-to-bootc thing; but also
because other projects like bootupd may start referencing it.
Signed-off-by: Colin Walters <walters@verbum.org>
This code has been forked between bootupd and coreos-installer
and here. This is prep for having bootupd pull it from bootc's
git so we can deduplicate.
Signed-off-by: Colin Walters <walters@verbum.org>
This would be a nice thing to try to standardize, but let's just
keep track of this and use it in our CI install flow too. This
helps us be cross distribution a bit more.
Signed-off-by: Colin Walters <walters@verbum.org>
When I was working on some column printing code
with Unicode I got bit by using `str::len`...and
digging in I found that clippy actually just
merged a lint to go the *other* way; more in
the link in the code.
Turning on a lint showed one place that should
have been using `chars().count()` and one that
should have been validating ASCII. Fix those.
Signed-off-by: Colin Walters <walters@verbum.org>
Ironically our support for `--replace-mode=alongside` breaks
when we're targeting an already extant ostree host, because when
we first blow away the `/boot` directory, this means the ostree
stack loses its knowledge that we're in a booted deployment,
and will attempt to GC it...
8fa019bfa8
is a key part of the fix for that.
However, a notable improvement we can do here is to grow this
whole thing into a real "factory reset" mode, and this will
be a compelling answer to
https://github.com/coreos/fedora-coreos-tracker/issues/399
To implement this though we need to support configuring the
stateroot and not just hardcode `default`.
Signed-off-by: Omer Tuchfeld <omer@tuchfeld.dev>
Add `dead_code = "deny"` to our default lints; we had
a compiler warning for this in main.
Fix the warning by moving the human readable test code into
`#[cfg(test)]`.
While we're here, move the other lib.rs lints into the crate;
enforcing docs for *everything* at first I thought might be heavy
handed but actually is fine as it only applies to things that
are `pub`, of which we don't actually have that much so it
mainly forced me to add some stub docs for the modules, which
is probably a good idea.
Signed-off-by: Colin Walters <walters@verbum.org>
A new instance of this snuck in under xtask, this will make sure it's
covered everywhere going forward.
Signed-off-by: John Eckersberg <jeckersb@redhat.com>
In relatively recent rust there's a nice way to globally
configure clippy lints for the whole workspace. We can
kill the `custom-lints` target because relatively
recently clippy has a lint for `todo!` and `dbg!` itself.
Signed-off-by: Colin Walters <walters@verbum.org>
A few things going on here:
- Rewrite logic from shell script into Rust (using xshell, so
it's still convenient to fork commands)
- Make the test logic take an externally-built container image
instead of using a `-v bootc:/usr/bin/bootc` bind mount
- Build the container image using our stock hack/Containerfile
in Github Actions instead of building for c9s in GHA
- This all hence starts to make the logic reusable outside
of Github Actions too; the container build is a known standard thing.
Signed-off-by: Colin Walters <walters@verbum.org>
On general principle; they trimmed their supported version set
which reduces dep size. But it also drops out some old things like
`base64@0.13.1` (how many times does a base64 library really need
to break semver?).
Signed-off-by: Colin Walters <walters@verbum.org>
There's a warning in newer Rust 1.72 about this, we do want the v2
resolver.
And adjust our build/CI configuration to explicitly enable
`internal-testing-api` when building our binary in CI.
- `release` should use `panic=abort` by default because we make
heavy use of FFI and this is safest, and I don't think we need
unwinding anyways
- The `releaselto` produces smallest binaries
Signed-off-by: Colin Walters <walters@verbum.org>
