Skip to content

Commit 4aec1ff

Browse files
SamD2021SamD2021
committed
docs: Add README for the project
Signed-off-by: Sam Dasilva <samuelramos852@gmail.com>
1 parent 318d11d commit 4aec1ff

File tree

1 file changed

+150
-0
lines changed

1 file changed

+150
-0
lines changed

README.md

Lines changed: 150 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,150 @@
1+
# lowell
2+
3+
OCI-native tools for building hermetic, host-agnostic boot artifacts (UKIs and initramfs).
4+
5+
## Motivation
6+
7+
Bootable containers and Unified Kernel Images (UKIs) package the OS user space and the boot chain (kernel, initramfs, and command line), respectively, as portable artifacts. Image-based systems typically build the initramfs with `dracut`, which inspects the build host; that coupling can work against sealed, reproducible builds. `lowell`, a modern, cloud-native alternative to `dracut`, aims to produce hermetic, OCI-pinned boot artifacts that are easy to audit (SBOM-friendly), distribute via registries, and can optionally be signed/sealed.
8+
9+
### Why “Lowell”?
10+
11+
Following the tradition of naming software after Massachusetts towns (e.g., Dracut, Wayland, Weston), the project is named after Lowell, Dracut’s younger, neighboring mill city, which continues to modernize and is home to a vibrant community of engineers and university students active in free and open-source software (FOSS).
12+
13+
14+
## Status
15+
16+
Still under early active development:
17+
18+
* **Works today**
19+
20+
* CLI: `lowell inspect uki --file /path/to/vmlinuz.efi`
21+
* Flags: `--format json|human`, `--verbose`, global `--log-level {error|warn|info|debug|trace}`
22+
* Reports:
23+
* `arch`, `pe32_plus`
24+
* Signature presence and `cert_count`
25+
* Kernel `cmdline`
26+
* `os-release` fields
27+
* `.linux` and `.initrd` offsets, sizes, SHA-256
28+
* initrd compression detection (gzip/xz/zstd/uncompressed) and cpio format (newc)
29+
30+
* **Planned next**
31+
32+
* `lowell inject uki` — modify initramfs and rebuild a UKI
33+
* `lowell build` — hermetic initramfs + UKI, using OCI-pinned inputs where it helps
34+
35+
## Documentation
36+
37+
**Build and run**
38+
39+
```bash
40+
# build from source
41+
cargo build -p lowell-cli --release
42+
43+
# inspect a UKI
44+
target/release/lowell inspect uki --file /path/to/vmlinuz.efi
45+
46+
# useful flags
47+
--format json
48+
--verbose
49+
--log-level debug
50+
```
51+
52+
**JSON example**
53+
54+
```json
55+
{
56+
"arch": "aarch64",
57+
"pe32_plus": true,
58+
"has_signature": false,
59+
"cert_count": 0,
60+
"cmdline": "console=tty0 console=ttyS0",
61+
"os_release": {
62+
"name": "Fedora Linux 41 (Forty One)",
63+
"id": "fedora",
64+
"version_id": "41"
65+
},
66+
"linux": {
67+
"offset": 66560,
68+
"size": 15843840,
69+
"sha256": "2daad44f201454a9e4578ee879c4afe314162d05902564254693cb6824ef1aa7"
70+
},
71+
"initrd": {
72+
"offset": 15910400,
73+
"size": 41312768,
74+
"sha256": "d96c7a6ebd5376476114b66a9be10a2e6f7c57898e92e15bd53ae6f8f5e976b0",
75+
"compression": "xz"
76+
}
77+
}
78+
```
79+
80+
## Versioning
81+
82+
* Pre-1.0: rapid iteration; breaking changes may occur.
83+
* 1.0 and later: Semantic Versioning.
84+
85+
## Community discussion
86+
87+
GitHub issues/discussions will be the main source for now, but we’re open to any suggestions for better communication.
88+
89+
## Contributing
90+
91+
Thanks for considering a contribution! Bug reports, docs, tests, and features are all welcome.
92+
93+
**Before you start**
94+
95+
* Search existing issues/discussions to avoid duplicates.
96+
* For larger changes, open an issue first to align on scope.
97+
98+
**Dev setup**
99+
100+
* Rust: stable toolchain (`rustup default stable`)
101+
* Recommended: `just` for common tasks
102+
103+
**Common tasks**
104+
105+
```bash
106+
# build
107+
just build # or: cargo build --release
108+
109+
# run the CLI
110+
target/release/lowell inspect uki --file /path/to/vmlinuz.efi
111+
112+
# format, lint, test (pre-PR checklist)
113+
cargo fmt --all
114+
cargo clippy --all-targets --all-features -- -D warnings
115+
cargo test --all
116+
```
117+
118+
**Style & guidelines**
119+
120+
* Use `tracing` for logs and prefer structured logs over `println!`.
121+
* Favor `anyhow`/`thiserror` for error handling; avoid `unwrap()` in library code.
122+
* Keep commits focused; Conventional Commits are appreciated but not required.
123+
* Please remember to add the DCO `Signed-off-by` line to the end of your commit messages.
124+
125+
**Submitting a PR**
126+
127+
1. Make sure `fmt`, `clippy`, and tests pass.
128+
2. Add/adjust tests when changing behavior.
129+
3. Update docs/README flags or examples if needed.
130+
4. Fill in a short rationale in the PR description and link any related issues.
131+
132+
**Security**
133+
If you believe you’ve found a vulnerability, please open a private GitHub security advisory (preferred) or contact the maintainers directly. Please do not open a public issue for security reports.
134+
135+
## License
136+
137+
Licensed under either of the following options at your choice:
138+
139+
* **Apache License, Version 2.0** (`LICENSE-APACHE` or [http://www.apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0))
140+
* **MIT license** (`LICENSE-MIT` or [http://opensource.org/licenses/MIT](http://opensource.org/licenses/MIT))
141+
142+
143+
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in this project by you, as defined in the Apache-2.0 license, shall be dual-licensed as above, without any additional terms or conditions.
144+
145+
*Add SPDX headers to new source files (recommended):*
146+
147+
```text
148+
// SPDX-License-Identifier: Apache-2.0 OR MIT
149+
```
150+

0 commit comments

Comments
 (0)