.bootc.metadata

@@ -1,2 +0,0 @@
-f845ad2a14b147102fd407cff8c75f46f18485e6 SOURCES/bootc-1.1.5-vendor.tar.zstd
-77fd4b2f65b52577b0f8a3c6679b04ce5eff47ac SOURCES/bootc-1.1.5.tar.zstd

.gitignore

@@ -1,2 +1,36 @@
-SOURCES/bootc-1.1.5-vendor.tar.zstd
-SOURCES/bootc-1.1.5.tar.zstd
+/bootc-0.1.4.tar.zstd
+/bootc-0.1.4-vendor.tar.zstd
+/bootc-0.1.5.tar.zstd
+/bootc-0.1.5-vendor.tar.zstd
+/bootc-0.1.6-vendor.tar.zstd
+/bootc-0.1.6.tar.zstd
+/bootc-0.1.7-vendor.tar.zstd
+/bootc-0.1.7.tar.zstd
+/bootc-0.1.8.tar.zstd
+/bootc-0.1.8-vendor.tar.zstd
+/bootc-0.1.9.tar.zstd
+/bootc-0.1.9-vendor.tar.zstd
+/bootc-0.1.10-vendor.tar.zstd
+/bootc-0.1.10.tar.zstd
+/bootc-0.1.11.tar.zstd
+/bootc-0.1.11-vendor.tar.zstd
+/bootc-0.1.12.tar.zstd
+/bootc-0.1.12-vendor.tar.zstd
+/bootc-0.1.13.tar.zstd
+/bootc-0.1.13-vendor.tar.zstd
+/bootc-0.1.14-vendor.tar.zstd
+/bootc-0.1.14.tar.zstd
+/bootc-0.1.15.tar.zstd
+/bootc-0.1.15-vendor.tar.zstd
+/bootc-0.1.16.tar.zstd
+/bootc-0.1.16-vendor.tar.zstd
+/bootc-1.1.0.tar.zstd
+/bootc-1.1.0-vendor.tar.zstd
+/bootc-1.1.2.tar.zstd
+/bootc-1.1.2-vendor.tar.zstd
+/bootc-1.1.4.tar.zstd
+/bootc-1.1.4-vendor.tar.zstd
+/bootc-1.1.5.tar.zstd
+/bootc-1.1.5-vendor.tar.zstd
+/bootc-1.1.6-vendor.tar.zstd
+/bootc-1.1.6.tar.zstd

0001-store-Really-remove-empty-etc-resolv.conf-and-etc-ho.patch

@@ -0,0 +1,127 @@
+From 7473ffd0bd0e30aecfd1af67f3ef7a69af4a4645 Mon Sep 17 00:00:00 2001
+From: Colin Walters <walters@verbum.org>
+Date: Wed, 5 Mar 2025 12:58:07 -0500
+Subject: [PATCH] store: Really remove empty /etc/resolv.conf and /etc/hostname
+
+The previous change here was a no-op for two reasons:
+
+- It's actually usr/etc at this point
+- We were operating on the wrong rootfs
+
+Fixes: https://github.com/containers/bootc/pull/1096/commits/57bd0dc9835669274696998386a547afb6709ff5
+Signed-off-by: Colin Walters <walters@verbum.org>
+---
+ ostree-ext/src/container/store.rs            | 32 +++++++++++---------
+ tests/booted/readonly/011-test-resolvconf.nu | 23 ++++++++++++++
+ 2 files changed, 40 insertions(+), 15 deletions(-)
+ create mode 100644 tests/booted/readonly/011-test-resolvconf.nu
+
+diff --git a/ostree-ext/src/container/store.rs b/ostree-ext/src/container/store.rs
+index 71a9824..2b3f5df 100644
+--- a/ostree-ext/src/container/store.rs
++++ b/ostree-ext/src/container/store.rs
+@@ -466,7 +466,7 @@ fn timestamp_of_manifest_or_config(
+ /// Automatically clean up files that may have been injected by container
+ /// builds. xref https://github.com/containers/buildah/issues/4242
+ fn cleanup_root(root: &Dir) -> Result<()> {
+-    const RUNTIME_INJECTED: &[&str] = &["etc/hostname", "etc/resolv.conf"];
++    const RUNTIME_INJECTED: &[&str] = &["usr/etc/hostname", "usr/etc/resolv.conf"];
+     for ent in RUNTIME_INJECTED {
+         if let Some(meta) = root.symlink_metadata_optional(ent)? {
+             if meta.is_file() && meta.size() == 0 {
+@@ -1055,6 +1055,8 @@ impl ImageImporter {
+                     .with_context(|| format!("Checking out layer {commit}"))?;
+                 }
+ 
++                let root_dir = td.open_dir(rootpath)?;
++
+                 let modifier =
+                     ostree::RepoCommitModifier::new(ostree::RepoCommitModifierFlags::CONSUME, None);
+                 modifier.set_devino_cache(&devino);
+@@ -1062,8 +1064,7 @@ impl ImageImporter {
+                 // the derived layers include custom policy. Just relabel everything
+                 // in this case.
+                 if have_derived_layers {
+-                    let rootpath = td.open_dir(rootpath)?;
+-                    let sepolicy = ostree::SePolicy::new_at(rootpath.as_raw_fd(), cancellable)?;
++                    let sepolicy = ostree::SePolicy::new_at(root_dir.as_raw_fd(), cancellable)?;
+                     tracing::debug!("labeling from merged tree");
+                     modifier.set_sepolicy(Some(&sepolicy));
+                 } else if let Some(base) = base_commit.as_ref() {
+@@ -1074,7 +1075,7 @@ impl ImageImporter {
+                     unreachable!()
+                 }
+ 
+-                cleanup_root(&td)?;
++                cleanup_root(&root_dir)?;
+ 
+                 let mt = ostree::MutableTree::new();
+                 repo.write_dfd_to_mtree(
+@@ -1965,23 +1966,24 @@ mod tests {
+     #[test]
+     fn test_cleanup_root() -> Result<()> {
+         let td = cap_tempfile::TempDir::new(cap_std::ambient_authority())?;
+-
++        let usretc = "usr/etc";
+         cleanup_root(&td).unwrap();
+-        td.create_dir("etc")?;
+-        td.write("etc/hostname", b"hostname")?;
++        td.create_dir_all(usretc)?;
++        let usretc = &td.open_dir(usretc)?;
++        usretc.write("hostname", b"hostname")?;
+         cleanup_root(&td).unwrap();
+-        assert!(td.try_exists("etc/hostname")?);
+-        td.write("etc/hostname", b"")?;
++        assert!(usretc.try_exists("hostname")?);
++        usretc.write("hostname", b"")?;
+         cleanup_root(&td).unwrap();
+-        assert!(!td.try_exists("etc/hostname")?);
++        assert!(!td.try_exists("hostname")?);
+ 
+-        td.symlink_contents("../run/systemd/stub-resolv.conf", "etc/resolv.conf")?;
++        usretc.symlink_contents("../run/systemd/stub-resolv.conf", "resolv.conf")?;
+         cleanup_root(&td).unwrap();
+-        assert!(td.symlink_metadata("etc/resolv.conf")?.is_symlink());
+-        td.remove_file("etc/resolv.conf")?;
+-        td.write("etc/resolv.conf", b"")?;
++        assert!(usretc.symlink_metadata("resolv.conf")?.is_symlink());
++        usretc.remove_file("resolv.conf")?;
++        usretc.write("resolv.conf", b"")?;
+         cleanup_root(&td).unwrap();
+-        assert!(!td.try_exists("etc/resolv.conf")?);
++        assert!(!usretc.try_exists("resolv.conf")?);
+ 
+         Ok(())
+     }
+diff --git a/tests/booted/readonly/011-test-resolvconf.nu b/tests/booted/readonly/011-test-resolvconf.nu
+new file mode 100644
+index 0000000..a5f8fe9
+--- /dev/null
++++ b/tests/booted/readonly/011-test-resolvconf.nu
+@@ -0,0 +1,23 @@
++use std assert
++use tap.nu
++
++tap begin "verify there's not an empty /etc/resolv.conf in the image"
++
++let st = bootc status --json | from json
++
++let booted_ostree = $st.status.booted.ostree.checksum;
++
++# ostree ls should probably have --json and a clean way to not error on ENOENT
++let resolvconf = ostree ls $booted_ostree /usr/etc | split row (char newline) | find resolv.conf
++if ($resolvconf | length) > 0 {
++    let parts = $resolvconf | first | split row -r '\s+'
++    let ty = $parts | first | split chars | first
++    # If resolv.conf exists in the image, currently require it in our 
++    # test suite to be a symlink (which is hopefully to the systemd/stub-resolv.conf)
++    assert equal $ty 'l'
++    print "resolv.conf is a symlink"
++} else {
++    print "No resolv.conf found in commit"
++}
++
++tap ok
+-- 
+2.48.1
+

bootc.spec

@@ -12,8 +12,8 @@
 %endif
 
 Name:           bootc
-Version:        1.1.5
-Release:        1%{?dist}
+Version:        1.1.6
+Release:        3%{?dist}
 Summary:        Bootable container system
 
 # Apache-2.0
@@ -29,6 +29,8 @@ URL:            https://github.com/containers/bootc
 Source0:        %{url}/releases/download/v%{version}/bootc-%{version}.tar.zstd
 Source1:        %{url}/releases/download/v%{version}/bootc-%{version}-vendor.tar.zstd
 
+Patch0: 0001-store-Really-remove-empty-etc-resolv.conf-and-etc-ho.patch
+
 # https://fedoraproject.org/wiki/Changes/EncourageI686LeafRemoval
 ExcludeArch:    %{ix86}
 
@@ -65,12 +67,14 @@ Provides: ostree-cli(ostree-container)
 # (-n because we don't want the subpackage name to start with bootc-)
 %package -n system-reinstall-bootc
 Summary: Utility to reinstall the current system using bootc
-Requires: podman
+Recommends: podman
 # The reinstall subpackage intentionally does not require bootc, as it pulls in many unnecessary dependencies
 
 %description -n system-reinstall-bootc
 This package provides a utility to simplify reinstalling the current system to a given bootc image.
 
+%global system_reinstall_bootc_install_podman_path %{_prefix}/lib/system-reinstall-bootc/install-podman
+
 %prep
 %autosetup -p1 -a1
 # Default -v vendor config doesn't support non-crates.io deps (i.e. git)
@@ -89,7 +93,18 @@ rm vendor-config.toml
 
 # Build the system reinstallation CLI binary
 %global cargo_args -p system-reinstall-bootc
-%cargo_build
+export SYSTEM_REINSTALL_BOOTC_INSTALL_PODMAN_PATH=%{system_reinstall_bootc_install_podman_path}
+%if 0%{?fedora} || 0%{?rhel} >= 10
+    # In cargo-rpm-macros, the cargo_build macro does flag processing,
+    # so we need to pass '--' to signify that cargo_args is not part
+    # of the macro args
+    %cargo_build -- %cargo_args
+%else
+    # Older macros from rust-toolset do *not* do flag processing, so
+    # '--' would be passed through to cargo directly, which is not
+    # what we want.
+    %cargo_build %cargo_args
+%endif
 
 %cargo_vendor_manifest
 # https://pagure.io/fedora-rust/rust-packaging/issue/33
@@ -102,6 +117,12 @@ sed -i -e '/https:\/\//d' cargo-vendor.txt
 %if %{with ostree_ext}
 make install-ostree-hooks DESTDIR=%{?buildroot}
 %endif
+mkdir -p %{buildroot}/%{dirname:%{system_reinstall_bootc_install_podman_path}}
+cat >%{?buildroot}/%{system_reinstall_bootc_install_podman_path} <<EOF
+#!/bin/bash
+exec dnf -y install podman
+EOF
+chmod +x %{?buildroot}/%{system_reinstall_bootc_install_podman_path}
 
 %if %{with check}
 %check
@@ -126,8 +147,18 @@ make install-ostree-hooks DESTDIR=%{?buildroot}
 
 %files -n system-reinstall-bootc
 %{_bindir}/system-reinstall-bootc
+%{system_reinstall_bootc_install_podman_path}
 
 %changelog
+* Thu Mar 06 2025 Joseph Marrero <jmarrero@fedoraproject.org> - 1.1.6-3
+- Backport https://github.com/containers/bootc/pull/1167
+- Resolves: #RHEL-82293
+
+* Wed Feb 19 2025 John Eckersberg <jeckersb@redhat.com> - 1.1.5-2
+- Sync specfile from upstream
+- Resolves: #RHEL-80264
+- Resolves: #RHEL-81981
+
 * Mon Feb 10 2025 Joseph Marrero <jmarrero@fedoraproject.org> - 1.1.5-1
 - Update to 1.1.5
 - Resolves: #RHEL-77733

gating.yaml

@@ -0,0 +1,6 @@
+--- !Policy
+product_versions:
+  - rhel-9
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}   # this is the testcase identifier, which OSCI pipeline uses

sources

@@ -0,0 +1,2 @@
+SHA512 (bootc-1.1.6-vendor.tar.zstd) = 9fcd7356a1c97e704dd0b0f1aa2bc6929da65fd59a38031cf398bd3a1f8e5bb73d6b410a07a52767d41055785fbeeb0c31688a939ae2f5278e5dbc68ee700aa2
+SHA512 (bootc-1.1.6.tar.zstd) = 977a26e4739ba623389c51efa7122ab14b2efd7ca15d210a0eb51918ec52492c70286396f7fc25ab0615038939c0c0890fad116126b0076748c7f40c9a912f41

tests/tests.yml

@@ -0,0 +1,9 @@
+- hosts: localhost
+  roles:
+  - role: standard-test-basic
+    tags:
+    - classic
+    tests:
+    - simple:
+        dir: .
+        run: "bootc --help"