Skip to content

Cleanup systemd UKI support #1623

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Sep 29, 2025
Merged

Cleanup systemd UKI support #1623

merged 7 commits into from
Sep 29, 2025

Conversation

@Johan-Liebert1
Copy link
Collaborator

@Johan-Liebert1 Johan-Liebert1 commented Sep 18, 2025
edited
Loading

Changes in this PR

  • Adds a field cfg_type to BLSConfig which will contain either of the
    following key:
BLSConfig {
    cfg_type: NonEFI {
        linux: String,
        initrd: Vec<String>,
        options: Some(String)
    }
    |
    EFI {
        efi: String
    }
}

  • We did not have config files for systemd-boot and were only using UKIs
    which did not allow proper sorting of the UKIs. This adds .conf files
    to $ESP/loader/entries

  • Preserves UKI addons' names so we don't overwrite previously added addon

  • Adds a cli option --uki-addon to select the addons to install

  • Add logic for upgrading/switching to a deployment with systemd-boot as the bootloader

@bootc-bot bootc-bot bot requested a review from jeckersb September 18, 2025 10:36
cgwalters
cgwalters approved these changes Sep 18, 2025
View reviewed changes
@Johan-Liebert1 Johan-Liebert1 force-pushed the bls-bootc-status branch 4 times, most recently from 64d4c27 to 5269030 Compare September 22, 2025 10:12
@Johan-Liebert1 Johan-Liebert1 changed the title Bls bootc status Cleanup systemd UKI support Sep 22, 2025
@Johan-Liebert1 Johan-Liebert1 marked this pull request as ready for review September 23, 2025 13:39
@Johan-Liebert1
Copy link
Collaborator Author

Johan-Liebert1 commented Sep 25, 2025

This was approved, but I think it needs a re-review

@Johan-Liebert1 Johan-Liebert1 force-pushed the bls-bootc-status branch 2 times, most recently from 9c447bf to 8c73037 Compare September 25, 2025 09:05
@Johan-Liebert1
Copy link
Collaborator Author

Johan-Liebert1 commented Sep 25, 2025

@cgwalters This is also up for a re-review. Added a few more commits since the last one

cgwalters
cgwalters approved these changes Sep 25, 2025
View reviewed changes
Copy link
Collaborator

@cgwalters cgwalters left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A lot here, I didn't do an exhaustive review. What would probably help here is for us to ensure we're refining something like docs/internals/ for how we're doing some of this.

crates/lib/src/bootc_composefs/boot.rs
const EFI_LINUX: &str = "EFI/Linux";

/// Timeout for systemd-boot bootloader menu
const SYSTEMD_TIMEOUT: &str = "timeout 5";
Copy link
Collaborator

@cgwalters cgwalters Sep 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This relates to coreos/bootupd#978 - I think the default for systems-boot should actually be set at install time.

Copy link
Collaborator Author

@Johan-Liebert1 Johan-Liebert1 Sep 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed. But, for now at least we keep it in bootc until we have support for systemd-boot in bootupd

crates/lib/src/bootc_composefs/repo.rs
.await
}

/// skopeo (in composefs-rs) doesn't understand "registry:"
Copy link
Collaborator

@cgwalters cgwalters Sep 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah...that was something I invented in ostree-ext and probably should have argued to add to the containers-transports so that podman/skopeo/etc understand.

crates/lib/src/bootc_composefs/repo.rs Outdated
/// Ex
/// docker://quay.io/some-image
/// containers-storage:some-image
pub(crate) fn get_imgref(transport: &String, image: &String) -> String {
Copy link
Collaborator

@cgwalters cgwalters Sep 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This one looks very unit testable

I haven't followed the flow here but ideally we do youki-dev/oci-spec-rs#205 and then we're always using a parsed representation for these things.

Copy link
Collaborator Author

@Johan-Liebert1 Johan-Liebert1 Sep 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are two ImageReference structs ostree_ext::container::ImageReference and lib::spec::ImageReference and they I think ostree_ext::container::ImageReference is being converted to lib::spec::ImageReference, but Display for Transport is just "registry"

We should probably combine these throughout the codebase?

@Johan-Liebert1 Johan-Liebert1 force-pushed the bls-bootc-status branch 3 times, most recently from 9847935 to db4f838 Compare September 26, 2025 11:31
@cgwalters cgwalters enabled auto-merge (rebase) September 27, 2025 11:36
@Johan-Liebert1 @cgwalters
parsers/bls: BLS config for UKI
3337ab8 
This is in prep for adding config files for BLS compliant bootloaders
booting via UKI.

Adds a field `cfg_type` to BLSConfig which will contain either of the
following sets of keys:

cfg_type - NonEFI

- linux
- initrd
- options

or

cfg_type - EFI

- efi

Signed-off-by: Pragyan Poudyal <[email protected]>
Signed-off-by: Colin Walters <[email protected]>
@Johan-Liebert1 @cgwalters
composefs-backend: Add support for systemd-boot uki
10aa1b2 
We did not have config files for systemd-boot and were only using UKIs
which did not allow proper sorting of the UKIs. This adds .conf files
to `$ESP/loader/entries`

Also, preserves UKI addons' names so we don't overwrite previously added
addon

Signed-off-by: Pragyan Poudyal <[email protected]>
Signed-off-by: Colin Walters <[email protected]>
@Johan-Liebert1 @cgwalters
composefs-backend: Fix bootc status for systemd-boot
d55ea89 
Signed-off-by: Pragyan Poudyal <[email protected]>
Signed-off-by: Colin Walters <[email protected]>
@Johan-Liebert1 @cgwalters
composefs-backend/boot: Handle staged systemd-boot deployments
db55397 
Add logic for upgrading/switching to a deployment with systemd-boot as
the bootloader. Also update finalize-staged service to handle
systemd-boot bootloader entries for UKIs

Signed-off-by: Pragyan Poudyal <[email protected]>
Signed-off-by: Colin Walters <[email protected]>
@Johan-Liebert1 @cgwalters
composefs-backend/boot: Allow passing UKI addons as cli options
e4dc96e 
Allows installing only some of the addons depending upon the list
of addons passed in as cli options.

Signed-off-by: Pragyan Poudyal <[email protected]>
Signed-off-by: Colin Walters <[email protected]>
@Johan-Liebert1 @cgwalters
composefs-backend: Fix image pull from registry
14ac757 
skopeo (in composefs-rs) doesn't understand the transport "registry:",
so we convert it to "docker://" when passing it to skopeo

Signed-off-by: Pragyan Poudyal <[email protected]>
Signed-off-by: Colin Walters <[email protected]>
@Johan-Liebert1 @cgwalters
Minor fixes and refactoring
1a732db 
Use UTF8Path in BLSConfig
Use `ok_or_else` so error objects are lazily evaluated
Add tests for `get_imgref`
Update UKI path for systemd-boot to `EFI/Linux/bootc`

Signed-off-by: Pragyan Poudyal <[email protected]>
Signed-off-by: Colin Walters <[email protected]>
@cgwalters cgwalters merged commit c5131fe into bootc-dev:main Sep 29, 2025
27 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cgwalters cgwalters cgwalters approved these changes

@jeckersb jeckersb Awaiting requested review from jeckersb

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Johan-Liebert1 @cgwalters