This changes the naming of the aspects feature to be "registry" instead
of bundle (i.e., a configuration space backed with its own storage) and
"view" instead of aspect. Once this lands, anyone that has this enabled
needs to unset the experimental flag and rename the state entry before
refreshing snapd and then re-enable.
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
* a/snapasserts: add helpers for checking validity of component against assertions
* a/snapasserts, o/assertstate: implement validate-component task handler
* o/assertstate: test validate-component handler with provenance
* asserts: move aspect schema to assertion body
Move the aspect schema from a "storage" stanza to the assertion body.
Also format parse and re-encode the JSON with two spaces for indentation
and map ordered map keys. This should make the schema uniform and easy
to read while still using a format that can be emulated by other tools.
* many: nest schema in storage stanza
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
* asserts: support checking JSON body format
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
* asserts: improve err messages; move check
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
---------
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
* o/assertstate, o/devicestate: add more general function for fetching validation set assertions
* daemon, client: add API routes for creating/removing recovery system
* daemon, o/snapstate: add .snap file extension to snaps from forms
The seed writer will fail to consider files as snaps if their filenames
do not end in .snap.
* tests: test creating a recovery system
* tests: add spread test for offline creation of recovery system
* tests: update offline recovery system test to reboot into new system
* tests/nested/manual/recovery-system-reboot: add variants for factory-reset and install modes
* tests: replace usage of default-recovery-system with default-recovery
* o/devicestate: enable offline creation of recovery system entirely from pre-installed snaps
* daemon, client: test that offline API works without providing snaps or validation sets
* tests/nested/manual/recovery-system-offline: test offline remodel with only pre-installed snaps
* tests/nested/manual/recovery-system-reboot: modify test to create system with new set of essential snaps
* tests: disable shellcheck printf check
* daemon: rename functions for working with form values and add one for working with booleans
* daemon: acquire state lock later in postSystemActionCreateOffline
* daemon: cleanup form files if we fail to make change to create a recovery system
* daemon: rename parseValidationSets to assertionsFromValidationSetStrings for clarity
* client, daemon, tests: add "offline" field to create recovery system JSON api
* daemon: convert TODO about comma-delimited list into explanation of why we use a comma delimited list
* NEWS.md: add mention of create/remove recovery systems API
* tests/nested/manual/recovery-system-offline: explicitly disable network from nested vm
* tests/nested/manual/recovery-system-reboot: do not use new gadget in recovery system for now
* tests/lib/nested.sh: add variable NESTED_FORCE_MS_KEYS to force using microsoft keys
* tests/nested/manual/recovery-system-reboot: add back gadget snap swap to test
* tests/nested/manual/recovery-system-reboot: retry POST to remove since there might be an auto-refresh happening
* o/aspectstate: use real aspect-bundle assertions
Get a local aspect-bundle assertion instead of using the mock. Move the
transaction creation into aspectstate since it now needs to use the real
schema from the assertion.
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
* tests: use aspect-bundle assertion in spread test
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
* o/aspectstate: remove unused mock aspect assertion
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
---------
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
This PR makes remodels take into account revision constraints from validation sets on the new model. Additionally, snaps that are marked as invalid in validation sets are checked for in the model.
* a/snapasserts: add methods for extracting more information out of ValidationSets type
* o/assertstate: add ValidationSetsFromModel function for extracting a snapasserts.ValidationSets from an asserts.Model
* o/snapstate: prevent installing/updating a snap from a local file that does not match requested revision
* o/devicestate: consider validation sets during remodeling
* tests/nested/manual: add remodel test that downgrades a snap because of a validation set
* tests/nested/manual: add remodel test that fails to remodel because of an invalid snap in a validation set
* tests/nested/manual: extend offline remodel test to also include a validation set
* tests/lib/assertions: fix timestamps on assertions
* asserts: add Key method to ValidationSet and ModelValidationSet
* o/devicestate: use new Key methods
* o/devicestate: maybe enforce validation sets during doSetModel
* o/devicestate: add test for enforcing validation sets in doSetModel
* a/snapasserts: simplify TestCanBePresent with loop
* tests/lib/assertions: add bluez snap to offline remodel test
* o/devicestate: remove done TODO
* o/snapstate: if remodeling, do not install prereq if link-snap task is present
* tests/nested/manual/remodel-offline: extend test to verify that validation sets are accounted for
* Revert "o/snapstate: if remodeling, do not install prereq if link-snap task is present"
This reverts commit 57c7725a2513df51be7ac1c06c492aaed07a6e3b.
This change is independent and will be included in another PR.
* a/snapasserts: add methods for extracting more information out of ValidationSets type
* o/assertstate: add ValidationSetsFromModel function for extracting a snapasserts.ValidationSets from an asserts.Model
* o/devicestate: add test for ValidationSetsConflictError.Is
* a/snapasserts: move methods after New function
* a/snapasserts: add test for ValidationSets.Revisions to verify ValidationSetsConflictError is returned
* o/assertstate: change ValidationSetsFromModel to take in a DeviceContext, rather than a StoreService
* o/assertstate: rename ValidationSetsModelFlags to ValidationSetsModelOptions
* o/devicestate: add type to export_test to make testing simpler
* tests: add details to new spread tests
* asserts: rename ModelValidationSet.Key and ValidationSet.Key to .SequenceName and add unit tests for them
* o/snapstate: update snap revision mismatch error message to be more clear
* o/devicestate: introduce helper for setting ValidationSets on snapstate.RevisionOptions if Revision is set
* o/devicestate: verify the parameters that fakeSequenceStore receives
* o/devicestate: fix revisions not being respected for essential snaps (and add a test for it)
* o/devicestate: extend TestRemodelUC20EssentialSnapsAlreadyInstalledAndLocal to also exercise case where a validation set requires a revision but the currently installed version is unasserted
* s/seedtest: update retrieveSeq to handle unconstrained sequence forming assertions
* a/snapasserts: add ValidationSets.Sets method
* o/assertstate: add deviceContext to ForgetValidationSet function so that change can happen during remodel
* o/devicestate: attempt to handle rollback of validation sets during failed remodel
* overlord: test for replacing conflicting validation sets during remodel
* o/assertstate: update ForgetValidationSet to take in a DeviceContext and to allow for forcing removal even if the validation set is in use by the model
* o/devicestate: roll back validation set changes on remodel failure
* o/devicestate: make sure that validation sets unrelated to the model survive a remodel
* o/devicestate: rename param in installedSnapRevisionChanged
* o/devicestate: rename field newSnapRevision to newRequiredRevision in modelSnapsForRemodel
* o/devicestate: simplify loops in checkForInvalidSnapsInModel
* o/devicestate: compare validation sets using SequenceName methods
* o/devicestate: fail remodel if we attempt to use an unasserted snap as a specific revision
* tests/nested/manual/remodel-offline: fix test to actually use validation set
* o/devicestate: create helper for creating snapstate.RevisionOptions during remodel
* o/devicestate: name param literals for clarity
* o/devicestate: invert logic to eliminate double negative
* o/devicestate: fix missed inversion of logic
* o/assertstate: update comment on ForgetValidationSetOpts.ForceForget
* overlord, o/devicestate: update remodel test to change models that contain the same validation set
* o/assertstate: test ForceForget functionality in ForgetValidationSet
* o/devicestate: rename function newRevisionOptionsForRemodel to revisionOptionsForRemodel
* o/assertstate, o/devicestate, daemon: remove unneeded DeviceContext param from ForgetValidationSet
* o/devicestate: remove println
* o/devicestate: clarify comment in rollback of adding validation sets
* o/devicestate: rename variable in enforceValidationSetsForRemodel
* o/snapstate: clarify error when attempting to install/refresh local snap with different revision than requested
* o/devicestate: naming consistency
* o/devicestate: simplify error when model is missing snap that is required in validation set
* asserts, overlord, o/devicestate: rename SequenceName to SequenceKey and prefix the series to the string that is returned
Add components information to the snap state. This is included in the
Sequence variable, so we need to handle in a special way the
marshaling to keep compatibility with state files created by older
snapd versions.
The change to the Sequence field implies multiple changes in tests
that use it. Ancillary methods to handle this have been created.
The code checks that `as` is of type `asserts.ValidationSet`. Hower
when it is not the (nil) value of the failed type assertion is
used in the error. So if this ever is hit it would causes a crash.
The store option that controls whether requests carry the "Scheduled"
header will soon be on for non-continued auto-refreshes. This renames
the field to avoid a mismatch between its name and when it's set.
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
Consult with the model assertion when manipulating validation-sets, to verify that the one we are
manipulating is not explicitly controlled by the assertion. In this case there will be certain
restraints in terms of sequence, or whether it must be enforced.
* o/devicestate: add initial code for tracking validation-sets on first boot
* o/devicestate: add possibility for setting validation sets in model setup for firstboot20 tests
* o/devicestate: allow enforcing validation-sets before device is marked seeded, add unit tests to verify tracking completes.
* o/devicestate: restore preseed done task order
* o/devicestate,o/snapstate: create a Local variant of EnforceValidationSets and parameterize enforce-validation-sets task
* overlord: add clarifying comments for the local parameter to "enforce-validation-sets"
* o/assertstate,o/devicestate: add unit tests for ApplyLocalEnforcedValidationSets and firstboot UC18
* o/devicestate: fix wrong comment
* o/devicestate: fix static check for typo
* o/devicestate: add additional unit test checks
* o/snapstate,o/devicestate: review feedback, additional unit tests still needed for handler changes
* overlord: add handler unit tests, add more checks for task data being passed in the firstboot tests
* o/snapstate: add parameter checks for the DoEnforceValidationSetsTask handler
Since Current sometimes differed from PinnedAt even when PinnedAt != 0,
be more robust by using a Sequence() method that takes PinnedAt into
account when reading as well.
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
Make sure that the current sequence number in the validation set
tracking is set to the same as the pinned sequence number, if the
validation set is pinned (PinnedAt != 0).
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
