From fb83525e5881ed51e313a980c241aea34ad51e1c Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Fri, 1 Aug 2025 10:44:35 -0400 Subject: [PATCH 1/3] docs: We're read only by default in a container Closes: https://github.com/bootc-dev/bootc/issues/1461 --- docs/src/SUMMARY.md | 1 + docs/src/bootc-in-container.md | 20 ++++++++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 docs/src/bootc-in-container.md diff --git a/docs/src/SUMMARY.md b/docs/src/SUMMARY.md index 73d38b2e1..1b6b0851c 100644 --- a/docs/src/SUMMARY.md +++ b/docs/src/SUMMARY.md @@ -43,6 +43,7 @@ # Bootc usage in containers +- [Read-only when in a default container](bootc-in-container.md) - [`man bootc-container-lint`](man/bootc-container-lint.md) # Architecture diff --git a/docs/src/bootc-in-container.md b/docs/src/bootc-in-container.md new file mode 100644 index 000000000..b6166bb89 --- /dev/null +++ b/docs/src/bootc-in-container.md @@ -0,0 +1,20 @@ +# bootc is read-only when run in a default container + +Currently, running e.g. `podman run bootc upgrade` will not work. +There's a variety of reasons for this, such as the basic fact that by +default a `docker|podman run ` doesn't know where to update itself; +the image reference is not exposed into the target image (for security/operational +reasons). + +## Supported operations + +There are really just two supported operations in a container environment today: + +- `bootc status`: This can reliably be used to detect whether the system is + actually booted via bootc or not. +- `bootc container lint`: See [man/bootc-container-lint.md](man/bootc-container-lint.md). + +### Testing bootc in a container + +Eventually we would like to support having bootc run inside a container environment +primarily for testing purposes. For this, please see the [tracking issue](https://github.com/bootc-dev/bootc/issues/400). From 596db94d67ad47a8c8a0535865ed5fe5c8b723bf Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Fri, 1 Aug 2025 11:00:07 -0400 Subject: [PATCH 2/3] Update docs/src/bootc-in-container.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> --- docs/src/bootc-in-container.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/src/bootc-in-container.md b/docs/src/bootc-in-container.md index b6166bb89..da7a4686d 100644 --- a/docs/src/bootc-in-container.md +++ b/docs/src/bootc-in-container.md @@ -1,7 +1,7 @@ # bootc is read-only when run in a default container Currently, running e.g. `podman run bootc upgrade` will not work. -There's a variety of reasons for this, such as the basic fact that by +There are a variety of reasons for this, such as the basic fact that by default a `docker|podman run ` doesn't know where to update itself; the image reference is not exposed into the target image (for security/operational reasons). From 4f03ca9ea587a3027e62a15359d5806f0e6ff00a Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Fri, 1 Aug 2025 11:00:11 -0400 Subject: [PATCH 3/3] Update docs/src/bootc-in-container.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> --- docs/src/bootc-in-container.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/src/bootc-in-container.md b/docs/src/bootc-in-container.md index da7a4686d..56783eaa8 100644 --- a/docs/src/bootc-in-container.md +++ b/docs/src/bootc-in-container.md @@ -8,7 +8,7 @@ reasons). ## Supported operations -There are really just two supported operations in a container environment today: +There are only two supported operations in a container environment today: - `bootc status`: This can reliably be used to detect whether the system is actually booted via bootc or not.