particle-os/bootc-docs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
bootc-docs/lint/examples-and-troubleshooting.md
robojerk 526f1c1afd Initial commit: Comprehensive Debian bootc documentation 
- Complete documentation for all bootc commands and subcommands
- Debian-specific adaptations and workarounds
- Manual installation methods to bypass bootc reliability issues
- Technical guides with Rust source code analysis
- Flowcharts and external command references
- Hidden command documentation (bootc internals, state, etc.)
- Composefs integration analysis
- Base image creation guides (with and without bootc binary)
- Management scripts and automation
- Comprehensive troubleshooting and examples
2025-09-15 14:02:28 -07:00

578 lines
12 KiB
Markdown
Raw Blame History

# bootc container lint - Examples and Troubleshooting
## Practical Examples
### 1. Basic Container Image Linting
#### Minimal Working Example
```dockerfile
FROM debian:bookworm-slim
# Install bootc
RUN apt update && apt install -y bootc && apt clean
# Create required API directories
RUN mkdir -p /dev /proc /sys /run /tmp /var
# Create proper /var/run symlink
RUN ln -sf /run /var/run
# Create /sysroot and /ostree structure
RUN mkdir -p /sysroot/ostree && ln -sf sysroot/ostree /ostree
# Create kernel structure
RUN mkdir -p /usr/lib/modules/6.1.0 && \
echo "kernel" > /usr/lib/modules/6.1.0/vmlinuz
# Create empty /boot directory
RUN mkdir -p /boot
# Lint the container
RUN bootc container lint
```
#### Common Issues and Fixes
**Issue**: `/var/run` is a directory instead of symlink
```bash
# Problem
mkdir -p /var/run
# Fix
rm -rf /var/run
ln -sf /run /var/run
```
**Issue**: Both `/etc` and `/usr/etc` exist
```bash
# Problem
mkdir -p /etc /usr/etc
# Fix (choose one)
rm -rf /usr/etc # Keep /etc
# OR
rm -rf /etc # Keep /usr/etc (not recommended)
```
**Issue**: Multiple kernels present
```bash
# Problem
mkdir -p /usr/lib/modules/5.4.0 /usr/lib/modules/6.1.0
# Fix
rm -rf /usr/lib/modules/5.4.0 # Keep only one
```
### 2. Advanced Container Configuration
#### Complete bootc-compatible Image
```dockerfile
FROM debian:bookworm-slim
# Install bootc and dependencies
RUN apt update && \
apt install -y bootc ostree systemd && \
apt clean && \
rm -rf /var/lib/apt/lists/*
# Create required API directories
RUN mkdir -p /dev /proc /sys /run /tmp /var
# Fix /var/run symlink
RUN ln -sf /run /var/run
# Create bootc-specific structure
RUN mkdir -p /sysroot/ostree && \
ln -sf sysroot/ostree /ostree
# Create kernel structure
RUN mkdir -p /usr/lib/modules/6.1.0 && \
echo "kernel" > /usr/lib/modules/6.1.0/vmlinuz && \
echo "initramfs" > /usr/lib/modules/6.1.0/initramfs.img
# Create empty /boot directory
RUN mkdir -p /boot
# Configure composefs
RUN mkdir -p /usr/lib/ostree && \
echo '[composefs]\nenabled = true' > /usr/lib/ostree/prepare-root.conf
# Configure kernel arguments
RUN mkdir -p /usr/lib/bootc/kargs.d && \
echo '[kargs]\nappend = ["console=ttyS0", "quiet"]' > /usr/lib/bootc/kargs.d/99-console.toml
# Create systemd sysusers.d entries
RUN mkdir -p /usr/lib/sysusers.d && \
echo 'u app 1000 "Application User"' > /usr/lib/sysusers.d/app.conf
# Create tmpfiles.d entries
RUN mkdir -p /usr/lib/tmpfiles.d && \
echo 'd /var/log/app 0755 app app -' > /usr/lib/tmpfiles.d/app.conf
# Lint the container
RUN bootc container lint --fatal-warnings
```
### 3. CI/CD Integration Examples
#### GitHub Actions
```yaml
name: Build and Lint bootc Image
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
build-and-lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Build container image
run: |
podman build --tag my-bootc-image .
- name: Lint container image
run: |
podman run --rm my-bootc-image bootc container lint --fatal-warnings
- name: Test installation
run: |
podman run --rm --privileged my-bootc-image bootc install to-disk /dev/loop0
```
#### GitLab CI
```yaml
stages:
- build
- lint
- test
build:
stage: build
script:
- podman build --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA .
- podman push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA
lint:
stage: lint
script:
- podman run --rm $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA bootc container lint --fatal-warnings
test:
stage: test
script:
- podman run --rm --privileged $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA bootc install to-disk /dev/loop0
```
#### Jenkins Pipeline
```groovy
pipeline {
agent any
stages {
stage('Build') {
steps {
sh 'podman build --tag my-bootc-image .'
}
}
stage('Lint') {
steps {
sh 'podman run --rm my-bootc-image bootc container lint --fatal-warnings'
}
}
stage('Test') {
steps {
sh 'podman run --rm --privileged my-bootc-image bootc install to-disk /dev/loop0'
}
}
}
}
```
### 4. Development Workflow Examples
#### Pre-commit Hook
```bash
#!/bin/bash
# .git/hooks/pre-commit
echo "Running bootc container lint..."
# Build the image
podman build --tag temp-bootc-image . || exit 1
# Run lint
podman run --rm temp-bootc-image bootc container lint --fatal-warnings || {
echo "Lint failed. Please fix issues before committing."
podman rmi temp-bootc-image
exit 1
}
# Clean up
podman rmi temp-bootc-image
echo "Lint passed!"
```
#### Makefile Integration
```makefile
.PHONY: build lint test clean
IMAGE_NAME = my-bootc-image
IMAGE_TAG = latest
build:
podman build --tag $(IMAGE_NAME):$(IMAGE_TAG) .
lint: build
podman run --rm $(IMAGE_NAME):$(IMAGE_TAG) bootc container lint --fatal-warnings
test: lint
podman run --rm --privileged $(IMAGE_NAME):$(IMAGE_TAG) bootc install to-disk /dev/loop0
clean:
podman rmi $(IMAGE_NAME):$(IMAGE_TAG) || true
all: test
```
#### Docker Compose
```yaml
version: '3.8'
services:
build:
build: .
image: my-bootc-image:latest
lint:
image: my-bootc-image:latest
command: bootc container lint --fatal-warnings
depends_on:
- build
test:
image: my-bootc-image:latest
command: bootc install to-disk /dev/loop0
privileged: true
depends_on:
- lint
```
## Troubleshooting Guide
### 1. Common Error Messages
#### "Failed lint: var-run: Not a symlink: var/run"
**Problem**: `/var/run` exists as a directory instead of symlink
**Solution**:
```bash
# Remove directory and create symlink
rm -rf /var/run
ln -sf /run /var/run
```
**Dockerfile Fix**:
```dockerfile
RUN rm -rf /var/run && ln -sf /run /var/run
```
#### "Failed lint: etc-usretc: Found /usr/etc - this is a bootc implementation detail"
**Problem**: Both `/etc` and `/usr/etc` exist
**Solution**:
```bash
# Choose one approach
rm -rf /usr/etc # Keep /etc (recommended)
# OR
rm -rf /etc # Keep /usr/etc (not recommended)
```
**Dockerfile Fix**:
```dockerfile
RUN rm -rf /usr/etc # Keep /etc only
```
#### "Failed lint: kernel: Multiple kernels found"
**Problem**: Multiple kernel versions present
**Solution**:
```bash
# Keep only one kernel version
rm -rf /usr/lib/modules/5.4.0
# Keep /usr/lib/modules/6.1.0
```
**Dockerfile Fix**:
```dockerfile
RUN rm -rf /usr/lib/modules/5.4.0 # Keep only 6.1.0
```
#### "Failed lint: utf8: Found non-utf8 filename"
**Problem**: Files with non-UTF-8 names
**Solution**:
```bash
# Find and rename problematic files
find / -name "*" -print0 | xargs -0 -I {} sh -c 'echo "Checking: {}"'
# Rename files with non-UTF-8 names
```
**Prevention**:
```dockerfile
# Use UTF-8 locale
ENV LANG=C.UTF-8
ENV LC_ALL=C.UTF-8
```
#### "Failed lint: api-base-directories: Missing API filesystem base directory"
**Problem**: Required directories missing
**Solution**:
```bash
# Create all required directories
mkdir -p /dev /proc /sys /run /tmp /var
```
**Dockerfile Fix**:
```dockerfile
RUN mkdir -p /dev /proc /sys /run /tmp /var
```
### 2. Warning Messages
#### "Lint warning: buildah-injected: /etc/hostname is an empty file"
**Problem**: Empty files injected by build system
**Solution**:
```bash
# Remove empty files or add content
rm /etc/hostname
# OR
echo "myhostname" > /etc/hostname
```
**Dockerfile Fix**:
```dockerfile
RUN rm -f /etc/hostname /etc/resolv.conf
```
#### "Lint warning: var-log: Found non-empty logfiles"
**Problem**: Log files in container image
**Solution**:
```bash
# Remove log files
rm -rf /var/log/*
# OR create symlinks to /dev/null
ln -sf /dev/null /var/log/app.log
```
**Dockerfile Fix**:
```dockerfile
RUN rm -rf /var/log/* && \
mkdir -p /var/log && \
ln -sf /dev/null /var/log/app.log
```
#### "Lint warning: nonempty-boot: Found non-empty /boot"
**Problem**: Content in `/boot` directory
**Solution**:
```bash
# Remove content from /boot
rm -rf /boot/*
# Keep /boot empty
```
**Dockerfile Fix**:
```dockerfile
RUN rm -rf /boot/* && mkdir -p /boot
```
### 3. Debugging Techniques
#### Enable Debug Output
```bash
# Enable detailed logging
RUST_LOG=debug bootc container lint
# Show all issues without truncation
bootc container lint --no-truncate
# List all available lints
bootc container lint --list
```
#### Test Specific Lints
```bash
# Test only fatal lints
bootc container lint --skip var-log --skip buildah-injected --skip baseimage-composefs --skip var-tmpfiles --skip sysusers --skip nonempty-boot
# Test only warning lints
bootc container lint --skip var-run --skip etc-usretc --skip bootc-kargs --skip kernel --skip utf8 --skip api-base-directories --skip baseimage-root
```
#### Inspect Container Structure
```bash
# Explore container filesystem
podman run --rm -it my-image bash
# Check specific directories
ls -la /var/run
ls -la /etc /usr/etc
ls -la /usr/lib/modules/
ls -la /boot
```
### 4. Performance Optimization
#### Skip Expensive Lints During Development
```bash
# Skip recursive UTF-8 check during development
bootc container lint --skip utf8
# Skip all warning lints
bootc container lint --skip var-log --skip buildah-injected --skip baseimage-composefs --skip var-tmpfiles --skip sysusers --skip nonempty-boot
```
#### Use Faster Base Images
```dockerfile
# Use minimal base image
FROM debian:bookworm-slim
# Avoid unnecessary packages
RUN apt update && \
apt install -y --no-install-recommends bootc && \
apt clean && \
rm -rf /var/lib/apt/lists/*
```
### 5. Integration Issues
#### Container Runtime Compatibility
**Problem**: Lint fails in different container runtime
**Solution**:
```bash
# Use podman (recommended)
podman run --rm my-image bootc container lint
# Use docker with proper flags
docker run --rm my-image bootc container lint
```
#### Build Context Issues
**Problem**: Lint fails due to build context
**Solution**:
```dockerfile
# Ensure proper working directory
WORKDIR /
# Copy files explicitly
COPY . /workspace
WORKDIR /workspace
```
#### Permission Issues
**Problem**: Permission denied errors
**Solution**:
```bash
# Run with proper permissions
podman run --rm --user root my-image bootc container lint
# Or fix permissions in container
RUN chmod -R 755 /usr/lib/bootc
```
### 6. Advanced Troubleshooting
#### Custom Lint Configuration
```bash
# Create custom lint script
#!/bin/bash
set -e
echo "Running custom lint checks..."
# Run specific lints
bootc container lint --skip utf8 --skip var-log
# Additional custom checks
if [ -f /etc/hostname ]; then
echo "Warning: /etc/hostname should not exist in container"
fi
echo "Custom lint checks passed!"
```
#### Lint Result Analysis
```bash
# Capture lint output for analysis
bootc container lint --no-truncate > lint-results.txt 2>&1
# Analyze results
grep "Failed lint" lint-results.txt
grep "Lint warning" lint-results.txt
```
#### Automated Fixes
```bash
#!/bin/bash
# Auto-fix common issues
echo "Fixing common bootc lint issues..."
# Fix /var/run
if [ -d /var/run ] && [ ! -L /var/run ]; then
echo "Fixing /var/run symlink..."
rm -rf /var/run
ln -sf /run /var/run
fi
# Fix /usr/etc
if [ -d /usr/etc ] && [ -d /etc ]; then
echo "Removing /usr/etc (keeping /etc)..."
rm -rf /usr/etc
fi
# Fix /boot
if [ -d /boot ] && [ "$(ls -A /boot)" ]; then
echo "Clearing /boot directory..."
rm -rf /boot/*
fi
# Fix log files
if [ -d /var/log ] && [ "$(ls -A /var/log)" ]; then
echo "Clearing log files..."
rm -rf /var/log/*
fi
echo "Auto-fix completed!"
```
This comprehensive examples and troubleshooting guide provides practical solutions for common bootc lint issues and integration patterns.
Reference in a new issue View git blame Copy permalink