Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only store Omaha XML response for update check #33

Merged
merged 1 commit into from
Dec 13, 2023
Merged

Only store Omaha XML response for update check #33

merged 1 commit into from
Dec 13, 2023

Conversation

pothos
Copy link
Member

@pothos pothos commented Dec 11, 2023
edited
Loading

The full Omaha XML response is stored to a file for the postinst action, but we only want the response for the initial update check passed this way and not overwrite the file with responses for state reports. Only store the Omaha XML response for the update check and not all of the interaction with the Omaha server.

Fixes flatcar/Flatcar#1281

How to use

Backport to Beta

Fixes flatcar/Flatcar#1281

Testing done

From the new image to the new image works with

flatcar-update -V 1.2.3 -E flatcar_test_update-oem-qemu.gz -P flatcar_test_update.gz

and does not use the fallback path.

The previous-version file is modified earlier than the full-response file until the update is complete when it gets modified again:

localhost /var/lib/update_engine/prefs # stat -L --printf '%y %n\n' * | sort
2023-12-11 20:00:11.699914565 +0000 aleph-version
2023-12-11 20:00:46.365035407 +0000 delta-update-failures
2023-12-11 20:05:54.082000000 +0000 current-response-signature
2023-12-11 20:05:54.083000000 +0000 current-url-failure-count
2023-12-11 20:05:54.083000000 +0000 current-url-index
2023-12-11 20:10:35.279020204 +0000 previous-version
2023-12-11 20:10:35.283020273 +0000 full-response
2023-12-11 20:10:35.284020290 +0000 resumed-update-failures
2023-12-11 20:10:35.284020290 +0000 update-check-response-hash
2023-12-11 20:10:44.267168119 +0000 manifest-metadata-size
2023-12-11 20:11:05.859465962 +0000 update-state-next-data-offset
2023-12-11 20:11:05.859465962 +0000 update-state-next-operation
2023-12-11 20:11:05.859465962 +0000 update-state-sha-256-context
2023-12-11 20:11:05.859465962 +0000 update-state-signature-blob
2023-12-11 20:11:05.859465962 +0000 update-state-signed-sha-256-context
2023-12-11 20:11:05.955467137 +0000 backoff-expiry-time
2023-12-11 20:11:05.955467137 +0000 payload-attempt-number
                                                                               
Broadcast message from locksmithd at 2023-12-11 20:11:10.88278973 +0000 UTC m=+
System reboot in 5 minutes!                                                    
                                                                               
localhost /var/lib/update_engine/prefs # stat -L --printf '%y %n\n' * | sort
2023-12-11 20:00:11.699914565 +0000 aleph-version
2023-12-11 20:05:54.082000000 +0000 current-response-signature
2023-12-11 20:05:54.083000000 +0000 current-url-failure-count
2023-12-11 20:05:54.083000000 +0000 current-url-index
2023-12-11 20:10:35.283020273 +0000 full-response
2023-12-11 20:11:05.955467137 +0000 backoff-expiry-time
2023-12-11 20:11:05.955467137 +0000 payload-attempt-number
2023-12-11 20:11:10.872525484 +0000 delta-update-failures
2023-12-11 20:11:10.872525484 +0000 manifest-metadata-size
2023-12-11 20:11:10.872525484 +0000 previous-version
2023-12-11 20:11:10.872525484 +0000 resumed-update-failures
2023-12-11 20:11:10.872525484 +0000 update-check-response-hash
2023-12-11 20:11:10.872525484 +0000 update-state-next-data-offset
2023-12-11 20:11:10.872525484 +0000 update-state-next-operation
2023-12-11 20:11:10.872525484 +0000 update-state-sha-256-context
2023-12-11 20:11:10.872525484 +0000 update-state-signature-blob
2023-12-11 20:11:10.872525484 +0000 update-state-signed-sha-256-context

I've also tested it with Nebraska to ensure that only the first response is stored (in Nebraska it varies). This is the case and the update went well without triggering the fallback path (which would not work).

Upload of the payloads was done with GITHUB_TOKEN=x NOUPLOAD=1 ./upload_package /var/tmp/test/ http://localhost:8000 notused 9999.9.9 and then changing the package URL to a local http server reachable by the VM.

Here again we see that the modification time behaves as above:

localhost /var/lib/update_engine/prefs # stat -L --printf '%y %n\n' * | sort
2023-12-11 20:00:11.699914565 +0000 aleph-version
2023-12-11 20:11:10.872525484 +0000 delta-update-failures
2023-12-12 10:44:59.771555986 +0000 update-server-cert-0-0
2023-12-12 10:44:59.771555986 +0000 update-server-cert-0-1
2023-12-12 10:44:59.771555986 +0000 update-server-cert-0-2
2023-12-12 12:29:08.607727589 +0000 previous-version
2023-12-12 12:29:08.630727557 +0000 backoff-expiry-time
2023-12-12 12:29:08.630727557 +0000 current-response-signature
2023-12-12 12:29:08.630727557 +0000 current-url-failure-count
2023-12-12 12:29:08.630727557 +0000 current-url-index
2023-12-12 12:29:08.630727557 +0000 full-response
2023-12-12 12:29:08.630727557 +0000 payload-attempt-number
2023-12-12 12:29:08.641727542 +0000 resumed-update-failures
2023-12-12 12:29:08.641727542 +0000 update-check-response-hash
2023-12-12 12:29:08.641727542 +0000 update-state-signature-blob
2023-12-12 12:29:08.641727542 +0000 update-state-signed-sha-256-context
2023-12-12 12:29:14.693718961 +0000 manifest-metadata-size
2023-12-12 12:29:35.307686556 +0000 update-state-sha-256-context
2023-12-12 12:29:35.308686554 +0000 update-state-next-data-offset
2023-12-12 12:29:35.308686554 +0000 update-state-next-operation
                                                                               
Broadcast message from locksmithd at 2023-12-12 12:29:43.93300407 +0000 UTC m=+
System reboot in 5 minutes!                                                    
                                                                               

localhost /var/lib/update_engine/prefs # stat -L --printf '%y %n\n' * | sort
2023-12-11 20:00:11.699914565 +0000 aleph-version
2023-12-12 10:44:59.771555986 +0000 update-server-cert-0-0
2023-12-12 10:44:59.771555986 +0000 update-server-cert-0-1
2023-12-12 10:44:59.771555986 +0000 update-server-cert-0-2
2023-12-12 12:29:08.630727557 +0000 current-response-signature
2023-12-12 12:29:08.630727557 +0000 current-url-failure-count
2023-12-12 12:29:08.630727557 +0000 current-url-index
2023-12-12 12:29:08.630727557 +0000 full-response
2023-12-12 12:29:39.126680025 +0000 backoff-expiry-time
2023-12-12 12:29:39.126680025 +0000 payload-attempt-number
2023-12-12 12:29:43.924671590 +0000 delta-update-failures
2023-12-12 12:29:43.924671590 +0000 manifest-metadata-size
2023-12-12 12:29:43.924671590 +0000 previous-version
2023-12-12 12:29:43.924671590 +0000 resumed-update-failures
2023-12-12 12:29:43.924671590 +0000 update-check-response-hash
2023-12-12 12:29:43.924671590 +0000 update-state-next-data-offset
2023-12-12 12:29:43.924671590 +0000 update-state-next-operation
2023-12-12 12:29:43.924671590 +0000 update-state-sha-256-context
2023-12-12 12:29:43.924671590 +0000 update-state-signature-blob
2023-12-12 12:29:43.924671590 +0000 update-state-signed-sha-256-context

@pothos pothos force-pushed the kai/store-only-update-response branch 4 times, most recently from 2670b28 to 1590e58 Compare December 11, 2023 16:05
pothos added a commit to flatcar/scripts that referenced this pull request Dec 11, 2023
@pothos
coreos-base/update_engine: Only store Omaha response for update check
56530ca 
This pulls in
flatcar/update_engine#33
to fix supplying extension update payloads with a custom base URL in
Nebraska.
@pothos pothos mentioned this pull request Dec 11, 2023
Merged
2 tasks
@pothos
Only store Omaha XML response for update check
dfc4c52 
The full Omaha XML response is stored to a file for the postinst action,
but we only want the response for the initial update check passed this
way and not overwrite the file with responses for state reports.
Only store the Omaha XML response for the update check and not all of
the interaction with the Omaha server.
@pothos pothos force-pushed the kai/store-only-update-response branch from 1590e58 to dfc4c52 Compare December 11, 2023 19:35
pothos added a commit to flatcar/scripts that referenced this pull request Dec 11, 2023
@pothos
coreos-base/update_engine: Only store Omaha response for update check
91dbe34 
This pulls in
flatcar/update_engine#33
to fix supplying extension update payloads with a custom base URL in
Nebraska.
@pothos pothos requested a review from a team December 12, 2023 12:35
pothos added a commit to flatcar/scripts that referenced this pull request Dec 12, 2023
@pothos
coreos-base/update_engine: Only store Omaha response for update check
179a04d 
This pulls in
flatcar/update_engine#33
to fix supplying extension update payloads with a custom base URL in
Nebraska.
@pothos pothos mentioned this pull request Dec 12, 2023
Closed
krnowak
krnowak approved these changes Dec 13, 2023
View reviewed changes
Copy link
Member

@krnowak krnowak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The changes look alright. Can I assume that the full response was not used for anything else?

@pothos
Copy link
Member Author

pothos commented Dec 13, 2023

Can I assume that the full response was not used for anything else?

The full response file was used when communicating with flatcar-update but not with Nebraska because flatcar-update gives always the same response while Nebraska only returns the update URLs in its first response. We test the first case in kola but not the second case.

@pothos pothos merged commit 8fb11a4 into flatcar-master Dec 13, 2023
1 check passed
@pothos pothos deleted the kai/store-only-update-response branch December 13, 2023 11:34
pothos added a commit to flatcar/scripts that referenced this pull request Dec 13, 2023
@pothos
coreos-base/update_engine: Only store Omaha response for update check
fe164a8 
This pulls in
flatcar/update_engine#33
to fix supplying extension update payloads with a custom base URL in
Nebraska.
pothos added a commit to flatcar/scripts that referenced this pull request Dec 13, 2023
@pothos
coreos-base/update_engine: Only store Omaha response for update check
ae89bb7 
This pulls in
flatcar/update_engine#33
to fix supplying extension update payloads with a custom base URL in
Nebraska.
pothos added a commit to flatcar/scripts that referenced this pull request Dec 13, 2023
@pothos
coreos-base/update_engine: Only store Omaha response for update check
388cb42 
This pulls in
flatcar/update_engine#33
to fix supplying extension update payloads with a custom base URL in
Nebraska.
pothos added a commit to flatcar/scripts that referenced this pull request Dec 13, 2023
@pothos
coreos-base/update_engine: Only store Omaha response for update check
0affb5a 
This pulls in
flatcar/update_engine#33
to fix supplying extension update payloads with a custom base URL in
Nebraska.
@github-actions github-actions bot mentioned this pull request Dec 22, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@krnowak krnowak krnowak approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

flatcar-postinst does not download sysext images from URLs advertised by Nebraska
2 participants
@pothos @krnowak