composefs: Read manifest+config from composefs repo instead of .imginfo#2044
composefs: Read manifest+config from composefs repo instead of .imginfo#2044cgwalters wants to merge 2 commits intobootc-dev:mainfrom
Conversation
composefs-rs now provides pull_image() which returns a PullResult containing both the manifest and config digests/verities. Switch from the older pull() which only returned the config information. Log the full pull result (manifest+config digests and verity hashes) via structured journal fields for both install and upgrade paths. Assisted-by: OpenCode (Claude Opus 4)
composefs-rs stores the OCI manifest and config as splitstreams in the repository during pull. Use this to eliminate the redundant .imginfo sidecar files that bootc was maintaining separately. Store the OCI manifest digest in the .origin file under an [image] section, and use OciImage::open() to retrieve the full manifest+config from the local composefs repo when needed (status, GC, export). This avoids both the sidecar files and the surprising network-fetch fallback that the old get_imginfo() would do if no .imginfo file existed. For backwards compatibility, get_imginfo() falls back to reading legacy .imginfo files for deployments created before this change. The do_upgrade() and write_composefs_state() functions no longer need ImgConfigManifest passed through, since the data is retrieved from the repo on demand rather than written at deploy time. get_container_manifest_and_config() is retained for is_image_pulled() which checks the remote registry to determine if an update is available. Assisted-by: OpenCode (Claude Opus 4)
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request refactors how container image manifest and configuration are handled for composefs deployments. Instead of storing them in a separate .imginfo file, the manifest digest is now stored in the .origin file, and the manifest/config are read directly from the composefs repository. This is a good improvement that centralizes image metadata storage. The changes are consistent across the codebase, and backward compatibility for older deployments with .imginfo files is maintained. I've found one area for improvement regarding repository handling efficiency.
| let mut repo = open_composefs_repo(&rootfs_dir)?; | ||
| repo.set_insecure(allow_missing_fsverity); |
There was a problem hiding this comment.
The repository is being opened and configured for a second time here. The first time is before the composefs_oci_pull_image call on line 131. This is inefficient as it involves redundant I/O and setup.
It would be better to open the repository only once at the beginning of the function. You can wrap it in an Arc for the pull operation, and then continue to use the same Arc<repo> for subsequent operations like create_composefs_filesystem. At the end of the function, you can use Arc::try_unwrap to get back the owned repo to be returned in PullRepoResult.
1 participant
Sticking this as draft for now