Allow plugs to specify the $PLUG_PUBLISHER_ID in attribute constraints
such that interfaces can restrict auto-connection to when certain
attributes match their publisher IDs.
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
* multiple: add code for Fetcher to support the fetching of sequence-forming assertions
* asserts: obviously not a typo as I read it
* asserts: add new SeqFetcher interface
* asserts: add docs to NewSeqFetcher
* asserts: remove ResolveLatest and open another PR
* asserts: cleanup some doc comments, make sure they fit their use-cases. Include Fetcher interface in SequenceFormingFetcher. Rename SeqFetcher to SequenceFormingFetcher and the new function. Do some additional renaming. Reuse some code between FetchSequence and Fetch.
* asserts: add an additional unit test to document current behavior of multiple sequences of same assertion.
* asserts: update docs for NewSequenceFormingFetcher, readd a line I had removed accidently, the sequence number must be set back to 2 after testing with sequence 4
* asserts: add docs for the multiple-sequence behavior, add missing doc line for SequenceFormingFetcher.
* asserts: add unit tests for detecting circular references, clarify some of the terminology around sequences
---------
Co-authored-by: Michael Vogt <mvo@ubuntu.com>
* daemon,tests: support forgetting device serial via API
this is done by posting {"action":"forget"} to /v2/model/serial
a flag no-registration-until-reboot is also supported
* many: more consistent naming Delete => DeleteByName on keypair mgrs
we actually want to introduce a Delete by key id on some of them now
* asserts: implement KeypairManager.Delete
* devicestate: Unregister deletes the device key pair as well
* tests: test device key deletion in generic-unregister
* asserts: avoid skipping the GPGKeypairManager.Delete test
pair --yes to --batch in the test
if current system time is unreliable have a mode where Database checks
for key expiry just based on assuming that current time is >= known
earliest time
this is set up via Database.SetEarliestTime
internally a new predicate AccountKey.isKeyValidAbout(earliest,
latest) is used to support this
Motivation
With the new assertion bulk refresh API we can fetch or update
many assertions together, either assertions related/dependent or
unrelated/independent of each other.
To help driving and managing that this introduces asserts.Pool:
* a Pool can track unresolved assertions to be fetched
* or assertions to be updated
* it can record resolved assertions as fetched from the store and
implicitly turn unresolved prerequisites into assertions to
resolve
* assertions can be organized in groups, as the doc comment explains:
Failure can be tracked isolated to groups, conversely any
error related to a single group alone will stop any work to
resolve it. Independent assertions should not be grouped.
* assertions that are part of or are required by more than one
group are tracked only once, for example store account-keys or
developer account assertions for developers of many snaps on
the system.
The latter is achieved by labeling each assertion with a Grouping
which represents all the groups it belongs to, at the low-level
this uses internal.Groupings/Grouping.
This organization into groupings matches well with the capabilities
of the API and means assertions will be typically requested only
once and grouped in ways that should be cache friendly.
asserts: introduce NewDecoderWithTypeMaxBodySize
NewDecoderWithTypeMaxBodySize allow to create an assertion stream Decoder that is configured with optional per-type max body sizes.
This will allow snap-repair to control what size of repair scripts/bodies is happy to accept.
