store: Introduce BootedOstree and BootedComposefs types

Refactor the storage layer to introduce new types that better encapsulate
boot context:

- Add BootedStorage wrapper that detects ostree vs composefs boot
- Add BootedOstree struct holding sysroot reference and deployment
- Add BootedComposefs struct holding repository and cmdline
- Add BootedStorageKind enum to discriminate between backends

This allows passing boot context as a cohesive unit rather than separate
parameters. Update the upgrade code path to use these new types:

- Change get_status() to accept &BootedOstree instead of separate params
- Update handle_staged_soft_reboot() similarly
- Update upgrade() to use structs throughout

Add comprehensive documentation to all new types and methods in store/mod.rs.

Assisted-by: Claude Code (Sonnet 4.5)

Signed-off-by: Colin Walters <[email protected]>

Author: cgwalters

crates/lib/src/bootc_composefs/status.rs

@@ -247,14 +247,23 @@ async fn boot_entry_from_composefs_deployment(
     return Ok(e);
 }
 
-#[context("Getting composefs deployment status")]
 pub(crate) async fn composefs_deployment_status() -> Result<Host> {
     let composefs_state = composefs_booted()?
         .ok_or_else(|| anyhow::anyhow!("Failed to find composefs parameter in kernel cmdline"))?;
-    let composefs_digest = &composefs_state.digest;
 
     let sysroot =
         Dir::open_ambient_dir("/sysroot", ambient_authority()).context("Opening sysroot")?;
+
+    composefs_deployment_status_from(&sysroot, composefs_state).await
+}
+
+#[context("Getting composefs deployment status")]
+pub(crate) async fn composefs_deployment_status_from(
+    sysroot: &Dir,
+    cmdline: &ComposefsCmdline,
+) -> Result<Host> {
+    let composefs_digest = &cmdline.digest;
+
     let deployments = sysroot
         .read_dir(STATE_DIR_RELATIVE)
         .with_context(|| format!("Reading sysroot {STATE_DIR_RELATIVE}"))?;

crates/lib/src/bootc_composefs/update.rs

@@ -14,7 +14,7 @@ use crate::{
     },
     cli::UpgradeOpts,
     spec::ImageReference,
-    store::ComposefsRepository,
+    store::{BootedComposefs, ComposefsRepository, Storage},
 };
 
 use cap_std_ext::cap_std::{ambient_authority, fs::Dir};
@@ -61,7 +61,11 @@ async fn is_image_pulled(
 }
 
 #[context("Upgrading composefs")]
-pub(crate) async fn upgrade_composefs(opts: UpgradeOpts) -> Result<()> {
+pub(crate) async fn upgrade_composefs(
+    opts: UpgradeOpts,
+    _storage: &Storage,
+    _composefs: &BootedComposefs,
+) -> Result<()> {
     let host = composefs_deployment_status()
         .await
         .context("Getting composefs deployment status")?;

crates/lib/src/cli.rs

@@ -38,7 +38,6 @@ use crate::bootc_composefs::{
     finalize::{composefs_backend_finalize, get_etc_diff},
     rollback::composefs_rollback,
     state::composefs_usr_overlay,
-    status::composefs_booted,
     switch::switch_composefs,
     update::upgrade_composefs,
 };
@@ -48,7 +47,8 @@ use crate::podstorage::set_additional_image_store;
 use crate::progress_jsonl::{ProgressWriter, RawProgressFd};
 use crate::spec::Host;
 use crate::spec::ImageReference;
-use crate::store::ComposefsRepository;
+use crate::store::{BootedOstree, ComposefsRepository, Storage};
+use crate::store::{BootedStorage, BootedStorageKind};
 use crate::utils::sigpolicy_from_opt;
 
 /// Shared progress options
@@ -712,24 +712,11 @@ pub(crate) fn ensure_self_unshared_mount_namespace() -> Result<()> {
     bootc_utils::reexec::reexec_with_guardenv(recurse_env, &["unshare", "-m", "--"])
 }
 
-/// Acquire a locked sysroot.
-/// TODO drain this and the above into SysrootLock
-#[context("Acquiring sysroot")]
-pub(crate) async fn get_locked_sysroot() -> Result<ostree_ext::sysroot::SysrootLock> {
-    prepare_for_write()?;
-    let sysroot = ostree::Sysroot::new_default();
-    sysroot.set_mount_namespace_in_use();
-    let sysroot = ostree_ext::sysroot::SysrootLock::new_from_sysroot(&sysroot).await?;
-    sysroot.load(gio::Cancellable::NONE)?;
-    Ok(sysroot)
-}
-
 /// Load global storage state, expecting that we're booted into a bootc system.
 #[context("Initializing storage")]
-pub(crate) async fn get_storage() -> Result<crate::store::Storage> {
-    let global_run = Dir::open_ambient_dir("/run", cap_std::ambient_authority())?;
-    let sysroot = get_locked_sysroot().await?;
-    crate::store::Storage::new(sysroot, &global_run)
+pub(crate) async fn get_storage() -> Result<crate::store::BootedStorage> {
+    prepare_for_write()?;
+    BootedStorage::new().await
 }
 
 #[context("Querying root privilege")]
@@ -811,15 +798,15 @@ where
 /// Handle soft reboot for staged deployments (used by upgrade and switch)
 #[context("Handling staged soft reboot")]
 fn handle_staged_soft_reboot(
-    sysroot: &SysrootLock,
+    booted_ostree: &BootedOstree<'_>,
     soft_reboot_mode: Option<SoftRebootMode>,
     host: &crate::spec::Host,
 ) -> Result<()> {
     handle_soft_reboot(
         soft_reboot_mode,
         host.status.staged.as_ref(),
         "staged",
-        || soft_reboot_staged(sysroot),
+        || soft_reboot_staged(booted_ostree.sysroot),
     )
 }
 
@@ -890,11 +877,14 @@ fn prepare_for_write() -> Result<()> {
 
 /// Implementation of the `bootc upgrade` CLI command.
 #[context("Upgrading")]
-async fn upgrade(opts: UpgradeOpts) -> Result<()> {
-    let sysroot = &get_storage().await?;
-    let ostree = sysroot.get_ostree()?;
-    let repo = &ostree.repo();
-    let (booted_deployment, _deployments, host) = crate::status::get_status_require_booted(ostree)?;
+async fn upgrade(
+    opts: UpgradeOpts,
+    storage: &Storage,
+    booted_ostree: &BootedOstree<'_>,
+) -> Result<()> {
+    let repo = &booted_ostree.repo();
+
+    let host = crate::status::get_status(booted_ostree)?.1;
     let imgref = host.spec.image.as_ref();
     let prog: ProgressWriter = opts.progress.try_into()?;
 
@@ -962,16 +952,16 @@ async fn upgrade(opts: UpgradeOpts) -> Result<()> {
             .unwrap_or_default();
         if staged_unchanged {
             println!("Staged update present, not changed.");
-            handle_staged_soft_reboot(ostree, opts.soft_reboot, &host)?;
+            handle_staged_soft_reboot(booted_ostree, opts.soft_reboot, &host)?;
             if opts.apply {
                 crate::reboot::reboot()?;
             }
         } else if booted_unchanged {
             println!("No update available.")
         } else {
-            let stateroot = booted_deployment.osname();
-            let from = MergeState::from_stateroot(sysroot, &stateroot)?;
-            crate::deploy::stage(sysroot, from, &fetched, &spec, prog.clone()).await?;
+            let stateroot = booted_ostree.stateroot();
+            let from = MergeState::from_stateroot(storage, &stateroot)?;
+            crate::deploy::stage(storage, from, &fetched, &spec, prog.clone()).await?;
             changed = true;
             if let Some(prev) = booted_image.as_ref() {
                 if let Some(fetched_manifest) = fetched.get_manifest(repo)? {
@@ -983,13 +973,13 @@ async fn upgrade(opts: UpgradeOpts) -> Result<()> {
         }
     }
     if changed {
-        sysroot.update_mtime()?;
+        storage.update_mtime()?;
 
         if opts.soft_reboot.is_some() {
             // At this point we have new staged deployment and the host definition has changed.
             // We need the updated host status before we check if we can prepare the soft-reboot.
-            let updated_host = crate::status::get_status(ostree, Some(&booted_deployment))?.1;
-            handle_staged_soft_reboot(ostree, opts.soft_reboot, &updated_host)?;
+            let updated_host = crate::status::get_status(booted_ostree)?.1;
+            handle_staged_soft_reboot(booted_ostree, opts.soft_reboot, &updated_host)?;
         }
 
         if opts.apply {
@@ -1039,8 +1029,8 @@ async fn switch(opts: SwitchOpts) -> Result<()> {
 
     let cancellable = gio::Cancellable::NONE;
 
-    let sysroot = &get_storage().await?;
-    let ostree = sysroot.get_ostree()?;
+    let storage = &get_storage().await?;
+    let ostree = storage.get_ostree()?;
     let repo = &ostree.repo();
     let (booted_deployment, _deployments, host) = crate::status::get_status_require_booted(ostree)?;
 
@@ -1090,16 +1080,20 @@ async fn switch(opts: SwitchOpts) -> Result<()> {
     }
 
     let stateroot = booted_deployment.osname();
-    let from = MergeState::from_stateroot(sysroot, &stateroot)?;
-    crate::deploy::stage(sysroot, from, &fetched, &new_spec, prog.clone()).await?;
+    let from = MergeState::from_stateroot(storage, &stateroot)?;
+    crate::deploy::stage(storage, from, &fetched, &new_spec, prog.clone()).await?;
 
-    sysroot.update_mtime()?;
+    storage.update_mtime()?;
 
     if opts.soft_reboot.is_some() {
         // At this point we have staged the deployment and the host definition has changed.
         // We need the updated host status before we check if we can prepare the soft-reboot.
-        let updated_host = crate::status::get_status(ostree, Some(&booted_deployment))?.1;
-        handle_staged_soft_reboot(ostree, opts.soft_reboot, &updated_host)?;
+        let booted_ostree = BootedOstree {
+            sysroot: ostree,
+            deployment: booted_deployment.clone(),
+        };
+        let updated_host = crate::status::get_status(&booted_ostree)?.1;
+        handle_staged_soft_reboot(&booted_ostree, opts.soft_reboot, &updated_host)?;
     }
 
     if opts.apply {
@@ -1112,9 +1106,9 @@ async fn switch(opts: SwitchOpts) -> Result<()> {
 /// Implementation of the `bootc rollback` CLI command.
 #[context("Rollback")]
 async fn rollback(opts: &RollbackOpts) -> Result<()> {
-    let sysroot = &get_storage().await?;
-    let ostree = sysroot.get_ostree()?;
-    crate::deploy::rollback(sysroot).await?;
+    let storage = &get_storage().await?;
+    let ostree = storage.get_ostree()?;
+    crate::deploy::rollback(storage).await?;
 
     if opts.soft_reboot.is_some() {
         // Get status of rollback deployment to check soft-reboot capability
@@ -1134,8 +1128,8 @@ async fn rollback(opts: &RollbackOpts) -> Result<()> {
 /// Implementation of the `bootc edit` CLI command.
 #[context("Editing spec")]
 async fn edit(opts: EditOpts) -> Result<()> {
-    let sysroot = &get_storage().await?;
-    let ostree = sysroot.get_ostree()?;
+    let storage = &get_storage().await?;
+    let ostree = storage.get_ostree()?;
     let repo = &ostree.repo();
 
     let (booted_deployment, _deployments, host) = crate::status::get_status_require_booted(ostree)?;
@@ -1162,18 +1156,18 @@ async fn edit(opts: EditOpts) -> Result<()> {
     // We only support two state transitions right now; switching the image,
     // or flipping the bootloader ordering.
     if host.spec.boot_order != new_host.spec.boot_order {
-        return crate::deploy::rollback(sysroot).await;
+        return crate::deploy::rollback(storage).await;
     }
 
     let fetched = crate::deploy::pull(repo, new_spec.image, None, opts.quiet, prog.clone()).await?;
 
     // TODO gc old layers here
 
     let stateroot = booted_deployment.osname();
-    let from = MergeState::from_stateroot(sysroot, &stateroot)?;
-    crate::deploy::stage(sysroot, from, &fetched, &new_spec, prog.clone()).await?;
+    let from = MergeState::from_stateroot(storage, &stateroot)?;
+    crate::deploy::stage(storage, from, &fetched, &new_spec, prog.clone()).await?;
 
-    sysroot.update_mtime()?;
+    storage.update_mtime()?;
 
     Ok(())
 }
@@ -1273,24 +1267,28 @@ async fn run_from_opt(opt: Opt) -> Result<()> {
     let root = &Dir::open_ambient_dir("/", cap_std::ambient_authority())?;
     match opt {
         Opt::Upgrade(opts) => {
-            if composefs_booted()?.is_some() {
-                upgrade_composefs(opts).await
-            } else {
-                upgrade(opts).await
+            let storage = &get_storage().await?;
+            match storage.kind()? {
+                BootedStorageKind::Ostree(booted_ostree) => {
+                    upgrade(opts, storage, &booted_ostree).await
+                }
+                BootedStorageKind::Composefs(booted_cfs) => {
+                    upgrade_composefs(opts, storage, &booted_cfs).await
+                }
             }
         }
         Opt::Switch(opts) => {
-            if composefs_booted()?.is_some() {
-                switch_composefs(opts).await
-            } else {
-                switch(opts).await
+            let storage = &get_storage().await?;
+            match storage.kind()? {
+                BootedStorageKind::Ostree(_) => switch(opts).await,
+                BootedStorageKind::Composefs(_) => switch_composefs(opts).await,
             }
         }
         Opt::Rollback(opts) => {
-            if composefs_booted()?.is_some() {
-                composefs_rollback().await?
-            } else {
-                rollback(&opts).await?
+            let storage = &get_storage().await?;
+            match storage.kind()? {
+                BootedStorageKind::Ostree(_) => rollback(&opts).await?,
+                BootedStorageKind::Composefs(_) => composefs_rollback().await?,
             }
 
             if opts.apply {
@@ -1301,10 +1299,10 @@ async fn run_from_opt(opt: Opt) -> Result<()> {
         }
         Opt::Edit(opts) => edit(opts).await,
         Opt::UsrOverlay => {
-            if composefs_booted()?.is_some() {
-                composefs_usr_overlay()
-            } else {
-                usroverlay().await
+            let storage = &get_storage().await?;
+            match storage.kind()? {
+                BootedStorageKind::Ostree(_) => usroverlay().await,
+                BootedStorageKind::Composefs(_) => composefs_usr_overlay(),
             }
         }
         Opt::Container(opts) => match opts {
@@ -1400,8 +1398,8 @@ async fn run_from_opt(opt: Opt) -> Result<()> {
                 crate::image::push_entrypoint(source.as_deref(), target.as_deref()).await
             }
             ImageOpts::PullFromDefaultStorage { image } => {
-                let sysroot = get_storage().await?;
-                sysroot
+                let storage = get_storage().await?;
+                storage
                     .get_ensure_imgstore()?
                     .pull_from_host_storage(&image)
                     .await
@@ -1501,8 +1499,8 @@ async fn run_from_opt(opt: Opt) -> Result<()> {
             InternalsOpts::Cfs { args } => crate::cfsctl::run_from_iter(args.iter()).await,
             InternalsOpts::Reboot => crate::reboot::reboot(),
             InternalsOpts::Fsck => {
-                let sysroot = &get_storage().await?;
-                crate::fsck::fsck(&sysroot, std::io::stdout().lock()).await?;
+                let storage = &get_storage().await?;
+                crate::fsck::fsck(&storage, std::io::stdout().lock()).await?;
                 Ok(())
             }
             InternalsOpts::FixupEtcFstab => crate::deploy::fixup_etc_fstab(&root),
@@ -1516,8 +1514,8 @@ async fn run_from_opt(opt: Opt) -> Result<()> {
                 Ok(())
             }
             InternalsOpts::Cleanup => {
-                let sysroot = get_storage().await?;
-                crate::deploy::cleanup(&sysroot).await
+                let storage = get_storage().await?;
+                crate::deploy::cleanup(&storage).await
             }
             InternalsOpts::Relabel { as_path, path } => {
                 let root = &Dir::open_ambient_dir("/", cap_std::ambient_authority())?;

crates/lib/src/image.rs

@@ -72,7 +72,7 @@ async fn list_images(list_type: ImageListType) -> Result<Vec<ImageOutput>> {
     let rootfs = cap_std::fs::Dir::open_ambient_dir("/", cap_std::ambient_authority())
         .context("Opening /")?;
 
-    let sysroot: Option<crate::store::Storage> =
+    let sysroot: Option<crate::store::BootedStorage> =
         if ostree_ext::container_utils::running_in_container() {
             None
         } else {

crates/lib/src/install.rs

@@ -811,7 +811,7 @@ async fn initialize_ostree_root(state: &State, root_setup: &RootSetup) -> Result
 
     sysroot.load(cancellable)?;
     let sysroot = SysrootLock::new_from_sysroot(&sysroot).await?;
-    let storage = Storage::new(sysroot, &temp_run)?;
+    let storage = Storage::new_ostree(sysroot, &temp_run)?;
 
     Ok((storage, has_ostree))
 }