This adds scaffolding to install a stub binary which can
optionally be added into the initramfs;
prep for us doing real work during setup as we aim
to move to the native composefs backend.
The binary is *built* but is only installed by a
new `Makefile` target, so existing build system
users won't pick it up. Our development-only
`Dockerfile` gains a build option to use it
(and also ensures the initramfs is regenerated).
However previously we also discussed moving the fstab
logic into the initramfs:
https://github.com/bootc-dev/bootc/pull/1113
I might try doing that once this lands.
One notable thing is that even this trivial nearly-no-op
binary is still 4MB which I think is mostly due
to linking in a whole copy of prebuilt rust `std`.
In theory we could try going to `#[no_std]` but I
don't think it'll be viable once we start doing more here.
Probably most practical thing re size is `-Z build-std` + LTO.
Signed-off-by: Colin Walters <walters@verbum.org>
This uses the token generated in the GitHub app that has a limited
scope. Also refactors the commit/push steps to use the
create-pull-request action rather than manually committing and pushing.
This simplifies the token usage when committing/pushing.
Signed-off-by: ckyrouac <ckyrouac@redhat.com>
This modifies the scheduled release to happen every 3 weeks regardless
of when the previous release happened. This aligns with the team's
schedule.
Assisted-by: Claude code
Signed-off-by: ckyrouac <ckyrouac@redhat.com>
I don't think anything should use to_lossy() by default.
It's great to have a correct kernel argument parser that
doesn't bomb on non-UTF8 but at the same time in our code
we can just I think ignore kernel arguments which aren't UTF-8.
Maybe we should warn if e.g. we find a `root=<nonutf8` or
so but eh.
Everything else in the bootc codebase works in terms of
strings so let's just make it really easy to only
get strings out.
Implementation notes:
- I struggled with lifetimes in this one and couldn't
get it to work to reuse the Parameter (byte oriented)
parser and just reimplemented it in the str path
- When I tossed this problem at both Claude and Gemini
they both gave up; and Gemini ended up deleting
all the code and declaring success
Unit tests (after I manually fixed up all the lifetime
stuff in the core code) are
Assisted-by: Gemini-CLI
Signed-off-by: Colin Walters <walters@verbum.org>
In some cases we want to return the value exactly as it
was originally.
Also drop the test-only APIs, those were really never needed.
Signed-off-by: Colin Walters <walters@verbum.org>
Update the autovendor GitHub workflow to use the correct path 'crates/cli'
instead of 'cli', which was causing the job to fail with "No such file or
directory" error.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: John Eckersberg <jeckersb@redhat.com>
It's confusing we have both kargs.rs and kernel.rs where
the latter is also handling kernel arguments.
Clarify what this does.
Signed-off-by: Colin Walters <walters@verbum.org>
This will be needed in some scenarios for composefs.
Assisted-by: Claude Code
Signed-off-by: Johan-Liebert1 <pragyanpoudyal41999@gmail.com>
Signed-off-by: Colin Walters <walters@verbum.org>
Many cases want to find the value of an argument, no need
to return the key back to them.
Also IMO `value_lossy()` is a HUGE trap because aside from
logging it's almost never the right thing to do. I plan
to remove it in a followup.
So this also adds a `utf8` helper that returns an error,
and changes one case to use it.
Signed-off-by: Colin Walters <walters@verbum.org>
We had use cases which were doing `iter().find(|v| v.key ==`
which would NOT do the `-_` insensitive comparison. Add a newtype
`ParameterKey` and move the comparison there.
This makes the API slightly more awkward to use when inspecting
as one needs `.key.0` but eh.
Signed-off-by: Colin Walters <walters@verbum.org>
This exposes the current functionality of the cfsctl binary.
It's not a crate right now, and it's not a lot of code, so we just
fork it.
I did take the effort to use `git subtree merge` to do the import.
For the record, here's how I did it:
- In composefs-rs: git subtree split --prefix=crates/cfsctl
- In bootc: git subtree add --prefix=crates/lib/cfsctl ../../containers/composefs-rs/ <git sha1 from above>
In cfsctl I also:
- Adjusted it to accept the bootc-configured composefs repo
(which note is right now hardcoded to sha512, not sha256)
- Dropped the http stuff since I don't think it really makes
sense vs OCI
Signed-off-by: Colin Walters <walters@verbum.org>
This adds a new `kernel::Cmdline` struct, which is populated either
via `Cmdline::from` (borrowed) or `Cmdline::from_proc` (owned).
This attempts to follow the same behavior as the kernel, which is
mostly covered in:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/lib/cmdline.c?id=e8d780dcd957d80725ad5dd00bab53b856429bc0#n227
The algorithm is basically:
- Scan forward until you find the first unquoted isspace()
byte. That's the end of the param.
- If you encounter an `=` along the way, note where. That's where it
will terminate the key and split for the value. Any future `=` are
not treated as special.
- The value can be quoted to allow spaces, but is unquoted only in as
much as `"` is removed from the first or last byte. You can still
have `"` in the middle of the value.
This operates on `&[u8]` because the kernel does not enforce any
particular encoding for the cmdline. Iterating using
`Cmdline::iter()` will emit the `Parameter` type, which has helper
methods `key_lossy()` and `value_lossy()` to convert
potentially-non-UTF8 data into `String`s.
Resolves: #1425
Signed-off-by: John Eckersberg <jeckersb@redhat.com>
* docs: We're read only by default in a container
Closes: https://github.com/bootc-dev/bootc/issues/1461
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
It was not a useful abstraction in the end, just remove it.
While here, also extend a comment with rationale for why we
sleep.
Signed-off-by: Colin Walters <walters@verbum.org>
This is prep for wider usage of it in this project.
Like the containers-image: storage, it is only initialized
on demand right now.
(An obvious next step is to redo things so the ostree storage is also on-demand)
- This is hardcoded to SHA512 right now...but we clearly want
a way to configure that or maybe we just really default to 512?
- We explicitly bridge between the ostree fsverity enablement
to the composefs verity enablement
- Right now the usage is just a stub but I plan to expose
more here
Signed-off-by: Colin Walters <walters@verbum.org>
Add comprehensive documentation for the root.transient-ro option that allows
privileged users to create dynamic top-level mountpoints at runtime while
keeping the filesystem read-only by default.
Prep for fixing https://github.com/bootc-dev/bootc/issues/1434
Basically in the selinux path we copy our binary to a tempfile,
which breaks `/proc/self/exe`.
Fix this by setting an environment variable when we do that re-exec
and ensuring that *everything* references an internal API (now
moved to utils/ so it can be shared) that looks for the env
var first.
Since there is some user intervention required for the scheduled
release, this adds a 2 day buffer in case the buttons weren't clicked
immediately last time.
Signed-off-by: ckyrouac <ckyrouac@redhat.com>
