You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It'd be useful for auditing purposes for us to emit journal messages on at least the first time a particular deployment is booted, including substantial metadata (basically at least all the image stuff: pull spec, digest, version, etc.).
We might as well also do this as part of ostree-finalize-staged.service. Today these services run C code from libostree which is unaware of the container bits, so to fix this we could either patch that code to be aware of the container refs (or call into ostree container commands if available, i.e. we put the logic in ostree-ext?). But this conflicts a bit with us doing the podman pull backend, so instead we could add units here (triggered by our new generator?) that "hook" ostree-boot-complete.service and ostree-finalize-staged.service via drop-ins say.
The text was updated successfully, but these errors were encountered:
It'd be useful for auditing purposes for us to emit journal messages on at least the first time a particular deployment is booted, including substantial metadata (basically at least all the image stuff: pull spec, digest, version, etc.).
We might as well also do this as part of
ostree-finalize-staged.service
. Today these services run C code from libostree which is unaware of the container bits, so to fix this we could either patch that code to be aware of the container refs (or call intoostree container
commands if available, i.e. we put the logic in ostree-ext?). But this conflicts a bit with us doing the podman pull backend, so instead we could add units here (triggered by our new generator?) that "hook"ostree-boot-complete.service
andostree-finalize-staged.service
via drop-ins say.The text was updated successfully, but these errors were encountered: