cli: Add tag-aware upgrade operations#2094
cli: Add tag-aware upgrade operations#2094gursewak1997 wants to merge 1 commit intobootc-dev:mainfrom
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces new bootc upgrade CLI options: --tag to specify a target image tag for an upgrade, and --list-tags to display available tags for the currently booted image's repository. It includes new helper functions derive_image_with_tag and list_tags_for_current_image to support this functionality, along with corresponding unit tests and documentation updates. A review comment suggests refactoring duplicated logic within the upgrade function for retrieving the current image and handling cases where it's not defined, as well as making error messages more specific.
Implement bootc upgrade --tag and --list-tags to simplify tag-based image version management for customers who version images using tags. This adds: - bootc upgrade --tag <tag>: Upgrade to different tag of current image - bootc upgrade --list-tags: List available tags from registry - Automatic composition with --check for verification The --tag option derives the target image by replacing the tag portion of the current booted image reference. Only works when booted from registry transport images. Organizations version container images with tags (:latest, :dev, :test, :prod) and this allows them to upgrade between versions without retyping full registry paths or using switch (which is semantically about changing images, not versions). Assisted-by: Claude Sonnet 4.5 Signed-off-by: gursewak1997 <gursmangat@gmail.com>
gursewak1997
force-pushed
the
add-tag-upgrade
branch
from
4e09e3a to
893c24a
Compare
|
|
||
| /// List available tags for the currently booted image repository. | ||
| #[clap(long, conflicts_with_all = ["apply", "download_only", "from_downloaded"])] | ||
| pub(crate) list_tags: bool, |
There was a problem hiding this comment.
This one feels like it should be a separate operation.
|
|
||
| /// Derive a new image reference by replacing the tag of the current image | ||
| fn derive_image_with_tag(current: &ImageReference, new_tag: &str) -> Result<ImageReference> { | ||
| // Only works for registry transport |
There was a problem hiding this comment.
I think we can easily support non-registry transports here.
| // Build new image reference with the new tag (stripping any digest) | ||
| let registry = reference.registry(); | ||
| let repository = reference.repository(); | ||
| let new_image = format!("{}/{}:{}", registry, repository, new_tag); |
There was a problem hiding this comment.
There's an API for this https://docs.rs/oci-spec/latest/oci_spec/distribution/struct.Reference.html#method.with_tag
| let repo = format!("docker://{}", repo_name); | ||
|
|
||
| // Use skopeo to list tags | ||
| let output = tokio::process::Command::new("skopeo") |
There was a problem hiding this comment.
One problem is this won't use the ostree/bootc pull secret by default; we have a whole containers-image-proxy abstraction that we need to use in general for this.
Though the next problem here is that code doesn't expose an abstraction for this...but should.
| anyhow::bail!("Failed to list tags: {}", stderr); | ||
| } | ||
|
|
||
| let stdout = String::from_utf8_lossy(&output.stdout); |
There was a problem hiding this comment.
For things like this it would be a lot cleaner to use skopeo inspect which outputs JSON. I think it's almost always wrong to use from_utf8_lossy.
Perhaps this might be best done with upgrade --check? We could also cache the latest available tags there.
| } | ||
|
|
||
| #[test] | ||
| fn test_derive_image_with_tag() { |
There was a problem hiding this comment.
Nothing wrong with unit tests (although this is basically reimplementing the with_tag API I mentioned) - but we really want an integration (tmt) test for this. Right now our default integration tests don't involve a registry (that's a different issue) but I think we can do the same with containers-storage: - basically bootc switch to one tag and then switch to a different one etc.
2 participants
Implement bootc upgrade --tag and --list-tags to simplify tag-based image version management for customers who version images using tags.
This adds:
The --tag option derives the target image by replacing the tag portion of the current booted image reference. Only works when booted from registry transport images.
Organizations version container images with tags (:latest, :dev, :test, :prod) and this allows them to upgrade between versions without retyping full registry paths or using switch (which is semantically about changing images, not versions).
Assisted-by: Claude Sonnet 4.5