Open
Description
This issue is intended to track the status of use of bootc in the automotive sig project. The initial goal is to use automotive-image-builder to produce OCI images in bootc format and then use bootc-image-builder to create physical images from them.
I have done some initial work in other modules:
- Initial automotive work: custom selinux policy, separate build container for bootc, and ext4 verity osbuild/images#1519
- Automotive initial work osbuild/bootc-image-builder#928
- postprocess: Don't hardcode "targeted" policy coreos/rpm-ostree#5382
- Fixes for ESP partition: Make optional, set label osbuild/images#1525
But, further work needs to happen:
- To use transient /etc, we need to pre-generate the mount files for e.g. /boot, and we need to extend the bootc install customization so that we can pass the uuids to bc-i-b to use for these partitions / filesystems.
- We need a way to tell bc-i-b to not create its own copy of the various mount files. Maybe its enough to just detect the existance of pre-existing mount files to make it skip this.
- We need the ability to tell bc-i-b to add custom partitions to the image. This is used for example for /var and /var/qm in automotive
- We need to support aboot/ukiboot, which involves: not using grub, creating special partitions (boot_a, boot_b, etc) with special uuids, and writing files from the image to these partitions in bc-i-b. This may require integration work with bootupd.
- I get (from rpm-ostree or osbuild) a var.mount that references
/sysroot/ostree/deploy/$osname/var. If this $osname doesn't match what bc-i-b uses at deploy time this breaks. These need to be synchronized somehow. - We need to rethink how composefs signatures work because we can't sign the commit in a-i-b anymore, since the final commit will get a different hash.
- bc-i-b seems to default to hybrid mode GPT, we want legacy-free.
This issue is for tracking, lets do the work on the individual things in separate issus.