Skip to content

cli: Only allow some arguments if composefs-backend is true #1990

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
cgwalters merged 1 commit into from
Feb 9, 2026
Merged

cli: Only allow some arguments if composefs-backend is true #1990

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 3 additions & 19 deletions crates/lib/src/install.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -383,18 +383,18 @@ pub(crate) struct InstallComposefsOpts {
pub(crate) composefs_backend: bool,

/// Make fs-verity validation optional in case the filesystem doesn't support it
#[clap(long, default_value_t)]
#[clap(long, default_value_t, requires = "composefs_backend")]
#[serde(default)]
pub(crate) insecure: bool,
Comment on lines +386 to 388
Copy link
Collaborator

@cgwalters cgwalters Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While we're here...(not part of this PR but as followup) I would like to propose renaming this to something like --allow-missing-fsverity or something.

Copy link
Collaborator Author

@Johan-Liebert1 Johan-Liebert1 Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sounds good. I'll update this when finishing up #1913 (comment)


/// The bootloader to use.
#[clap(long)]
#[clap(long, requires = "composefs_backend")]
#[serde(default)]
pub(crate) bootloader: Option<Bootloader>,

/// Name of the UKI addons to install without the ".efi.addon" suffix.
/// This option can be provided multiple times if multiple addons are to be installed.
#[clap(long)]
#[clap(long, requires = "composefs_backend")]
#[serde(default)]
pub(crate) uki_addon: Option<Vec<String>>,
}
Expand Down Expand Up @@ -804,20 +804,6 @@ impl FromStr for MountSpec {
}
}

#[cfg(feature = "install-to-disk")]
impl InstallToDiskOpts {
pub(crate) fn validate(&self) -> Result<()> {
if !self.composefs_opts.composefs_backend {
// Reject using --insecure without --composefs-backend
if self.composefs_opts.insecure != false {
anyhow::bail!("--insecure must not be provided without --composefs-backend");
}
}

Ok(())
}
}

impl SourceInfo {
// Inspect container information and convert it to an ostree image reference
// that pulls from containers-storage.
Expand Down Expand Up @@ -1928,8 +1914,6 @@ fn installation_complete() {
#[context("Installing to disk")]
#[cfg(feature = "install-to-disk")]
pub(crate) async fn install_to_disk(mut opts: InstallToDiskOpts) -> Result<()> {
opts.validate()?;
Copy link
Collaborator

@cgwalters cgwalters Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm fine with this, however I think we could easily change this to be anyhow::ensure!() instead - yes it's double checking but probably worth doing.

Copy link
Collaborator Author

@Johan-Liebert1 Johan-Liebert1 Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In agreement. The error that clap provides when passing, say --insecure, without the composefs backend flag is a bit misleading as it says

error: the following required arguments were not provided:
  --composefs-backend

imo, we'd want it so say something like --insecure is only available for --composefs-backend or something like that. What do you think?


// Log the disk installation operation to systemd journal
const INSTALL_DISK_JOURNAL_ID: &str = "8b7c6d5e4f3a2b1c0d9e8f7a6b5c4d3e2";
let source_image = opts
Expand Down
2 changes: 2 additions & 0 deletions docs/src/bootloaders.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ Currently, `bootc` only runs `bootupd` during the installation process. It does

## systemd-boot

NOTE: systemd-boot is only supported for Composefs Backend and not for Ostree
Copy link
Collaborator

@cgwalters cgwalters Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about just

systemd-boot is only supported by the composefs backend, and not the (default) ostree backend.


If bootupd is not present in the input container image, then systemd-boot will be used
by default (except on s390x).
Comment on lines 18 to 19
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Feb 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

This sentence could be slightly confusing. While it's true that systemd-boot is the fallback if bootupd is not present, for ostree-based installs this will result in an error. It might be clearer to explicitly state that this default behavior applies to composefs installs to avoid any ambiguity.

For example:

For composefs-based installations, if `bootupd` is not present in the input container image, then `systemd-boot` will be used by default (except on s390x).
Suggested change
If bootupd is not present in the input container image, then systemd-boot will be used
by default (except on s390x).
For composefs-based installations, if `bootupd` is not present in the input container image, then systemd-boot will be used
by default (except on s390x).

Copy link
Collaborator

@cgwalters cgwalters Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, but not new with this PR


Expand Down