feat(edit): allow setting usrOverlay

p5 · p5 · commit 4e8ec8b2c714 · 2025-04-26T20:17:59.000+01:00
Allows setting the usrOverlay within "bootc edit".  Since there's
no clean ways (that I'm aware of) for switching back from a writable
/usr to a readonly one, this follows the recommended commands in the
docs, and lazily unmounts /usr.
diff --git a/lib/src/cli.rs b/lib/src/cli.rs
@@ -4,8 +4,6 @@
 
 use std::ffi::{CString, OsStr, OsString};
 use std::io::Seek;
-use std::os::unix::process::CommandExt;
-use std::process::Command;
 
 use anyhow::{ensure, Context, Result};
 use camino::Utf8PathBuf;
@@ -26,11 +24,11 @@ use schemars::schema_for;
 use serde::{Deserialize, Serialize};
 
 use crate::deploy::RequiredHostSpec;
-use crate::lints;
 use crate::progress_jsonl::{ProgressWriter, RawProgressFd};
-use crate::spec::Host;
 use crate::spec::ImageReference;
+use crate::spec::{FilesystemOverlay, Host};
 use crate::utils::sigpolicy_from_opt;
+use crate::{lints, overlay};
 
 /// Shared progress options
 #[derive(Debug, Parser, PartialEq, Eq)]
@@ -968,23 +966,25 @@ async fn edit(opts: EditOpts) -> Result<()> {
         println!("Edit cancelled, no changes made.");
         return Ok(());
     }
+
     host.spec.verify_transition(&new_host.spec)?;
     let new_spec = RequiredHostSpec::from_spec(&new_host.spec)?;
 
-    let prog = ProgressWriter::default();
-
-    // We only support two state transitions right now; switching the image,
-    // or flipping the bootloader ordering.
-    if host.spec.boot_order != new_host.spec.boot_order {
-        return crate::deploy::rollback(sysroot).await;
+    if new_host.spec.usr_overlay != host.spec.usr_overlay {
+        if let Some(overlay) = new_host.spec.usr_overlay {
+            crate::overlay::set_usr_overlay(overlay)?;
+        }
+    }
+    if new_host.spec.boot_order != host.spec.boot_order {
+        crate::deploy::rollback(sysroot).await?;
+    }
+    if new_host.spec.image != host.spec.image {
+        let prog = ProgressWriter::default();
+        let fetched =
+            crate::deploy::pull(repo, new_spec.image, None, opts.quiet, prog.clone()).await?;
+        let stateroot = booted_deployment.osname();
+        crate::deploy::stage(sysroot, &stateroot, &fetched, &new_spec, prog.clone()).await?;
     }
-
-    let fetched = crate::deploy::pull(repo, new_spec.image, None, opts.quiet, prog.clone()).await?;
-
-    // TODO gc old layers here
-
-    let stateroot = booted_deployment.osname();
-    crate::deploy::stage(sysroot, &stateroot, &fetched, &new_spec, prog.clone()).await?;
 
     sysroot.update_mtime()?;
 
@@ -993,12 +993,7 @@ async fn edit(opts: EditOpts) -> Result<()> {
 
 /// Implementation of `bootc usroverlay`
 async fn usroverlay() -> Result<()> {
-    // This is just a pass-through today.  At some point we may make this a libostree API
-    // or even oxidize it.
-    Err(Command::new("ostree")
-        .args(["admin", "unlock"])
-        .exec()
-        .into())
+    overlay::set_usr_overlay(FilesystemOverlay::ReadWrite)
 }
 
 /// Perform process global initialization. This should be called as early as possible
diff --git a/lib/src/fixtures/spec-staged-booted-usrunlock.yaml b/lib/src/fixtures/spec-staged-booted-usrunlock.yaml
@@ -0,0 +1,44 @@
+apiVersion: org.containers.bootc/v1alpha1
+kind: BootcHost
+metadata:
+  name: host
+spec:
+  image:
+    image: quay.io/example/someimage:latest
+    transport: registry
+    signature: insecure
+  usrOverlay: readWrite
+status:
+  staged:
+    image:
+      image:
+        image: quay.io/example/someimage:latest
+        transport: registry
+        signature: insecure
+      architecture: arm64
+      version: nightly
+      # This one has nanoseconds, which should be dropped for human consumption
+      timestamp: 2023-10-14T19:22:15.42Z
+      imageDigest: sha256:16dc2b6256b4ff0d2ec18d2dbfb06d117904010c8cf9732cdb022818cf7a7566
+    incompatible: false
+    pinned: false
+    ostree:
+      checksum: 3c6dad657109522e0b2e49bf44b5420f16f0b438b5b9357e5132211cfbad135d
+      deploySerial: 0
+  booted:
+    image:
+      image:
+        image: quay.io/example/someimage:latest
+        transport: registry
+        signature: insecure
+      architecture: arm64
+      version: nightly
+      timestamp: 2023-09-30T19:22:16Z
+      imageDigest: sha256:736b359467c9437c1ac915acaae952aad854e07eb4a16a94999a48af08c83c34
+    incompatible: false
+    pinned: false
+    ostree:
+      checksum: 26836632adf6228d64ef07a26fd3efaf177104efd1f341a2cf7909a3e4e2c72c
+      deploySerial: 0
+  rollback: null
+  isContainer: false
diff --git a/lib/src/lib.rs b/lib/src/lib.rs
@@ -27,6 +27,7 @@ mod status;
 mod store;
 mod task;
 mod utils;
+mod overlay;
 
 #[cfg(feature = "docgen")]
 mod docgen;
diff --git a/lib/src/mount.rs b/lib/src/mount.rs
@@ -129,6 +129,21 @@ pub(crate) fn mount(dev: &str, target: &Utf8Path) -> Result<()> {
     )
 }
 
+pub(crate) fn unmount(target: &Utf8Path, lazy: bool) -> Result<()> {
+    let args = if lazy {
+        vec!["-l", target.as_str()]
+    } else {
+        vec![target.as_str()]
+    };
+
+    let description = if lazy {
+        format!("Lazily unmounting {target}.\nThis may leave lingering mounts if in use")
+    } else {
+        format!("Unmounting {target}")
+    };
+    Task::new_and_run(description, "umount", args)
+}
+
 /// If the fsid of the passed path matches the fsid of the same path rooted
 /// at /proc/1/root, it is assumed that these are indeed the same mounted
 /// filesystem between container and host.
diff --git a/lib/src/overlay.rs b/lib/src/overlay.rs
@@ -0,0 +1,28 @@
+//! Handling of deployment overlays
+
+use std::{os::unix::process::CommandExt, process::Command};
+
+use anyhow::Result;
+use fn_error_context::context;
+
+use crate::spec;
+
+#[context("Setting /usr overlay")]
+pub(crate) fn set_usr_overlay(state: spec::FilesystemOverlay) -> Result<()> {
+    match state {
+        spec::FilesystemOverlay::Readonly => {
+            tracing::info!("Setting /usr overlay to read-only");
+            // There's no clean way to remove the readwrite overlay, so we lazily unmount it.
+            crate::mount::unmount(camino::Utf8Path::new("/usr"), true)?;
+        }
+        spec::FilesystemOverlay::ReadWrite => {
+            tracing::info!("Setting /usr overlay to read-write");
+            // This is just a pass-through today.  At some point we may make this a libostree API
+            // or even oxidize it.
+            Err(anyhow::Error::from(
+                Command::new("ostree").args(["admin", "unlock"]).exec(),
+            ))?;
+        }
+    }
+    return Ok({});
+}
