Add container upgrade --check function

Previously, OS based on native containers could not retrieve the manifest difference between the current system container image and its corresponding remote container image without performing an actual upgrade. This PR solves this issue by allowing the manifest difference to be outputted when using the `rpm-ostree upgrade --check` command. A `ManifestDiff` struct needed to be retrieved using `ostree-rs-ext`, requring several new functions in both Rust and C that were bridged through CXX Bridge. The `cached_update` object also needed to be modifed and updated with the `ManifestDiff` in order to extend compatibility with other products using rpm-ostree. However, a notable difference between how the `--upgrade --check` function works for ostree based system and a native container based system is that native containers skip over the use of `checksums`. This is because rebasing to locally stored container images (as opposed to a remote repository) does not create a valid ostree refspec. A Rust unit test was implemented to confirm that a difference between two manifests (stored locally in the rust/test folder) can be successfully retrieved. A `kola` test was also implemented to confirm that running `rpm-ostree upgrade --check` returns the correct manifest difference for a potential upgrade.
coreos · Sep 13, 2023 · c8c9302 · c8c9302
1 parent 07fd8ed
commit c8c9302
Show file tree

Hide file tree

Showing 15 changed files with 483 additions and 30 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -129,3 +129,6 @@ bin-unit-tests = []
 sanitizers = []
 
 default = []
+
+[patch.crates-io]
+ostree-ext = { git = "https://github.com/cgwalters/ostree-rs-ext", branch = "fetch-updated-manifest" }
diff --git a/rpmostree-cxxrs.cxx b/rpmostree-cxxrs.cxx
@@ -1293,6 +1293,7 @@ enum class SystemHostType : ::std::uint8_t;
 enum class BubblewrapMutability : ::std::uint8_t;
 struct Bubblewrap;
 struct ContainerImageState;
+struct ExportedManifestDiff;
 enum class RefspecType : ::std::uint8_t;
 struct TempEtcGuard;
 struct FilesystemScriptPrep;
@@ -1396,6 +1397,29 @@ struct Bubblewrap final : public ::rust::Opaque
 };
 #endif // CXXBRIDGE1_STRUCT_rpmostreecxx$Bubblewrap
 
+#ifndef CXXBRIDGE1_STRUCT_rpmostreecxx$ExportedManifestDiff
+#define CXXBRIDGE1_STRUCT_rpmostreecxx$ExportedManifestDiff
+struct ExportedManifestDiff final
+{
+  // Check if the struct is initialized
+  bool initialized;
+  // The total number of packages in the next upgrade
+  ::std::uint64_t total;
+  // The size of the total number of packages in the next upgrade
+  ::std::uint64_t total_size;
+  // The total number of removed packages in the next upgrade
+  ::std::uint64_t n_removed;
+  // The size of total number of removed packages in the next upgrade
+  ::std::uint64_t removed_size;
+  // The total number of added packages in the next upgrade
+  ::std::uint64_t n_added;
+  // The size of total number of added packages in the next upgrade
+  ::std::uint64_t added_size;
+
+  using IsRelocatable = ::std::true_type;
+};
+#endif // CXXBRIDGE1_STRUCT_rpmostreecxx$ExportedManifestDiff
+
 #ifndef CXXBRIDGE1_STRUCT_rpmostreecxx$ContainerImageState
 #define CXXBRIDGE1_STRUCT_rpmostreecxx$ContainerImageState
 // `ContainerImageState` is currently identical to ostree-rs-ext's `LayeredImageState` struct,
@@ -1408,6 +1432,7 @@ struct ContainerImageState final
   bool is_layered;
   ::rust::String image_digest;
   ::rust::String version;
+  ::rpmostreecxx::ExportedManifestDiff cached_update_diff;
 
   using IsRelocatable = ::std::true_type;
 };
@@ -2073,6 +2098,11 @@ extern "C"
   ::rust::repr::PtrLen
   rpmostreecxx$cxxbridge1$purge_refspec (::rpmostreecxx::OstreeRepo const &repo,
                                          ::rust::Str refspec) noexcept;
+
+  ::rust::repr::PtrLen
+  rpmostreecxx$cxxbridge1$check_container_update (::rpmostreecxx::OstreeRepo const &repo,
+                                                  ::rpmostreecxx::GCancellable const &cancellable,
+                                                  ::rust::Str imgref, bool *return$) noexcept;
   ::std::size_t rpmostreecxx$cxxbridge1$TempEtcGuard$operator$sizeof () noexcept;
   ::std::size_t rpmostreecxx$cxxbridge1$TempEtcGuard$operator$alignof () noexcept;
   ::std::size_t rpmostreecxx$cxxbridge1$FilesystemScriptPrep$operator$sizeof () noexcept;
@@ -2197,6 +2227,10 @@ extern "C"
                                                ::rust::Str opt_deploy_id, ::rust::Str opt_os_name,
                                                ::rpmostreecxx::OstreeDeployment **return$) noexcept;
 
+  bool rpmostreecxx$cxxbridge1$deployment_add_manifest_diff (
+      ::rpmostreecxx::GVariantDict const &dict,
+      ::rpmostreecxx::ExportedManifestDiff const &diff) noexcept;
+
   ::rust::repr::PtrLen rpmostreecxx$cxxbridge1$daemon_sanitycheck_environment (
       ::rpmostreecxx::OstreeSysroot const &sysroot) noexcept;
 
@@ -3690,6 +3724,20 @@ purge_refspec (::rpmostreecxx::OstreeRepo const &repo, ::rust::Str refspec)
     }
 }
 
+bool
+check_container_update (::rpmostreecxx::OstreeRepo const &repo,
+                        ::rpmostreecxx::GCancellable const &cancellable, ::rust::Str imgref)
+{
+  ::rust::MaybeUninit<bool> return$;
+  ::rust::repr::PtrLen error$
+      = rpmostreecxx$cxxbridge1$check_container_update (repo, cancellable, imgref, &return$.value);
+  if (error$.ptr)
+    {
+      throw ::rust::impl< ::rust::Error>::error (error$);
+    }
+  return ::std::move (return$.value);
+}
+
 ::std::size_t
 TempEtcGuard::layout::size () noexcept
 {
@@ -4049,6 +4097,13 @@ deployment_get_base (::rpmostreecxx::OstreeSysroot &sysroot, ::rust::Str opt_dep
   return ::std::move (return$.value);
 }
 
+bool
+deployment_add_manifest_diff (::rpmostreecxx::GVariantDict const &dict,
+                              ::rpmostreecxx::ExportedManifestDiff const &diff) noexcept
+{
+  return rpmostreecxx$cxxbridge1$deployment_add_manifest_diff (dict, diff);
+}
+
 void
 daemon_sanitycheck_environment (::rpmostreecxx::OstreeSysroot const &sysroot)
 {

diff --git a/rpmostree-cxxrs.h b/rpmostree-cxxrs.h
@@ -1075,6 +1075,7 @@ enum class SystemHostType : ::std::uint8_t;
 enum class BubblewrapMutability : ::std::uint8_t;
 struct Bubblewrap;
 struct ContainerImageState;
+struct ExportedManifestDiff;
 enum class RefspecType : ::std::uint8_t;
 struct TempEtcGuard;
 struct FilesystemScriptPrep;
@@ -1178,6 +1179,29 @@ struct Bubblewrap final : public ::rust::Opaque
 };
 #endif // CXXBRIDGE1_STRUCT_rpmostreecxx$Bubblewrap
 
+#ifndef CXXBRIDGE1_STRUCT_rpmostreecxx$ExportedManifestDiff
+#define CXXBRIDGE1_STRUCT_rpmostreecxx$ExportedManifestDiff
+struct ExportedManifestDiff final
+{
+  // Check if the struct is initialized
+  bool initialized;
+  // The total number of packages in the next upgrade
+  ::std::uint64_t total;
+  // The size of the total number of packages in the next upgrade
+  ::std::uint64_t total_size;
+  // The total number of removed packages in the next upgrade
+  ::std::uint64_t n_removed;
+  // The size of total number of removed packages in the next upgrade
+  ::std::uint64_t removed_size;
+  // The total number of added packages in the next upgrade
+  ::std::uint64_t n_added;
+  // The size of total number of added packages in the next upgrade
+  ::std::uint64_t added_size;
+
+  using IsRelocatable = ::std::true_type;
+};
+#endif // CXXBRIDGE1_STRUCT_rpmostreecxx$ExportedManifestDiff
+
 #ifndef CXXBRIDGE1_STRUCT_rpmostreecxx$ContainerImageState
 #define CXXBRIDGE1_STRUCT_rpmostreecxx$ContainerImageState
 // `ContainerImageState` is currently identical to ostree-rs-ext's `LayeredImageState` struct,
@@ -1190,6 +1214,7 @@ struct ContainerImageState final
   bool is_layered;
   ::rust::String image_digest;
   ::rust::String version;
+  ::rpmostreecxx::ExportedManifestDiff cached_update_diff;
 
   using IsRelocatable = ::std::true_type;
 };
@@ -1774,6 +1799,9 @@ query_container_image_commit (::rpmostreecxx::OstreeRepo const &repo, ::rust::St
 
 void purge_refspec (::rpmostreecxx::OstreeRepo const &repo, ::rust::Str refspec);
 
+bool check_container_update (::rpmostreecxx::OstreeRepo const &repo,
+                             ::rpmostreecxx::GCancellable const &cancellable, ::rust::Str imgref);
+
 ::rust::Box< ::rpmostreecxx::TempEtcGuard> prepare_tempetc_guard (::std::int32_t rootfs);
 
 ::rust::Box< ::rpmostreecxx::FilesystemScriptPrep>
@@ -1844,6 +1872,9 @@ ::rpmostreecxx::OstreeDeployment *deployment_get_base (::rpmostreecxx::OstreeSys
                                                        ::rust::Str opt_deploy_id,
                                                        ::rust::Str opt_os_name);
 
+bool deployment_add_manifest_diff (::rpmostreecxx::GVariantDict const &dict,
+                                   ::rpmostreecxx::ExportedManifestDiff const &diff) noexcept;
+
 void daemon_sanitycheck_environment (::rpmostreecxx::OstreeSysroot const &sysroot);
 
 ::rust::String deployment_generate_id (::rpmostreecxx::OstreeDeployment const &deployment) noexcept;

diff --git a/rust/src/deployment_utils.rs b/rust/src/deployment_utils.rs
@@ -5,7 +5,7 @@
 use crate::cxxrsutil::*;
 use anyhow::{anyhow, format_err, Result};
 use ostree_ext::glib::translate::*;
-use ostree_ext::ostree;
+use ostree_ext::{glib, ostree};
 use std::pin::Pin;
 
 /// Get a currently unique (for this host) identifier for the deployment.
@@ -96,3 +96,24 @@ fn deployment_get_base_impl(
         }),
     }
 }
+
+// Insert the pending manifest diff, if any.  Returns true iff the layers changed.
+pub fn deployment_add_manifest_diff(
+    dict: &crate::ffi::GVariantDict,
+    diff: &crate::ffi::ExportedManifestDiff,
+) -> bool {
+    if diff.n_removed == 0 && diff.n_added == 0 {
+        return false;
+    }
+    let dict = &dict.glib_reborrow();
+    // Add a child dict
+    let diffv = glib::VariantDict::new(None);
+    diffv.insert("total", diff.total);
+    diffv.insert("total-size", diff.total_size);
+    diffv.insert("n-removed", diff.n_removed);
+    diffv.insert("removed-size", diff.removed_size);
+    diffv.insert("n-added", diff.n_added);
+    diffv.insert("added-size", diff.added_size);
+    dict.insert("manifest-diff", diffv);
+    return true;
+}
diff --git a/rust/src/lib.rs b/rust/src/lib.rs
@@ -187,6 +187,25 @@ pub mod ffi {
         pub is_layered: bool,
         pub image_digest: String,
         pub version: String,
+        pub cached_update_diff: ExportedManifestDiff,
+    }
+
+    #[derive(Debug, Default)]
+    pub(crate) struct ExportedManifestDiff {
+        /// Check if the struct is initialized
+        pub initialized: bool,
+        /// The total number of packages in the next upgrade
+        pub total: u64,
+        /// The size of the total number of packages in the next upgrade
+        pub total_size: u64,
+        /// The total number of removed packages in the next upgrade
+        pub n_removed: u64,
+        /// The size of total number of removed packages in the next upgrade
+        pub removed_size: u64,
+        /// The total number of added packages in the next upgrade
+        pub n_added: u64,
+        /// The size of total number of added packages in the next upgrade
+        pub added_size: u64,
     }
 
     // sysroot_upgrade.rs
@@ -202,6 +221,11 @@ pub mod ffi {
             c: &str,
         ) -> Result<Box<ContainerImageState>>;
         fn purge_refspec(repo: &OstreeRepo, refspec: &str) -> Result<()>;
+        fn check_container_update(
+            repo: &OstreeRepo,
+            cancellable: &GCancellable,
+            imgref: &str,
+        ) -> Result<bool>;
     }
 
     // core.rs
@@ -303,7 +327,7 @@ pub mod ffi {
             opt_deploy_id: &str,
             opt_os_name: &str,
         ) -> Result<*mut OstreeDeployment>;
-
+        fn deployment_add_manifest_diff(dict: &GVariantDict, diff: &ExportedManifestDiff) -> bool;
     }
 
     // A grab-bag of metadata from the deployment's ostree commit