Description
This relates to:
- tracker: logically bound app images #128 (and Quadlet: add -list-images containers/podman#23065 )
- check composefs compat when rebasing #632
- Provide warning when switching between distributions #610
Basically...I think it'd be a powerful general feature if we supported a flow that did:
- Pull new image (but without queuing a new bootloader entry)
- Run arbitrary code from the new image as a container
- Only on success, queue new bootloader entry
One simple way to do this would be to define a new bootc-pre-stage.target systemd unit that we run in between what currently happens when one types bootc upgrade.
This would be a clearly very powerful general mechanism that would allow implementing things like "logically bound container images" outside of bootc core code itself. A base image (or user code) could define which container images to pull via whatever mechanisms and file format it wants.
One could do arbitrary things like check compatibility (relates to #632 and #610)
The downside of course is that being so general, it'd be easy to use for things that would probably be best done elsewhere. I think we'd still eventually want higher level and more declarative/opinionated mechanisms for some of the problems here (especially the container binding one).
(This also tangentially relates to #2 in that it'd probably be a bit more elegant if we internally split up bits of the bootc upgrade process internally into units)
But...in ostree we already merged e.g. ostreedev/ostree#2569 which is currently a very special case.
Actually, a notable detail here is that bootc-pre-stage.target as proposed would get mutable access to the current /etc and the global /var, i.e. it'd be ordered before ostree-finalize-staged.target.
Activity