-
Notifications
You must be signed in to change notification settings - Fork 86
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #620 from cgwalters/container-push
cli: Add a new bootc image subcommand
- Loading branch information
Showing
5 changed files
with
245 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
//! # Controlling bootc-managed images | ||
//! | ||
//! APIs for operating on container images in the bootc storage. | ||
use anyhow::{Context, Result}; | ||
use fn_error_context::context; | ||
use ostree_ext::container::{ImageReference, Transport}; | ||
|
||
/// The name of the image we push to containers-storage if nothing is specified. | ||
const IMAGE_DEFAULT: &str = "localhost/bootc"; | ||
|
||
#[context("Listing images")] | ||
pub(crate) async fn list_entrypoint() -> Result<()> { | ||
let sysroot = crate::cli::get_locked_sysroot().await?; | ||
let repo = &sysroot.repo(); | ||
|
||
let images = ostree_ext::container::store::list_images(repo).context("Querying images")?; | ||
|
||
for image in images { | ||
println!("{image}"); | ||
} | ||
Ok(()) | ||
} | ||
|
||
/// Implementation of `bootc image push-to-storage`. | ||
#[context("Pushing image")] | ||
pub(crate) async fn push_entrypoint(source: Option<&str>, target: Option<&str>) -> Result<()> { | ||
let transport = Transport::ContainerStorage; | ||
let sysroot = crate::cli::get_locked_sysroot().await?; | ||
|
||
let repo = &sysroot.repo(); | ||
|
||
// If the target isn't specified, push to containers-storage + our default image | ||
let target = if let Some(target) = target { | ||
ImageReference { | ||
transport, | ||
name: target.to_owned(), | ||
} | ||
} else { | ||
ImageReference { | ||
transport: Transport::ContainerStorage, | ||
name: IMAGE_DEFAULT.to_string(), | ||
} | ||
}; | ||
|
||
// If the source isn't specified, we use the booted image | ||
let source = if let Some(source) = source { | ||
ImageReference::try_from(source).context("Parsing source image")? | ||
} else { | ||
let status = crate::status::get_status_require_booted(&sysroot)?; | ||
// SAFETY: We know it's booted | ||
let booted = status.2.status.booted.unwrap(); | ||
let booted_image = booted.image.unwrap().image; | ||
ImageReference { | ||
transport: Transport::try_from(booted_image.transport.as_str()).unwrap(), | ||
name: booted_image.image, | ||
} | ||
}; | ||
let mut opts = ostree_ext::container::store::ExportToOCIOpts::default(); | ||
opts.progress_to_stdout = true; | ||
println!("Copying local image {source} to {target} ..."); | ||
let r = ostree_ext::container::store::export(repo, &source, &target, Some(opts)).await?; | ||
|
||
println!("Pushed: {target} {r}"); | ||
Ok(()) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,129 @@ | ||
# This test does: | ||
# bootc image copy-to-storage | ||
# podman build <from that image> | ||
# bootc switch <to the local image> | ||
# <verify booted state> | ||
# Then another build, and reboot into verifying that | ||
use std assert | ||
use tap.nu | ||
|
||
const kargsv0 = ["testarg=foo", "othertestkarg", "thirdkarg=bar"] | ||
const kargsv1 = ["testarg=foo", "thirdkarg=baz"] | ||
let removed = ($kargsv0 | filter { not ($in in $kargsv1) }) | ||
|
||
# This code runs on *each* boot. | ||
# Here we just capture information. | ||
bootc status | ||
let st = bootc status --json | from json | ||
let booted = $st.status.booted.image | ||
|
||
# Parse the kernel commandline into a list. | ||
# This is not a proper parser, but good enough | ||
# for what we need here. | ||
def parse_cmdline [] { | ||
open /proc/cmdline | str trim | split row " " | ||
} | ||
|
||
# Run on the first boot | ||
def initial_build [] { | ||
tap begin "local image push + pull + upgrade" | ||
|
||
let td = mktemp -d | ||
cd $td | ||
|
||
do --ignore-errors { podman image rm localhost/bootc o+e>| ignore } | ||
bootc image copy-to-storage | ||
let img = podman image inspect localhost/bootc | from json | ||
|
||
mkdir usr/lib/bootc/kargs.d | ||
{ kargs: $kargsv0 } | to toml | save usr/lib/bootc/kargs.d/05-testkargs.toml | ||
# A simple derived container that adds a file, but also injects some kargs | ||
"FROM localhost/bootc | ||
COPY usr/ /usr/ | ||
RUN echo test content > /usr/share/blah.txt | ||
" | save Dockerfile | ||
# Build it | ||
podman build -t localhost/bootc-derived . | ||
# Just sanity check it | ||
let v = podman run --rm localhost/bootc-derived cat /usr/share/blah.txt | str trim | ||
assert equal $v "test content" | ||
# Now, fetch it back into the bootc storage! | ||
bootc switch --transport containers-storage localhost/bootc-derived | ||
# And reboot into it | ||
tmt-reboot | ||
} | ||
|
||
# The second boot; verify we're in the derived image | ||
def second_boot [] { | ||
print "verifying second boot" | ||
# booted from the local container storage and image | ||
assert equal $booted.image.transport containers-storage | ||
assert equal $booted.image.image localhost/bootc-derived | ||
# We wrote this file | ||
let t = open /usr/share/blah.txt | str trim | ||
assert equal $t "test content" | ||
|
||
# Verify we have updated kargs | ||
let cmdline = parse_cmdline | ||
print $"cmdline=($cmdline)" | ||
for x in $kargsv0 { | ||
print $"verifying karg: ($x)" | ||
assert ($x in $cmdline) | ||
} | ||
|
||
# Now do another build where we drop one of the kargs | ||
let td = mktemp -d | ||
cd $td | ||
|
||
mkdir usr/lib/bootc/kargs.d | ||
{ kargs: $kargsv1 } | to toml | save usr/lib/bootc/kargs.d/05-testkargs.toml | ||
"FROM localhost/bootc | ||
COPY usr/ /usr/ | ||
RUN echo test content2 > /usr/share/blah.txt | ||
" | save Dockerfile | ||
# Build it | ||
podman build -t localhost/bootc-derived . | ||
let booted_digest = $booted.imageDigest | ||
print booted_digest = $booted_digest | ||
# We should already be fetching updates from container storage | ||
bootc upgrade | ||
# Verify we staged an update | ||
let st = bootc status --json | from json | ||
let staged_digest = $st.status.staged.image.imageDigest | ||
assert ($booted_digest != $staged_digest) | ||
# And reboot into the upgrade | ||
tmt-reboot | ||
} | ||
|
||
# Check we have the updated kargs | ||
def third_boot [] { | ||
print "verifying third boot" | ||
assert equal $booted.image.transport containers-storage | ||
assert equal $booted.image.image localhost/bootc-derived | ||
let t = open /usr/share/blah.txt | str trim | ||
assert equal $t "test content2" | ||
|
||
# Verify we have updated kargs | ||
let cmdline = parse_cmdline | ||
print $"cmdline=($cmdline)" | ||
for x in $kargsv1 { | ||
print $"Verifying karg ($x)" | ||
assert ($x in $cmdline) | ||
} | ||
# And the kargs that should be removed are gone | ||
for x in $removed { | ||
assert not ($removed in $cmdline) | ||
} | ||
|
||
tap ok | ||
} | ||
|
||
def main [] { | ||
# See https://tmt.readthedocs.io/en/stable/stories/features.html#reboot-during-test | ||
match $env.TMT_REBOOT_COUNT? { | ||
null | "0" => initial_build, | ||
"1" => second_boot, | ||
"2" => third_boot, | ||
$o => { error make { msg: $"Invalid TMT_REBOOT_COUNT ($o)" } }, | ||
} | ||
} |