From 358af076981fb3876297bdbb9267c0cbee67c521 Mon Sep 17 00:00:00 2001
From: Gianluca Zuccarelli <gzuccare@redhat.com>
Date: Wed, 20 Mar 2024 11:56:42 +0000
Subject: [PATCH 1/3] README.md: update local storage docs

---
 README.md | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index 9340036b..77c64aa5 100644
--- a/README.md
+++ b/README.md
@@ -40,19 +40,20 @@ sudo podman run \
     --security-opt label=type:unconfined_t \
     -v $(pwd)/config.json:/config.json \
     -v $(pwd)/output:/output \
+    -v /var/lib/containers/storage:/var/lib/containers/storage \
     quay.io/centos-bootc/bootc-image-builder:latest \
     --type qcow2 \
     --config /config.json \
     quay.io/centos-bootc/fedora-bootc:eln
 ```
 
-### Using local containers
+NOTE: local storage is being used by default. If the `--local` flag is not provided, as in the above example,
+the latest image will be pulled into the local storage.
 
-To use containers from local container's storage rather than a registry, we need to ensure two things:
-- the container exists in local storage
-- mount the local container storage
+### Using local containers
 
-Since the container is run in `rootful` only root container storage paths are allowed.
+To skip pulling an image into local storage and use an existing container image, the `--local` flag can be used,
+as below:
 
 ```bash
 sudo podman run \
@@ -63,7 +64,6 @@ sudo podman run \
     --security-opt label=type:unconfined_t \
     -v $(pwd)/config.json:/config.json \
     -v $(pwd)/output:/output \
-    -v /var/lib/containers/storage:/var/lib/containers/storage \
     quay.io/centos-bootc/bootc-image-builder:latest \
     --type qcow2 \
     --config /config.json \
@@ -71,8 +71,6 @@ sudo podman run \
     localhost/bootc:eln
 ```
 
-When using the --local flag, we need to mount the storage path as a volume. With this enabled, it is assumed that the target container is in the container storage.
-
 ### Running the resulting QCOW2 file on Linux (x86_64)
 
 A virtual machine can be launched using `qemu-system-x86_64` or with `virt-install` as shown below.

From d294651fbb6c2b5b2ee6ff2a0420c8e40ed63bfc Mon Sep 17 00:00:00 2001
From: Gianluca Zuccarelli <gzuccare@redhat.com>
Date: Wed, 20 Mar 2024 11:57:32 +0000
Subject: [PATCH 2/3] main: fix small typo

A local container image from the host is being used.
---
 bib/cmd/bootc-image-builder/image.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bib/cmd/bootc-image-builder/image.go b/bib/cmd/bootc-image-builder/image.go
index 0c84f567..74ef59da 100644
--- a/bib/cmd/bootc-image-builder/image.go
+++ b/bib/cmd/bootc-image-builder/image.go
@@ -40,7 +40,7 @@ type ManifestConfig struct {
 	// TLSVerify specifies whether HTTPS and a valid TLS certificate are required
 	TLSVerify bool
 
-	// Use a local container from the host rather than a repository
+	// Use a local container image from the host storage rather than a repository
 	Local bool
 }
 

From 56ce13b662f81c82ba10854ace03557675ce1c60 Mon Sep 17 00:00:00 2001
From: Gianluca Zuccarelli <gzuccare@redhat.com>
Date: Wed, 20 Mar 2024 11:59:58 +0000
Subject: [PATCH 3/3] main: check if local storage has been mounted

Since we are using local storage by default, Wwe should fail early if it
hasn't been mounted. Some undefined behaviour has been seen when local storage
volume hasn't been mounted and the `--local` flag has been provided.
---
 bib/cmd/bootc-image-builder/main.go | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/bib/cmd/bootc-image-builder/main.go b/bib/cmd/bootc-image-builder/main.go
index 39b8259d..87de5248 100644
--- a/bib/cmd/bootc-image-builder/main.go
+++ b/bib/cmd/bootc-image-builder/main.go
@@ -12,6 +12,7 @@ import (
 	"strings"
 
 	"github.com/osbuild/bootc-image-builder/bib/internal/setup"
+	"github.com/osbuild/bootc-image-builder/bib/internal/util"
 	"github.com/osbuild/images/pkg/arch"
 	"github.com/osbuild/images/pkg/blueprint"
 	"github.com/osbuild/images/pkg/cloud/awscloud"
@@ -29,9 +30,10 @@ import (
 var reposStr string
 
 const (
-	distroName       = "fedora-39"
-	modulePlatformID = "platform:f39"
-	releaseVersion   = "39"
+	distroName            = "fedora-39"
+	modulePlatformID      = "platform:f39"
+	releaseVersion        = "39"
+	containersStoragePath = "/var/lib/containers/storage"
 )
 
 type BuildConfig struct {
@@ -102,6 +104,12 @@ func loadConfig(path string) (*BuildConfig, error) {
 }
 
 func makeManifest(c *ManifestConfig, cacheRoot string) (manifest.OSBuildManifest, error) {
+	// if "/var/lib/containers/storage" hasn't been mounted and the `--local` flag has been provided,
+	// we should return an error. If it's not mounted, it can cause some undefined behaviour.
+	if c.Local && !util.IsMountpoint(containersStoragePath) {
+		return nil, fmt.Errorf("%s has not been mounted, but `--local` flag has been used", containersStoragePath)
+	}
+
 	// If --local wasn't given, always pull the container.
 	// If the user mount a container storage inside bib (without --local), the code will try to pull
 	// a newer version of the container even if an older one is already present. This doesn't match