cli: Implement bootc status for composefs native booted system

Johan-Liebert1 · Johan-Liebert1 · commit 8d9b9232ec74 · 2025-06-26T18:03:53.000+05:30
Signed-off-by: Pragyan Poudyal &lt;pragyanpoudyal41999@gmail.com&gt;
diff --git a/lib/src/status.rs b/lib/src/status.rs
@@ -3,19 +3,25 @@ use std::collections::VecDeque;
 use std::io::IsTerminal;
 use std::io::Read;
 use std::io::Write;
+use std::str::FromStr;
 
 use anyhow::{Context, Result};
+use cap_std_ext::cap_std;
 use fn_error_context::context;
 use ostree::glib;
 use ostree_container::OstreeImageReference;
 use ostree_ext::container as ostree_container;
+use ostree_ext::container::deploy::ORIGIN_CONTAINER;
 use ostree_ext::container_utils::composefs_booted;
 use ostree_ext::container_utils::ostree_booted;
+use ostree_ext::containers_image_proxy;
 use ostree_ext::keyfileext::KeyFileExt;
 use ostree_ext::oci_spec;
 use ostree_ext::ostree;
+use tokio::io::AsyncReadExt;
 
 use crate::cli::OutputFormat;
+use crate::spec::ImageStatus;
 use crate::spec::{BootEntry, BootOrder, Host, HostSpec, HostStatus, HostType};
 use crate::spec::{ImageReference, ImageSignature};
 use crate::store::{CachedImageStatus, ContainerImageStore, Storage};
@@ -287,6 +293,140 @@ pub(crate) fn get_status(
     Ok((deployments, host))
 }
 
+#[context("Getting composefs deployment metadata")]
+async fn boot_entry_from_composefs_deployment(
+    origin: tini::Ini,
+    booted: &String,
+) -> Result<BootEntry> {
+    let image = match origin.get::<String>("origin", ORIGIN_CONTAINER) {
+        Some(img_name_from_config) => {
+            let ostree_img_ref = OstreeImageReference::from_str(&img_name_from_config)?;
+            let imgref = ostree_img_ref.imgref.to_string();
+
+            let img_ref = ImageReference::from(ostree_img_ref);
+
+            let config = containers_image_proxy::ImageProxyConfig::default();
+            let proxy = containers_image_proxy::ImageProxy::new_with_config(config).await?;
+
+            // The image might've been removed, so don't error if we can't get the image manifest
+            let (image_digest, version, architecture, created_at) =
+                match proxy.open_image(&imgref).await.context("Opening image") {
+                    Ok(img) => {
+                        let (_, manifest) = proxy.fetch_manifest(&img).await?;
+                        let (mut reader, driver) =
+                            proxy.get_descriptor(&img, manifest.config()).await?;
+
+                        let mut buf = Vec::with_capacity(manifest.config().size() as usize);
+                        buf.resize(manifest.config().size() as usize, 0);
+                        reader.read_exact(&mut buf).await?;
+                        driver.await?;
+
+                        let config: oci_spec::image::ImageConfiguration =
+                            serde_json::from_slice(&buf)?;
+
+                        let digest = manifest.config().digest().to_string();
+                        let arch = config.architecture().to_string();
+                        let created = config.created().clone();
+                        let version = manifest
+                            .annotations()
+                            .as_ref()
+                            .and_then(|a| a.get(oci_spec::image::ANNOTATION_VERSION).cloned());
+
+                        (digest, version, arch, created)
+                    }
+
+                    Err(e) => {
+                        tracing::debug!("Failed to open image {img_ref}, because {e:?}");
+                        ("".into(), None, "".into(), None)
+                    }
+                };
+
+            let timestamp = if let Some(created_at) = created_at {
+                try_deserialize_timestamp(&created_at)
+            } else {
+                None
+            };
+
+            let image_status = ImageStatus {
+                image: img_ref,
+                version,
+                timestamp,
+                image_digest,
+                architecture,
+            };
+
+            Some(image_status)
+        }
+
+        // Wasn't booted using a container image. Do nothing
+        None => None,
+    };
+
+    let e = BootEntry {
+        image,
+        cached_update: None,
+        incompatible: false,
+        pinned: false,
+        store: None,
+        ostree: None,
+        composefs: Some(crate::spec::BootEntryComposefs {
+            verity: booted.into(),
+        }),
+    };
+
+    return Ok(e);
+}
+
+#[context("Getting composefs deployment status")]
+pub(crate) async fn composefs_deployment_status() -> Result<Host> {
+    let cmdline = crate::kernel::parse_cmdline()?;
+    let booted = cmdline.iter().find_map(|x| x.strip_prefix("composefs="));
+
+    let Some(booted) = booted else {
+        anyhow::bail!("Failed to find composefs parameter in kernel cmdline");
+    };
+
+    let sysroot = cap_std::fs::Dir::open_ambient_dir("/sysroot", cap_std::ambient_authority())
+        .context("Opening sysroot")?;
+    let deployments = sysroot
+        .read_dir("state/deploy")
+        .context("Reading sysroot state/deploy")?;
+
+    let host_spec = HostSpec {
+        image: None,
+        boot_order: BootOrder::Default,
+    };
+
+    let mut host = Host::new(host_spec);
+
+    for depl in deployments {
+        let depl = depl?;
+
+        let depl_file_name = depl.file_name();
+        let depl_file_name = depl_file_name.to_string_lossy();
+
+        // read the origin file
+        let config = depl
+            .open_dir()
+            .with_context(|| format!("Failed to open {depl_file_name}"))?
+            .read_to_string(format!("{depl_file_name}.origin"))
+            .with_context(|| format!("Reading file {depl_file_name}.origin"))?;
+
+        let ini = tini::Ini::from_string(&config)
+            .with_context(|| format!("Failed to parse file {depl_file_name}.origin as ini"))?;
+
+        let boot_entry = boot_entry_from_composefs_deployment(ini, &booted.into()).await?;
+
+        if depl.file_name() == booted {
+            host.spec.image = boot_entry.image.as_ref().map(|x| x.image.clone());
+            host.status.booted = Some(boot_entry);
+            continue;
+        }
+    }
+
+    Ok(host)
+}
+
 /// Implementation of the `bootc status` CLI command.
 #[context("Status")]
 pub(crate) async fn status(opts: super::cli::StatusOpts) -> Result<()> {
@@ -301,45 +441,7 @@ pub(crate) async fn status(opts: super::cli::StatusOpts) -> Result<()> {
         let (_deployments, host) = get_status(&sysroot, booted_deployment.as_ref())?;
         host
     } else if composefs_booted()? {
-        let dir_contents = std::fs::read_dir("/sysroot/composefs/images")?;
-
-        let host_spec = HostSpec {
-            image: Some(ImageReference {
-                image: "".into(),
-                transport: "".into(),
-                signature: None,
-            }),
-            boot_order: BootOrder::Default,
-        };
-
-        let mut host = Host::new(host_spec);
-
-        let cmdline = crate::kernel::parse_cmdline()?;
-        let booted = cmdline.iter().find_map(|x| x.strip_prefix("composefs="));
-
-        let Some(booted) = booted else {
-            anyhow::bail!("Failed to find composefs parameter in kernel cmdline");
-        };
-
-        host.status = HostStatus {
-            staged: None,
-            booted: Some(BootEntry {
-                image: None,
-                cached_update: None,
-                incompatible: false,
-                pinned: false,
-                store: None,
-                ostree: None,
-                composefs: Some(crate::spec::BootEntryComposefs {
-                    verity: booted.into(),
-                }),
-            }),
-            rollback: None,
-            rollback_queued: false,
-            ty: None,
-        };
-
-        host
+        composefs_deployment_status().await?
     } else {
         Default::default()
     };
