Skip to content

chore: Consume config directly without untarring (Guest) #8234

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
frankdavid merged 2 commits into from
Jan 7, 2026
Merged

chore: Consume config directly without untarring (Guest) #8234

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
bc0e0db
chore: Consume config directly without untarring (Guest)
frankdavid Jan 6, 2026
a8edbdf
add ticket
frankdavid Jan 7, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 29 additions & 9 deletions ic-os/components/guestos/init/init-config/init-config.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
#!/bin/bash

# Initialize configuration in /run/config from bootstrap package.
# Initialize configuration in /run/config from config partition.

set -eo pipefail

source /opt/ic/bin/logging.sh
source /opt/ic/bin/metrics.sh

# List all block devices that could potentially contain the ic-bootstrap.tar configuration,
# List all block devices that could potentially contain the configuration,
# i.e. "removable" devices, devices with the serial "config"
# or devices containing a filesystem with the label "CONFIG".
function find_config_devices() {
Expand Down Expand Up @@ -52,6 +52,8 @@ function mount_config_device() {
if [ "$config_device" != "" ]; then
echo "Found CONFIG device at $config_device, creating mount at /mnt/config"

# Ensure that the config device is vfat. If we ever change to another filesystem type, we should ensure
# that it only contains regular files and directories (not symlinks, devices, etc.).
if mount -t vfat -o ro "$config_device" /mnt/config; then
echo "Successfully mounted CONFIG device at /mnt/config"
return 0
Expand All @@ -77,16 +79,34 @@ fi

trap "umount /mnt/config" EXIT

# Verify that ic-bootstrap.tar contains only regular files (-) and directories (d)
if tar -tvf /mnt/config/ic-bootstrap.tar | cut -c 1 | grep -E -q '[^-d]'; then
echo "ic-bootstrap.tar contains non-regular files, aborting"
mkdir /run/config
mkdir /run/config/bootstrap

# Check if ic-bootstrap.tar exists (backward compatibility with older HostOS versions)
# TODO(NODE-1821): Remove this check once all nodes have HostOS that supports tarless configuration.
if [ -f /mnt/config/ic-bootstrap.tar ]; then
echo "Found ic-bootstrap.tar, using legacy tar-based configuration"

# Verify that ic-bootstrap.tar contains only regular files (-) and directories (d)
if tar -tvf /mnt/config/ic-bootstrap.tar | cut -c 1 | grep -E -q '[^-d]'; then
echo "ic-bootstrap.tar contains non-regular files, aborting"
exit 1
fi

tar xf /mnt/config/ic-bootstrap.tar -C /run/config/bootstrap
else
echo "Using direct file-based configuration"
cp -r /mnt/config/* /run/config/bootstrap/
fi

if [ -f /run/config/bootstrap/config.json ]; then
cp /run/config/bootstrap/config.json /run/config/config.json
chown ic-replica:nogroup /run/config/config.json
else
echo "config.json not found in config partition"
exit 1
fi

mkdir -p /run/config/bootstrap
tar xf /mnt/config/ic-bootstrap.tar -C /run/config/bootstrap
cp /run/config/bootstrap/config.json /run/config/config.json
chown ic-replica:nogroup /run/config/config.json
/opt/ic/bin/config populate-nns-public-key

# Create file under /run/config/guest_vm_type, this can be used to add ConditionPathExists conditions to systemd units
Expand Down
Loading