IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Bugfix release to fix minor performance regression from auto-updates
work. Plus a low-risk enhancement to `status` to print only the booted
deployment with `--booted`.
Also minor refresh of release workflow documentation.
Closes: #1262
Approved by: cgwalters
Let's also make sure we refresh `RPMOSTreeOS` objects when configs
changed. Specifically, what they export to their D-Bus interfaces may be
dependent on daemon settings, as is the case with auto-updates.
We might want to decouple this into two separate signals in the future
(one for sysroot changes, and one for config changes), though given that
only `RPMOSTreeOS` listens for `UPDATED` right now, we can just get away
with a single one for the time being.
Closes: #1261
Approved by: cgwalters
I initially used `oneshot` for this since it felt like a better fit for
non-daemon services. But the only practical difference between the two
is that systemd will wait until we exit before running dependent
follow-up units.
I'd like to change this to `simple` because we can expect users to force
a trigger run using `systemctl start rpm-ostree-automatic`, which will
hang until completion in `oneshot` mode. And given that we're not part
of the boot process and no other unit depends on us, the distinction
makes no semantic difference to us.
Closes: #1261
Approved by: cgwalters
While playing with the freshly built v2018.2 Fedora packages on my
Atomic Workstation, I realized that we paid the auto-updates startup
cost even when it was disabled. I've had auto-updates on for so long, I
hadn't seen this pass by me. 🙈
The long-term fix here is caching the update to disk rather than
recalculating it on startup everytime (as suggested during review). Will
work on this as follow-up. Though for now, I'd like to get this smaller
patch in and backported to Fedora so only folks opting in to try it out
experience the >1s startup delay.
Closes: #1261
Approved by: cgwalters
We have lots of goodies in the bag worthy of a release. More rojig
improvements, initial auto-updates support, and many fixes.
Closes: #1258
Approved by: cgwalters
This is an essential functionality rather than a nicety. Some
replacements can *only* be done without conflicts if we can remove
packages at the same time.
I do like that this has to be done explicitly, though OTOH, I can
definitely see folks wanting an `--allow-removals` type of switch in the
future.
Closes: #1255Closes: #1257
Approved by: cgwalters
Changes in a server-side tree can cause the need for clients to import different
objects from packages. For example, turning on documentation. Another more
subtle case is where an object might "move" from package A to B by being deleted
from A - then the jigdo build process will pick the B version.
We need a "cache validation key"; a way for the server to tell the client that
the objects it should import from the package have changed. Initially I was
thinking of using the libostree "content hash" but that would be awkward as we'd
have to do an import on the server side too.
After more consideration I realized a simple *count* of the number of objects
actually works, because (as I note in a comment) changing a file in the tree
will result in it ending up in the jigdoRPM (and count as a deletion). And
obviously adding or removing objects changes the count too.
In fact we could have done this *without* breaking the format by just having the
client start recording the number of xattr entries, but this adds greater
flexibility down the line since we can in theory change how we do cache
invalidation if we *really* need to (but at the cost of triggering clients to
redownload packages).
Note the client logic got moved around as now we need to parse all the xattrs
before we decide what packages to download.
My test case here is turning on docs - I noticed this actually affects *every*
package which was surprising to me; I expected at least some packages wouldn't
have docs. I'll double check this.
It'd be good to have a "moving object" case too which I may look at.
Closes: https://github.com/projectatomic/rpm-ostree/issues/1197Closes: #1256
Approved by: jlebon
Since we changed things to have `jigdoSet = pkgSet`, we can just require exactly
`${npkgs}` here on import, which is what we found from `db list`.
Closes: #1256
Approved by: jlebon
What's happened up till now is supporting `rojig://` in the same way as
`ostree://`. However, part of the high level goal here is to reduce
the need for system administrators to understand ostree.
This patch set starts to introduce some of the ideas for client-side
changes as part of jigdo ♲📦:
https://github.com/projectatomic/rpm-ostree/issues/1081#issuecomment-348540604
Concretely, we start using `${repo}:${nevra}` instead of `rojig://`.
(v2): Keep `Version` (plus timestamp) as a split out field for maximum visual aid.
Also, let's be opinionated here and entirely drop the `Commit` checksum by
default. I believe the Cockpit guys were right here - versions are for humans.
The fact that we have a checksum is powerful; and we still show it with `status
-v`. The way I think of it is: the checksum shows we're really an image system.
But we don't need to show it by default.
Closes: #1240
Approved by: jlebon
Pick up security advisories when checking for pending updates and
include them in the `cached-update` property. On the client-side,
display them in the output of `status`.
This was part of the original vision for how useful a smart `check` mode
could be. It directly impacts how one manages their individual system
(e.g. when to reboot), and paves the way for integration into
higher-level apps that act at the cluster level.
Closes: #1249
Approved by: cgwalters
Fix logic to make sure we check if the refspec is of type `ostree://`
even when it's explicitly specified. Also fix `Deploy` in the case where
we didn't just `Download` the RPM diff by adding a new @checksum
parameter to the higher-level API.
Finally, add a basic test for the `GetCached*RpmDiff` APIs so we have at
least *some* coverage. This is also good prep for making sure we don't
break anything when we convert those APIs to use the more efficient
pkglist metadata. The tests completely ignore the `DownloadRpmDiff`
paths for now though.
Closes: #1250Closes: #1253
Approved by: cgwalters
This fleshes out an important piece of the story, showing that
we can support history versioning the same way that we did with
ostree.
Also it's very useful for testing; I'm going to extend the suite after this to
deploy the previous version, clean everything up, then upgrade and verify we
only download changed RPMs.
Closes: #1232
Approved by: jlebon
The use case here is to run our tests against the shipped tree;
this could be used by a-h-t for example:
https://github.com/projectatomic/atomic-host-tests/issues/74
I tried this with just `TESTS=basic` and it failed for `usroverlay`. So we'd
have to start adding feature detection to the test suite to make this truly
useful, but let's at least start with the basic bits now to play with it.
Closes: #1251
Approved by: jlebon
I added the "commit already written" print for the very special case
when doing a `rebase --experimental rojig://` and the target jigdoRPM
is for the same commit you're on. The semantics today of that are
weird because it's the *next* update where you download all the RPMs...
Anyways that case aside, let's only print when something did change,
and drop the checksum (same rationale as status PR) and also drop
the "from %u packages" since one sees that in the downloader.
Closes: #1244
Approved by: jlebon
The goal here is to support `override replace kernel.x86_64.rpm`.
There's a whole lot of logic in libdnf to support having multiple
kernel packages installed. AIUI, that was implemented because:
1) The kernel is the biggest source of regressions
2) It'd be quite noticeable if all of your kernel modules were deleted
Of course point 2) applies to a lot of userspace too...that's something
rpm-ostree fixes of course.
Anyways, in some testing all we need to do really is just turn that
logic off unconditionally.
Closes: https://github.com/projectatomic/rpm-ostree/issues/946Closes: #1228
Approved by: jlebon
While debugging the recent `BDB0087 DB_RUNRECOVERY` issues that cropped
up recently, I came upon the fact that we're leaving leftover rpmdb
files in the rootfs on client-side assemblies. Let's clean those up too.
We do this in the `commit` phase, *after* the final time we access the
rpmdb to generate the pkglist.
Closes: #1247
Approved by: cgwalters
The way we import packages in jigdo mode is different from package layering; we
may only import a subset of files for example. In general, we need to treat
jigdo differently.
Related: https://github.com/projectatomic/rpm-ostree/issues/1197Closes: #1238
Approved by: jlebon
We should really only generate a cache for the current root's rpmdb; this
function can be used for e.g. `db diff` and it doesn't make sense to generate a
libsolv cache for arbitrary commits since it's unlikely they get reused.
Closes: #1238
Approved by: jlebon
Typing `rpm-ostree upgrade` was quite verbose with layered packages, we'd see
the rpm-md repos twice. The better fix would be to pass the context/sack from
one stage to the other, but this is a quick simple fix to at least reduce
verbosity (and potentially avoid extra network requests).
Closes: #1241
Approved by: jlebon
I spent quite some time trying to figure out why the last run timestamp
of the autoupdate service wasn't showing up in `status`. It turned out
to be that systemd only keeps that information around if an associated
timer unit is active.
Thinking more, I think it makes sense to split out the case where the
timer isn't even running explicitly, rather than just reporting "no runs
since boot".
Closes: #1242
Approved by: cgwalters
I *think* this is why our tests started failing recently. It seems somehow very
unlikely to me though that we'd somehow managed to avoid `f` in the boot
checksums until now, but without doing some math...it seems plausible.
Closes: #1243
Approved by: jlebon
In the server-side `compose tree` case, this makes it obvious which package is
causing error spew. No particular burning reason, this was just bothering me.
Closes: #1235
Approved by: jlebon
I saw kalev's slides reference `rpm-ostree unlock`; this patch makes it exist.
In general, people have a hard time (understandably) grasping the distinction
between ostree and rpm-ostree; along with the goal of making ostree really
"libostree", let's start wrapping more commands where it makes sense.
I also took this opportunity to have a more descriptive name; it's important
to note that it *doesn't* overlay `/etc`, `/var`, or `/boot` for example.
Closes: #1233
Approved by: jlebon
Currently in RHELAH 7.4, `systemctl start nfs` fails because we've dropped
`/var/lib/nfs/etab` at least:
https://bugzilla.redhat.com/show_bug.cgi?id=1427537
Things appear to work in Fedora 27 Atomic Host; there's been a lot of changes in
upstream nfs-utils in this area. I didn't fully try to analyze all of them, but
I am guessing it's
http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commit;h=8e98eed42b64aa388c09716e3276a53028a839bf
that made things work here.
For now let's just special case these. I debated having it in a RHEL-only
build but I often do RHELAH treecomposes from my Fedora dev container, and
eh...I think let's ask the RHEL nfs-utils maintainer to backport the patches
to make this work, then we can drop our hack.
Closes: #1229
Approved by: jlebon
Not all files from an RPM are necessarily removed during pkg erasure.
For example, files which are shared between pkgs shouldn't be deleted.
Similarly, not all files in an RPM are necessarily copied during pkg
installs. This is the case for multilib handling, which is a mess in its
own right. But such is the cost of trying to replace major parts of a
long-standing foundational project like RPM.
This patch adds some smarts to the way we do overlays and overrides to
handle these cases by calculating beforehand which files we *should't*
checkout/delete.
Closes: #1217Closes: #1145Closes: #1227
Approved by: cgwalters
Our complicated heuristics for handling multiple packages of the same
name comes back to bite us. In the multilib case, we can have packages
of the same NEVR, but different arch, sitting in the same tree.
Previously, even if the arch was different, we would still mark it as an
upgrade or downgrade. But that complicates things in the case of
multiple packages of the same name in the same tree.
We greatly simplify things here by making the diff algorithm dumber. We
now only consider a package as "modified" (i.e. upgraded/downgraded) if
it has the same NA (but different EVR). This makes handling multilib
cases natural and seems worth it overall vs trying to handle the odd
e.g. noarch <--> archful pkg transitions that could happen.
Closes: #1230
Approved by: cgwalters
This is an initial drop of support for:
`rpm-ostree rebase rojig://fahc:fedora-atomic-host`. We also
then support `rpm-ostree upgrade` from that.
There's a lot that could be improved here; the test coverage is relatively
minimal. A blocking issue there is having a realistic jigdo setup, and that's
going to require changing how we do testing. For now, this means that if we want
to e.g. change the format we'll have to temporarily disable this test, get the
format change in, update FAHC, then re-enable the test.
Closes: #1166
Approved by: jlebon
If we can't read the system state, that's an *external* problem with e.g. files
most likely, not a situation in which we should abort.
This came up while playing with `rojig://` where we seem to write
the origin file incorrectly.
Closes: #1166
Approved by: jlebon
I'm working on supporting `override replace ./kernel-*.rpm`:
https://github.com/projectatomic/rpm-ostree/issues/946
But after battling the "installonly" logic in libdnf, I was confused why we
still had the files in `/usr/lib/modules`. It turned out to be because we only
remove files in `/usr`, but the code didn't handle UsrMove compat links.
There are a variety of approaches to fix this. Obviously a lot
of things get nicer in jigdo mode as we do UsrMove canonicalization
on import, and we could change this code to walk the imported pkg
ostree ref.
Another approach would be to walk the initial symlink, and check whether or not
it's the same as `/usr` (i.e. let the kernel do it).
For now though, what I chose to do was to scan the rootfs and find the UsrMove
compat links (i.e. we avoid hardcoding them again here). This is
fewer syscalls than the above and works well in practice.
Closes: #1226
Approved by: jlebon
This is what a lot of other tools do. It can get very verbose, with a
potentially huge amount of output if things are trickling in. This way
we're at least more friendly to someone running `cmd: rpm-ostree upgrade`
via Ansible or equivalent.
The slight hack here is that we *do* output `100%` on non-ttys to ensure we
print the result of the task.
Closes: https://github.com/projectatomic/rpm-ostree/issues/1183Closes: #1225
Approved by: jlebon
There are types that we want to share between the daemon and the client
for deduplication. Those are, as expected, related to D-Bus things like
formats and enums. Let's create a new file for it rather than shove it
in `rpmostree-util.h`. As mentioned in the file, some of these probably
belong better directly in the public API.
Closes: #1147
Approved by: cgwalters
This patch introduces a new `AutomaticUpdatePolicy` configuration. This
was a long time coming for rpm-ostree, given that its update model makes
it extremely apt for such a feature.
The config supports a `check` mode, which should be very useful to
Atomic Workstation users, as well as a `reboot` mode, which could be
used in its present form in simple single node Atomic Host situations.
There is still a lot of work to be done, including integrating
advisories, and supporting a `deploy` mode. This feature hopefully will
be leveraged as well by higher-level projects like GNOME Software and
Cockpit.
Closes: #1147
Approved by: cgwalters
In #875 AKA b46fc35901 we
added support for the `releasever` option in treefiles. I am
pretty sure it worked at the time...but I didn't add tests.
Either it never worked or some refactoring broke it. The whole chain of
`GKeyFile` → `GVariant` is so confusing. Anyways fix it by copying the string.
Now let's use it by default in the compose tests, and while we're here bump
those to F27.
I'm doing this patch now as I was playing with doing a compose from
the `/usr/share/rpm-ostree/treefile.json` and wanted to use the stock
`.repo` files.
Closes: #1220
Approved by: jlebon
We don't do a good job of keeping this file up to date. It might end up
doing more harm than good if it confuses newcomers.
Anyway, many of these are either no longer relevant or already
implemented. Let's agree that the canonical source of TODOs is the issue
tracker?
Closes: #1222
Approved by: cgwalters
