Skip to content

Commit

Permalink
Add container upgrade --check function
Browse files Browse the repository at this point in the history
Previously, OS based on native containers could not retrieve the
manifest difference between the current system container image and its
corresponding remote container image without performing an actual
upgrade. This PR solves this issue by allowing the manifest difference
to be outputted when using the `rpm-ostree upgrade --check` command.

A `ManifestDiff` struct needed to be retrieved using `ostree-rs-ext`,
requring several new functions in both Rust and C that were bridged
through CXX Bridge.

The `cached_update` object also needed to be modifed and updated with
the `ManifestDiff` in order to extend compatibility with other products
using rpm-ostree. However, a notable difference between how the
`--upgrade --check` function works for ostree based system and a native
container based system is that native containers skip over the use of
`checksums`. This is because rebasing to locally stored container images
(as opposed to a remote repository) does not create a valid ostree
refspec.

A Rust unit test was implemented to confirm that a difference between
two manifests (stored locally in the rust/test folder) can be
successfully retrieved. A `kola` test was also implemented to confirm
that running `rpm-ostree upgrade --check` returns the correct manifest
difference for a potential upgrade.
  • Loading branch information
lukewarmtemp authored and cgwalters committed Sep 19, 2023
1 parent a4e68e5 commit 17f28a7
Show file tree
Hide file tree
Showing 13 changed files with 479 additions and 28 deletions.
55 changes: 55 additions & 0 deletions rpmostree-cxxrs.cxx
Original file line number Diff line number Diff line change
Expand Up @@ -1293,6 +1293,7 @@ enum class SystemHostType : ::std::uint8_t;
enum class BubblewrapMutability : ::std::uint8_t;
struct Bubblewrap;
struct ContainerImageState;
struct ExportedManifestDiff;
enum class RefspecType : ::std::uint8_t;
struct TempEtcGuard;
struct FilesystemScriptPrep;
Expand Down Expand Up @@ -1396,6 +1397,29 @@ struct Bubblewrap final : public ::rust::Opaque
};
#endif // CXXBRIDGE1_STRUCT_rpmostreecxx$Bubblewrap

#ifndef CXXBRIDGE1_STRUCT_rpmostreecxx$ExportedManifestDiff
#define CXXBRIDGE1_STRUCT_rpmostreecxx$ExportedManifestDiff
struct ExportedManifestDiff final
{
// Check if the struct is initialized
bool initialized;
// The total number of packages in the next upgrade
::std::uint64_t total;
// The size of the total number of packages in the next upgrade
::std::uint64_t total_size;
// The total number of removed packages in the next upgrade
::std::uint64_t n_removed;
// The size of total number of removed packages in the next upgrade
::std::uint64_t removed_size;
// The total number of added packages in the next upgrade
::std::uint64_t n_added;
// The size of total number of added packages in the next upgrade
::std::uint64_t added_size;

using IsRelocatable = ::std::true_type;
};
#endif // CXXBRIDGE1_STRUCT_rpmostreecxx$ExportedManifestDiff

#ifndef CXXBRIDGE1_STRUCT_rpmostreecxx$ContainerImageState
#define CXXBRIDGE1_STRUCT_rpmostreecxx$ContainerImageState
// `ContainerImageState` is currently identical to ostree-rs-ext's `LayeredImageState` struct,
Expand All @@ -1408,6 +1432,7 @@ struct ContainerImageState final
bool is_layered;
::rust::String image_digest;
::rust::String version;
::rpmostreecxx::ExportedManifestDiff cached_update_diff;

using IsRelocatable = ::std::true_type;
};
Expand Down Expand Up @@ -2073,6 +2098,11 @@ extern "C"
::rust::repr::PtrLen
rpmostreecxx$cxxbridge1$purge_refspec (::rpmostreecxx::OstreeRepo const &repo,
::rust::Str refspec) noexcept;

::rust::repr::PtrLen
rpmostreecxx$cxxbridge1$check_container_update (::rpmostreecxx::OstreeRepo const &repo,
::rpmostreecxx::GCancellable const &cancellable,
::rust::Str imgref, bool *return$) noexcept;
::std::size_t rpmostreecxx$cxxbridge1$TempEtcGuard$operator$sizeof () noexcept;
::std::size_t rpmostreecxx$cxxbridge1$TempEtcGuard$operator$alignof () noexcept;
::std::size_t rpmostreecxx$cxxbridge1$FilesystemScriptPrep$operator$sizeof () noexcept;
Expand Down Expand Up @@ -2197,6 +2227,10 @@ extern "C"
::rust::Str opt_deploy_id, ::rust::Str opt_os_name,
::rpmostreecxx::OstreeDeployment **return$) noexcept;

bool rpmostreecxx$cxxbridge1$deployment_add_manifest_diff (
::rpmostreecxx::GVariantDict const &dict,
::rpmostreecxx::ExportedManifestDiff const &diff) noexcept;

::rust::repr::PtrLen rpmostreecxx$cxxbridge1$daemon_sanitycheck_environment (
::rpmostreecxx::OstreeSysroot const &sysroot) noexcept;

Expand Down Expand Up @@ -3690,6 +3724,20 @@ purge_refspec (::rpmostreecxx::OstreeRepo const &repo, ::rust::Str refspec)
}
}

bool
check_container_update (::rpmostreecxx::OstreeRepo const &repo,
::rpmostreecxx::GCancellable const &cancellable, ::rust::Str imgref)
{
::rust::MaybeUninit<bool> return$;
::rust::repr::PtrLen error$
= rpmostreecxx$cxxbridge1$check_container_update (repo, cancellable, imgref, &return$.value);
if (error$.ptr)
{
throw ::rust::impl< ::rust::Error>::error (error$);
}
return ::std::move (return$.value);
}

::std::size_t
TempEtcGuard::layout::size () noexcept
{
Expand Down Expand Up @@ -4049,6 +4097,13 @@ deployment_get_base (::rpmostreecxx::OstreeSysroot &sysroot, ::rust::Str opt_dep
return ::std::move (return$.value);
}

bool
deployment_add_manifest_diff (::rpmostreecxx::GVariantDict const &dict,
::rpmostreecxx::ExportedManifestDiff const &diff) noexcept
{
return rpmostreecxx$cxxbridge1$deployment_add_manifest_diff (dict, diff);
}

void
daemon_sanitycheck_environment (::rpmostreecxx::OstreeSysroot const &sysroot)
{
Expand Down
31 changes: 31 additions & 0 deletions rpmostree-cxxrs.h
Original file line number Diff line number Diff line change
Expand Up @@ -1075,6 +1075,7 @@ enum class SystemHostType : ::std::uint8_t;
enum class BubblewrapMutability : ::std::uint8_t;
struct Bubblewrap;
struct ContainerImageState;
struct ExportedManifestDiff;
enum class RefspecType : ::std::uint8_t;
struct TempEtcGuard;
struct FilesystemScriptPrep;
Expand Down Expand Up @@ -1178,6 +1179,29 @@ struct Bubblewrap final : public ::rust::Opaque
};
#endif // CXXBRIDGE1_STRUCT_rpmostreecxx$Bubblewrap

#ifndef CXXBRIDGE1_STRUCT_rpmostreecxx$ExportedManifestDiff
#define CXXBRIDGE1_STRUCT_rpmostreecxx$ExportedManifestDiff
struct ExportedManifestDiff final
{
// Check if the struct is initialized
bool initialized;
// The total number of packages in the next upgrade
::std::uint64_t total;
// The size of the total number of packages in the next upgrade
::std::uint64_t total_size;
// The total number of removed packages in the next upgrade
::std::uint64_t n_removed;
// The size of total number of removed packages in the next upgrade
::std::uint64_t removed_size;
// The total number of added packages in the next upgrade
::std::uint64_t n_added;
// The size of total number of added packages in the next upgrade
::std::uint64_t added_size;

using IsRelocatable = ::std::true_type;
};
#endif // CXXBRIDGE1_STRUCT_rpmostreecxx$ExportedManifestDiff

#ifndef CXXBRIDGE1_STRUCT_rpmostreecxx$ContainerImageState
#define CXXBRIDGE1_STRUCT_rpmostreecxx$ContainerImageState
// `ContainerImageState` is currently identical to ostree-rs-ext's `LayeredImageState` struct,
Expand All @@ -1190,6 +1214,7 @@ struct ContainerImageState final
bool is_layered;
::rust::String image_digest;
::rust::String version;
::rpmostreecxx::ExportedManifestDiff cached_update_diff;

using IsRelocatable = ::std::true_type;
};
Expand Down Expand Up @@ -1774,6 +1799,9 @@ query_container_image_commit (::rpmostreecxx::OstreeRepo const &repo, ::rust::St

void purge_refspec (::rpmostreecxx::OstreeRepo const &repo, ::rust::Str refspec);

bool check_container_update (::rpmostreecxx::OstreeRepo const &repo,
::rpmostreecxx::GCancellable const &cancellable, ::rust::Str imgref);

::rust::Box< ::rpmostreecxx::TempEtcGuard> prepare_tempetc_guard (::std::int32_t rootfs);

::rust::Box< ::rpmostreecxx::FilesystemScriptPrep>
Expand Down Expand Up @@ -1844,6 +1872,9 @@ ::rpmostreecxx::OstreeDeployment *deployment_get_base (::rpmostreecxx::OstreeSys
::rust::Str opt_deploy_id,
::rust::Str opt_os_name);

bool deployment_add_manifest_diff (::rpmostreecxx::GVariantDict const &dict,
::rpmostreecxx::ExportedManifestDiff const &diff) noexcept;

void daemon_sanitycheck_environment (::rpmostreecxx::OstreeSysroot const &sysroot);

::rust::String deployment_generate_id (::rpmostreecxx::OstreeDeployment const &deployment) noexcept;
Expand Down
23 changes: 22 additions & 1 deletion rust/src/deployment_utils.rs
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
use crate::cxxrsutil::*;
use anyhow::{anyhow, format_err, Result};
use ostree_ext::glib::translate::*;
use ostree_ext::ostree;
use ostree_ext::{glib, ostree};
use std::pin::Pin;

/// Get a currently unique (for this host) identifier for the deployment.
Expand Down Expand Up @@ -96,3 +96,24 @@ fn deployment_get_base_impl(
}),
}
}

// Insert the pending manifest diff, if any. Returns true iff the layers changed.
pub fn deployment_add_manifest_diff(
dict: &crate::ffi::GVariantDict,
diff: &crate::ffi::ExportedManifestDiff,
) -> bool {
if diff.n_removed == 0 && diff.n_added == 0 {
return false;
}
let dict = &dict.glib_reborrow();
// Add a child dict
let diffv = glib::VariantDict::new(None);
diffv.insert("total", diff.total);
diffv.insert("total-size", diff.total_size);
diffv.insert("n-removed", diff.n_removed);
diffv.insert("removed-size", diff.removed_size);
diffv.insert("n-added", diff.n_added);
diffv.insert("added-size", diff.added_size);
dict.insert("manifest-diff", diffv);
return true;
}
26 changes: 25 additions & 1 deletion rust/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -187,6 +187,25 @@ pub mod ffi {
pub is_layered: bool,
pub image_digest: String,
pub version: String,
pub cached_update_diff: ExportedManifestDiff,
}

#[derive(Debug, Default)]
pub(crate) struct ExportedManifestDiff {
/// Check if the struct is initialized
pub initialized: bool,
/// The total number of packages in the next upgrade
pub total: u64,
/// The size of the total number of packages in the next upgrade
pub total_size: u64,
/// The total number of removed packages in the next upgrade
pub n_removed: u64,
/// The size of total number of removed packages in the next upgrade
pub removed_size: u64,
/// The total number of added packages in the next upgrade
pub n_added: u64,
/// The size of total number of added packages in the next upgrade
pub added_size: u64,
}

// sysroot_upgrade.rs
Expand All @@ -202,6 +221,11 @@ pub mod ffi {
c: &str,
) -> Result<Box<ContainerImageState>>;
fn purge_refspec(repo: &OstreeRepo, refspec: &str) -> Result<()>;
fn check_container_update(
repo: &OstreeRepo,
cancellable: &GCancellable,
imgref: &str,
) -> Result<bool>;
}

// core.rs
Expand Down Expand Up @@ -303,7 +327,7 @@ pub mod ffi {
opt_deploy_id: &str,
opt_os_name: &str,
) -> Result<*mut OstreeDeployment>;

fn deployment_add_manifest_diff(dict: &GVariantDict, diff: &ExportedManifestDiff) -> bool;
}

// A grab-bag of metadata from the deployment's ostree commit
Expand Down
95 changes: 91 additions & 4 deletions rust/src/sysroot_upgrade.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,15 @@
// SPDX-License-Identifier: Apache-2.0 OR MIT

use crate::cxxrsutil::*;
use crate::ffi::ExportedManifestDiff;
use crate::ffi::{output_message, ContainerImageState};
use anyhow::{Context, Result};
use ostree::glib;
use ostree_container::store::{
ImageImporter, ImageProxyConfig, ImportProgress, ManifestLayerState, PrepareResult,
};
use ostree_container::OstreeImageReference;
use ostree_ext::container as ostree_container;
use ostree_ext::container::{self as ostree_container, ManifestDiff};
use ostree_ext::ostree;
use tokio::runtime::Handle;
use tokio::sync::mpsc::Receiver;
Expand All @@ -23,12 +24,20 @@ impl From<Box<ostree_container::store::LayeredImageState>> for crate::ffi::Conta
.and_then(|c| ostree_container::version_for_config(c))
.map(ToOwned::to_owned)
.unwrap_or_default();
let cached_update_diff = s
.cached_update
.map(|c| {
let diff = ManifestDiff::new(&s.manifest, &c.manifest);
export_diff(&diff)
})
.unwrap_or_default();
crate::ffi::ContainerImageState {
base_commit: s.base_commit,
merge_commit: s.merge_commit,
is_layered: s.is_layered,
image_digest: s.manifest_digest,
version,
cached_update_diff,
}
}
}
Expand Down Expand Up @@ -72,14 +81,20 @@ fn default_container_pull_config(imgref: &OstreeImageReference) -> Result<ImageP
Ok(cfg)
}

/// Create a new image importer using our default configuration.
async fn new_importer(repo: &ostree::Repo, imgref: &OstreeImageReference) -> Result<ImageImporter> {
let config = default_container_pull_config(imgref)?;
let mut imp = ImageImporter::new(repo, imgref, config).await?;
imp.require_bootable();
Ok(imp)
}

async fn pull_container_async(
repo: &ostree::Repo,
imgref: &OstreeImageReference,
) -> Result<ContainerImageState> {
output_message(&format!("Pulling manifest: {}", &imgref));
let config = default_container_pull_config(imgref)?;
let mut imp = ImageImporter::new(repo, imgref, config).await?;
imp.require_bootable();
let mut imp = new_importer(repo, imgref).await?;
let layer_progress = imp.request_progress();
let prep = match imp.prepare().await? {
PrepareResult::AlreadyPresent(r) => return Ok(r.into()),
Expand Down Expand Up @@ -187,3 +202,75 @@ pub(crate) fn purge_refspec(repo: &crate::FFIOstreeRepo, imgref: &str) -> CxxRes
}
Ok(())
}

/// Check for an updated manifest for the given container image reference, and return a diff.
pub(crate) fn check_container_update(
repo: &crate::FFIOstreeRepo,
cancellable: &crate::FFIGCancellable,
imgref: &str,
) -> CxxResult<bool> {
let repo = &repo.glib_reborrow();
let cancellable = cancellable.glib_reborrow();
let imgref = &OstreeImageReference::try_from(imgref)?;
Handle::current()
.block_on(async {
crate::utils::run_with_cancellable(
async { impl_check_container_update(repo, imgref).await },
&cancellable,
)
.await
})
.map_err(Into::into)
}

/// Unfortunately we can't export external types into our C++ bridge, so manually copy things
/// to another copy of the struct.
fn export_diff(diff: &ManifestDiff) -> ExportedManifestDiff {
ExportedManifestDiff {
initialized: true,
total: diff.total,
total_size: diff.total_size,
n_removed: diff.n_removed,
removed_size: diff.removed_size,
n_added: diff.n_added,
added_size: diff.added_size,
}
}

/// Implementation of fetching a container manifest diff.
async fn impl_check_container_update(
repo: &ostree::Repo,
imgref: &OstreeImageReference,
) -> Result<bool> {
let mut imp = new_importer(repo, imgref).await?;
let have_update = match imp.prepare().await? {
PrepareResult::AlreadyPresent(_) => false,
PrepareResult::Ready(_) => true,
};
Ok(have_update)
}

#[test]
fn test_container_manifest_diff() -> Result<()> {
use ostree_ext::container::ManifestDiff;
use ostree_ext::oci_spec::image::ImageManifest;
let a: ImageManifest = serde_json::from_str(include_str!("../test/manifest1.json")).unwrap();
let b: ImageManifest = serde_json::from_str(include_str!("../test/manifest2.json")).unwrap();
let diff = ManifestDiff::new(&a, &b);

let cmp_total = diff.total;
let cmp_total_size = diff.total_size;
let cmp_removed = diff.n_removed;
let cmp_removed_size = diff.removed_size;
let cmp_added = diff.n_added;
let cmp_added_size = diff.added_size;

assert_eq!(cmp_total, 51 as u64);
assert_eq!(cmp_total_size, 697035490 as u64);
assert_eq!(cmp_removed, 4 as u64);
assert_eq!(cmp_removed_size, 170473141 as u64);
assert_eq!(cmp_added, 4 as u64);
assert_eq!(cmp_added_size, 170472856 as u64);

Ok(())
}
Loading

0 comments on commit 17f28a7

Please sign in to comment.