1. 14 Jan, 2019 1 commit
  2. 11 Jan, 2019 1 commit
  3. 09 Jan, 2019 1 commit
  4. 08 Jan, 2019 2 commits
  5. 02 Jan, 2019 1 commit
  6. 21 Dec, 2018 1 commit
  7. 20 Dec, 2018 3 commits
  8. 14 Dec, 2018 1 commit
  9. 12 Dec, 2018 1 commit
  10. 10 Dec, 2018 4 commits
    • Umang Jain's avatar
      lib/repo-commit: Relax min-free-space check in prepare_transaction() · 96339521
      Umang Jain authored
      We want a case where we can disable the min-free-space check. Initially,
      it felt like to add a OSTREE_REPO_PULL_FLAGS_DISABLE_FREE_SPACE_CHECK but
      the problem is prepare_transaction() does not have a OstreeRepoPullFlags
      parameter which we can parse right here. On top of it, prepare_transaction()
      enforces min-free-space check and won't let the transaction proceed if
      the check failed.
      
      This is pretty bad in conjunction with "inherit-transaction" as what
      Flatpak uses. There is no way to disable this check unless we remove
      it altogether from prepare_transaction.
      
      This issue came out to light when flatpak wasn't able to write metadata
      after fetching from remote:
      
      [uajain@localhost ~]$ flatpak remote-info flathub org.kde.Platform//5.9
      error: min-free-space-size 500MB would be exceeded
      
      Metadata objects helps in housekeeping and restricting them means
      restricting crucial UX (like search, new updates) functionalities
      in clients like gnome-software. The error banners originated from
      these issues are also abrupt and not much helpful to the user. This
      is the specific instance of the issue this patches tries to address.
      
      See https://github.com/flatpak/flatpak/issues/2139 for discussion.
      
      Closes: #1779
      Approved by: mwleeds
      96339521
    • Luca Bruno's avatar
      lib/kargs: allow empty-list arguments · 3ecbdd81
      Luca Bruno authored
      This adds support for empty-list arguments (e.g. `acpi_osi=`), which
      are semantically different from simple-keyword arguments.
      
      Ref: https://github.com/projectatomic/rpm-ostree/issues/1706
      
      Closes: #1785
      Approved by: cgwalters
      3ecbdd81
    • Alexander Larsson's avatar
      Fix leak in ostree_content_stream_parse() · d044bfeb
      Alexander Larsson authored
      We need to ref_sink new GVariants for autoptr to work
      
      Closes: #1784
      Approved by: cgwalters
      d044bfeb
    • Colin Walters's avatar
      ci/papr: Drop insttests · 416007e7
      Colin Walters authored
      This didn't quite work out, and is now always failing because Ansible
      changed.
      
      For now we have some OK coverage via the rpm-ostree suite, let's just
      drop this and revisit later.
      
      Closes: #1783
      Approved by: jlebon
      416007e7
  11. 07 Dec, 2018 2 commits
  12. 04 Dec, 2018 2 commits
  13. 21 Nov, 2018 1 commit
    • rfairley's avatar
      lib/repo: Search a list of paths in gpgkeypath for gpg keys · 05e8c7ef
      rfairley authored
      This allows specifying gpgpath as list of
      paths that can point to a file or a directory. If a directory path
      is given, paths to all regular files in the directory are added
      to the remote as gpg ascii keys. If the path is not a directory,
      the file is directly added (whether regular file, empty - errors
      will be reported later when verifying gpg keys e.g. when pulling).
      
      Adding the gpgkeypath property looks like:
      
      ostree --repo=repo remote add --set=gpgpath="/path/key1.asc,/path/keys.d" R1 https://example.com/some/remote/ostree/repo
      
      Closes #773
      
      Closes: #1773
      Approved by: cgwalters
      05e8c7ef
  14. 13 Nov, 2018 1 commit
    • Jonathan Lebon's avatar
      lib/commit: Copy user.ostreemeta only for bare-user · 244d9a7e
      Jonathan Lebon authored
      When falling back to copying objects when importing them into a
      bare-user repo, we only actually need to transfer over the
      `user.ostreemeta` xattr.
      
      This allows the destination repo to be on a separate filesystem that
      might not even support `security.selinux`. (I hit this while importing
      over virtio-9p).
      
      Closes: #1771
      Approved by: cgwalters
      244d9a7e
  15. 05 Nov, 2018 1 commit
    • Jonathan Lebon's avatar
      lib/commit: Add devino_cache_hits to txn stats · 8eac5be0
      Jonathan Lebon authored
      I found this useful while hacking on rpm-ostree but I think it might be
      useful enough to upstream. This stat is really helpful for validating
      that a pipeline is hitting the devino cache sweet spot.
      
      Closes: #1772
      Approved by: cgwalters
      8eac5be0
  16. 01 Nov, 2018 1 commit
    • Jonathan Lebon's avatar
      bin/pull-local: Add --commit-metadata-only · 1dcebe88
      Jonathan Lebon authored
      It might be "local", but e.g. we may be crossing filesystems. So there
      are valid use cases for only wanting to pull the commit metadata with
      `pull-local`.
      
      Closes: #1769
      Approved by: cgwalters
      1dcebe88
  17. 31 Oct, 2018 1 commit
  18. 30 Oct, 2018 1 commit
  19. 26 Oct, 2018 1 commit
  20. 25 Oct, 2018 2 commits
  21. 24 Oct, 2018 3 commits
    • Umang Jain's avatar
      Release 2018.9 · f3eba6bc
      Umang Jain authored
      Closes: #1761
      Approved by: cgwalters
      f3eba6bc
    • Jonathan Lebon's avatar
      ostree/main: Wrap `Version` in `--version` in quotes · 759b0998
      Jonathan Lebon authored
      Wrap the `Version` key in the YAML-compatible output of
      `ostree --version` with quotes so that it's parsed as a string. The
      issues with the previous approach in a nutshell:
      
      ```
      In [5]: yaml.load("asdf: 2018.10")
      Out[5]: {'asdf': 2018.1}
      ```
      
      It's treating the version number as a floating-point. Now, this is
      technically a backwards incompatible change, but given that the previous
      approach is inherently broken for our needs, I don't see a way around
      breaking it now.
      
      Closes: #1761
      Approved by: cgwalters
      759b0998
    • Umang Jain's avatar
      Post-release version bump · e4e3e087
      Umang Jain authored
      Closes: #1761
      Approved by: cgwalters
      e4e3e087
  22. 23 Oct, 2018 4 commits
    • Matthew Leeds's avatar
      Rename core.repo-finders to core.default-repo-finders · ed41822b
      Matthew Leeds authored
      This renames a config key to make its semantics more obvious. Despite
      what the commit message says, it only applies when a set of repo finders
      is not specified (either on the command line or in a library API call).
      This also renames the corresponding ostree_repo_get function. We can do
      this since it hasn't been released yet.
      
      Closes: #1763
      Approved by: pwithnall
      ed41822b
    • Matthew Leeds's avatar
      lib/repo-pull: Add an explanatory comment · 3fc46f37
      Matthew Leeds authored
      Closes: #1763
      Approved by: pwithnall
      3fc46f37
    • Colin Walters's avatar
      README: Add bindings section · c9a9e6c3
      Colin Walters authored
      Since rust-libostree now exists too, let's make sure people
      know about it.
      
      Closes: #1762
      Approved by: jlebon
      c9a9e6c3
    • Jonathan Lebon's avatar
      boot: Add ostree-finalize-staged.path · ac1a919f
      Jonathan Lebon authored
      Rather than manually starting the `ostree-finalize-staged.service` unit,
      we can leverage systemd's path units for this. It fits quite nicely too,
      given that we already have a path we drop iif we have a staged
      deployment.
      
      To give some time for the preset to make it to systems, we don't yet
      drop the explicit call to `systemctl start`. Though we do make it
      conditional based on a DEBUG env var so that we can actually test it in
      CI for now. Once we're sure this has propagated, we can drop the
      `systemctl start` path and the env var together.
      
      Closes: #1740
      Approved by: cgwalters
      ac1a919f
  23. 22 Oct, 2018 1 commit
  24. 21 Oct, 2018 2 commits
    • Matthew Leeds's avatar
      lib/repo-pull: Disable LAN updates by default · 1d6347fe
      Matthew Leeds authored
      This commit disables searching on the local network for refs, unless
      explicitly requested by the user either by changing the value of the
      "core.repo-finders" config option, or by passing an OstreeRepoFinderAvahi to
      ostree_repo_find_remotes_async() / ostree_repo_finder_resolve_async(),
      or by specifying "lan" in the --finders option of the find-remotes
      command.
      
      The primary reason for this is that ostree_repo_find_remotes_async()
      takes about 40% longer to complete with the LAN finder enabled, and that
      API is used widely (e.g. in every flatpak operation). It's also probable
      that some users don't want ostree doing potentially unexpected traffic
      on the local network, even though everything pulled from a peer is GPG
      verified.
      
      Flathub will soon deploy collection IDs to everyone[1] so these code
      paths will soon see a lot more use and that's why this change is being
      made now.
      
      Endless is the only potential user of the LAN updates feature, and we
      can revert this patch on our fork of ostree. For it to be used outside
      Endless OS we will need to upstream eos-updater-avahi and
      eos-update-server into ostree.
      
      [1] https://github.com/flathub/flathub/issues/676
      
      Closes: #1758
      Approved by: cgwalters
      1d6347fe
    • Matthew Leeds's avatar
      Allow disabling pulling from LAN/USB/Internet · 3956fc88
      Matthew Leeds authored
      Currently libostree essentially has two modes when it's pulling refs:
      the "legacy" code paths pull only from the Internet, and the code paths
      that are aware of collection IDs try to pull from the Internet, the
      local network, and mounted filesystems (such as USB drives). The problem
      is that while we eventually want to migrate everyone to using collection
      IDs, we don't want to force checking LAN and USB sources if the user
      just wants to pull from the Internet, since the LAN/USB code paths can
      have privacy[1], security[2], and performance[3] implications.
      
      So this commit implements a new repo config option called "repo-finders"
      which can be configured to, for example, "config;lan;mount;" to check
      all three sources or "config;mount;" to disable searching the LAN. The
      set of values mirror those used for the --finders option of the
      find-remotes command. This configuration affects pulls in three places:
      1. the ostree_repo_find_remotes_async() API, regardless of whether or
      not the user of the API provided a list of OstreeRepoFinders
      2. the ostree_repo_finder_resolve_async() /
      ostree_repo_finder_resolve_all_async() API
      3. the find-remotes command
      
      This feature is especially important right now since we soon want to
      have Flathub publish a metadata key which will have Flatpak clients
      update the remote config to add a collection ID.[4]
      
      This effectively fixes https://github.com/flatpak/flatpak/issues/1863
      but I'll patch Flatpak too, so it doesn't pass finders to libostree only
      to then have them be removed.
      
      [1] https://github.com/flatpak/flatpak/issues/1863#issuecomment-404128824
      [2] https://github.com/ostreedev/ostree/issues/1527
      [3] Based on how long the "ostree find-remotes" command takes to
        complete, having the LAN finder enabled slows down that step of the
        pull process by about 40%. See also
        https://github.com/flatpak/flatpak/issues/1862
      [4] https://github.com/flathub/flathub/issues/676
      
      Closes: #1758
      Approved by: cgwalters
      3956fc88
  25. 19 Oct, 2018 1 commit
    • Jonathan Lebon's avatar
      ostree-prepare-root.service: Run earlier in initrd · a4a49724
      Jonathan Lebon authored
      Previously, we were preparing the root very late in the boot process;
      right before we switch root. The issue with that is that most services
      in the initrd that run `After=initrd-root-fs.target` expect that
      `/sysroot` already points to the rootfs we'll be pivoting to. Running
      this late violates that assumption.
      
      This patch fixes this by making `ostree-prepare-root.service` instead
      run right after `sysroot.mount` (the physical sysroot mounted by
      systemd) but still before `initrd-root-fs.target` (which is the target
      signalling that `/sysroot` is now valid and ready).
      
      This should make it easier to integrate OSTree with other initrd
      services such as Ignition.
      
      Related: https://github.com/dustymabe/ignition-dracut/issues/20
      
      Closes: #1759
      Approved by: cgwalters
      a4a49724