coreos · cgwalters · Feb 25, 2025 · Feb 25, 2025
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -275,9 +275,9 @@ jobs:
             -v /var/lib/containers:/var/lib/containers \
             -v /var/tmp:/var/tmp \
             -v $(pwd):/output \
-            localhost/builder rpm-ostree experimental compose build-chunked-oci --bootc --format-version=1 --max-layers 99 --from localhost/base --output oci:/output/base-chunked
-          sudo skopeo inspect oci:base-chunked
-          new_created=$(sudo skopeo inspect --raw --config oci:base-chunked | jq -r .created)
+            localhost/builder rpm-ostree experimental compose build-chunked-oci --bootc --format-version=1 --max-layers 99 --from localhost/base --output containers-storage:localhost/chunked
+          sudo skopeo inspect containers-storage:localhost/chunked
+          new_created=$(sudo skopeo inspect --raw --config containers-storage:localhost/chunked | jq -r .created)
           # ostree only stores seconds, so canonialize the rfc3339 data to seconds
           test "$(date --date="${orig_created}" --rfc-3339=seconds)" = "$(date --date="${new_created}" --rfc-3339=seconds)"
 

diff --git a/rust/src/compose.rs b/rust/src/compose.rs
@@ -253,7 +253,13 @@ impl BuildChunkedOCIOpts {
             FileSource::Rootfs(rootfs)
         } else {
             let image = self.from.as_deref().unwrap();
-            crate::containers_storage::reexec_if_needed()?;
+            // TODO: Fix running this inside unprivileged podman too. We'll likely need
+            // to refactor things into a two-step process where we do the mount+ostree repo commit
+            // in a subprocess that has the "unshare", and then the secondary main process
+            // just reads/operates on that.
+            // Note that this would all be a lot saner with a composefs-native container storage
+            // as we could cleanly operate on that, asking c/storage to synthesize one for us.
+            // crate::containers_storage::reexec_if_needed()?;
             FileSource::Podman(Mount::new_for_image(image)?)
         };
         let rootfs = match &rootfs_source {

diff --git a/rust/src/containers_storage.rs b/rust/src/containers_storage.rs
@@ -12,6 +12,7 @@ use crate::cmdutils::CommandRunExt;
 /// Ensure that we're in a new user+mountns, so that "buildah mount"
 /// will work reliably.
 /// https://github.com/containers/buildah/issues/5976
+#[allow(dead_code)]
 pub(crate) fn reexec_if_needed() -> Result<()> {
     if ostree_ext::container_utils::running_in_container() {
         crate::reexec::reexec_with_guardenv(