From 4dd980c5146fc6f17ded6cc4629f0749abfba11e Mon Sep 17 00:00:00 2001
From: m2 <69128853+m2Giles@users.noreply.github.com>
Date: Thu, 19 Jun 2025 23:15:17 -0400
Subject: [PATCH] fix: Put policy.json in correct spot and cleanup /usr/etc for
 bootc container lint (#267)

---
 ucore/Containerfile            | 6 ++++++
 ucore/install-ucore-minimal.sh | 4 ++++
 2 files changed, 10 insertions(+)

diff --git a/ucore/Containerfile b/ucore/Containerfile
index d548019..7f6f877 100644
--- a/ucore/Containerfile
+++ b/ucore/Containerfile
@@ -43,6 +43,8 @@ RUN --mount=type=cache,dst=/var/cache/libdnf5 \
     && /ctx/post-install-ucore-minimal.sh \
     && /ctx/cleanup.sh
 
+RUN ["bootc", "container", "lint"]
+
 # ucore image section
 FROM ucore-minimal AS ucore
 
@@ -55,6 +57,8 @@ RUN --mount=type=cache,dst=/var/cache/libdnf5 \
     /ctx/install-ucore.sh \
     && /ctx/cleanup.sh
 
+RUN ["bootc", "container", "lint"]
+
 # ucore-hci image section
 FROM ucore AS ucore-hci
 
@@ -66,3 +70,5 @@ RUN --mount=type=cache,dst=/var/cache/libdnf5 \
     --mount=type=bind,from=ctx,src=/,dst=/ctx \
     /ctx/install-ucore-hci.sh \
     && /ctx/cleanup.sh
+
+RUN ["bootc", "container", "lint"]
\ No newline at end of file
diff --git a/ucore/install-ucore-minimal.sh b/ucore/install-ucore-minimal.sh
index 4a2f386..56133d7 100755
--- a/ucore/install-ucore-minimal.sh
+++ b/ucore/install-ucore-minimal.sh
@@ -36,6 +36,10 @@ find /tmp/rpms/
 dnf -y install /tmp/rpms/akmods-common/ublue-os-ucore-addons*.rpm
 dnf -y install ublue-os-signing
 
+# Put the policy file in the correct place and cleanup /usr/etc
+cp /usr/etc/containers/policy.json /etc/containers/policy.json
+rm -rf /usr/etc
+
 # Handle Kernel Skew with override replace
 if [[ "${KERNEL_VERSION}" == "${QUALIFIED_KERNEL}" ]]; then
     echo "Installing signed kernel from kernel-cache."