assertstate

package
v0.0.0-...-20647f5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 22, 2024 License: GPL-3.0 Imports: 19 Imported by: 101

Documentation

Overview

Package assertstate implements the manager and state aspects responsible for the enforcement of assertions in the system and manages the system-wide assertion database.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Add 

func Add(s *state.State, a asserts.Assertion) error

Add the given assertion to the system assertion database.

func AddBatch 

func AddBatch(s *state.State, batch *asserts.Batch, opts *asserts.CommitOptions) error

AddBatch adds the given assertion batch to the system assertion database.

func ApplyEnforcedValidationSets 

func ApplyEnforcedValidationSets(st *state.State, valsets map[string]*asserts.ValidationSet, pinnedSeqs map[string]int, snaps []*snapasserts.InstalledSnap, ignoreValidation map[string]bool, userID int) error

ApplyEnforcedValidationSets enforces the supplied validation sets. It takes a map of validation set keys to validation sets, pinned sequence numbers (if any), installed snaps and ignored snaps. It fetches any pre-requisites necessary.

func ApplyLocalEnforcedValidationSets 

func ApplyLocalEnforcedValidationSets(st *state.State, vsKeys map[string][]string, pinnedSeqs map[string]int, snaps []*snapasserts.InstalledSnap, ignoreValidation map[string]bool) error

ApplyLocalEnforcedValidationSets enforces the supplied validation sets. It takes a map of validation set keys to validation sets, pinned sequence numbers (if any), installed snaps and ignored snaps. The local in this naming indicates that it uses the validation-set primary keys to lookup assertions in the current database. No fetching is done contrary to the non-local version.

func AutoAliases 

func AutoAliases(s *state.State, info *snap.Info) (map[string]string, error)

AutoAliases returns the explicit automatic aliases alias=>app mapping for the given installed snap.

func AutoRefreshAssertions 

func AutoRefreshAssertions(s *state.State, userID int) error

AutoRefreshAssertions tries to refresh all assertions

func BaseDeclaration 

func BaseDeclaration(s *state.State) (*asserts.BaseDeclaration, error)

BaseDeclaration returns the base-declaration assertion with policies governing all snaps.

func DB 

func DB(s *state.State) asserts.RODatabase

DB returns a read-only view of system assertion database.

func FetchValidationSets 

func FetchValidationSets(st *state.State, toFetch []*asserts.AtSequence, opts FetchValidationSetsOptions, deviceCtx snapstate.DeviceContext) (*snapasserts.ValidationSets, error)

FetchValidationSets fetches the given validation set assertions from either the store or the existing assertions database. The validation sets are added to a snapasserts.ValidationSets, checked for any conflicts, and returned.

func ForgetValidationSet 

func ForgetValidationSet(st *state.State, accountID, name string, opts ForgetValidationSetOpts) error

ForgetValidationSet deletes a validation set for the given accountID and name. It is not an error to delete a non-existing one. If the validation-set is controlled by the model assertion it may not be allowed to forget it.

func GetValidationSet 

func GetValidationSet(st *state.State, accountID, name string, tr *ValidationSetTracking) error

GetValidationSet retrieves the ValidationSetTracking for the given account and name.

func Publisher 

func Publisher(s *state.State, snapID string) (*asserts.Account, error)

Publisher returns the account assertion for publisher of the given snap-id if it is present in the system assertion database.

func PublisherStoreAccount 

func PublisherStoreAccount(st *state.State, snapID string) (snap.StoreAccount, error)

PublisherStoreAccount returns the store account information from the publisher assertion.

func RefreshSnapAssertions 

func RefreshSnapAssertions(s *state.State, userID int, opts *RefreshAssertionsOptions) error

RefreshSnapAssertions tries to refresh all snap-centered assertions

func RefreshSnapDeclarations 

func RefreshSnapDeclarations(s *state.State, userID int, opts *RefreshAssertionsOptions) error

RefreshSnapDeclarations refetches all the current snap declarations and their prerequisites.

func RefreshValidationSetAssertions 

func RefreshValidationSetAssertions(s *state.State, userID int, opts *RefreshAssertionsOptions) error

RefreshValidationSetAssertions tries to refresh all validation set assertions.

func Registry 

func Registry(s *state.State, account, registryName string) (*asserts.Registry, error)

Registry returns the registry for the given account and registry name, if it's present in the system assertion database.

func ReplaceDB 

func ReplaceDB(state *state.State, db *asserts.Database)

ReplaceDB replaces the assertion database used by the manager.

func RestoreValidationSetsTracking 

func RestoreValidationSetsTracking(st *state.State) error

RestoreValidationSetsTracking restores validation-sets state to the last state stored in the validation-sets-stack. It should only be called when the stack is not empty, otherwise an error is returned.

func SnapDeclaration 

func SnapDeclaration(s *state.State, snapID string) (*asserts.SnapDeclaration, error)

SnapDeclaration returns the snap-declaration for the given snap-id if it is present in the system assertion database.

func Store 

func Store(s *state.State, store string) (*asserts.Store, error)

Store returns the store assertion with the given name/id if it is present in the system assertion database.

func TemporaryDB 

func TemporaryDB(st *state.State) *asserts.Database

TemporaryDB returns a temporary database stacked on top of the assertions database. Writing to it will not affect the assertions database.

func TrackedEnforcedValidationSets 

func TrackedEnforcedValidationSets(st *state.State, extraVss ...*asserts.ValidationSet) (*snapasserts.ValidationSets, error)

TrackedEnforcedValidationSets returns ValidationSets object with all currently tracked validation sets that are in enforcing mode. If extraVss is not nil then they are added to the returned set and replaces validation sets with same account/name in case they were tracked already.

func TrackedEnforcedValidationSetsForModel 

func TrackedEnforcedValidationSetsForModel(st *state.State, model *asserts.Model) (*snapasserts.ValidationSets, error)

TrackedEnforcedValidationSetsForModel returns a ValidationSets object for currently tracked validation sets that are in enforcing mode and also associated with the specified model.

func TryEnforcedValidationSets 

func TryEnforcedValidationSets(st *state.State, validationSets []string, userID int, snaps []*snapasserts.InstalledSnap, ignoreValidation map[string]bool) error

TryEnforcedValidationSets tries to fetch the given validation sets and enforce them (together with currently tracked validation sets) against installed snaps, but doesn't update tracking information in case of an error. It may return snapasserts.ValidationSetsValidationError which can be used to install/remove snaps as required to satisfy validation sets constraints.

func UpdateValidationSet 

func UpdateValidationSet(st *state.State, tr *ValidationSetTracking)

UpdateValidationSet updates ValidationSetTracking. The method assumes valid tr fields.

func ValidateRefreshes 

func ValidateRefreshes(s *state.State, snapInfos []*snap.Info, ignoreValidation map[string]bool, userID int, deviceCtx snapstate.DeviceContext) (validated []*snap.Info, err error)

ValidateRefreshes validates the refresh candidate revisions represented by the snapInfos, looking for the needed refresh control validation assertions, it returns a validated subset in validated and a summary error if not all candidates validated. ignoreValidation is a set of snap-instance-names that should not be gated.

func ValidationSetKey 

func ValidationSetKey(accountID, name string) string

ValidationSetKey formats the given account id and name into a validation set key.

func ValidationSets 

func ValidationSets(st *state.State) (map[string]*ValidationSetTracking, error)

ValidationSets retrieves all ValidationSetTracking data.

func ValidationSetsFromModel 

func ValidationSetsFromModel(st *state.State, model *asserts.Model, opts FetchValidationSetsOptions, deviceCtx snapstate.DeviceContext) (*snapasserts.ValidationSets, error)

ValidationSetsFromModel takes in a model and creates a snapasserts.ValidationSets from any validation sets that the model includes.

func ValidationSetsHistory 

func ValidationSetsHistory(st *state.State) ([]map[string]*ValidationSetTracking, error)

ValidationSetsHistory returns the complete history of validation sets tracking.

Types

type AssertManager 

type AssertManager struct{}

AssertManager is responsible for the enforcement of assertions in system states. It manipulates the observed system state to ensure nothing in it violates existing assertions, or misses required ones.

func Manager 

func Manager(s *state.State, runner *state.TaskRunner) (*AssertManager, error)

Manager returns a new assertion manager.

func (*AssertManager) Ensure 

func (m *AssertManager) Ensure() error

Ensure implements StateManager.Ensure.

type FetchValidationSetsOptions 

type FetchValidationSetsOptions struct {
	// Offline should be set to true if the store should not be accessed. Any
	// assertions will be retrieved from the existing assertions database. If
	// the assertions are not present in the database, an error will be
	// returned.
	Offline bool
}

FetchValidationSetsOptions contains options for FetchValidationSets.

type ForgetValidationSetOpts 

type ForgetValidationSetOpts struct {
	// ForceForget is used to forget a validation set even if it's enforced by
	// the model. This is currently used during remodeling when we need to
	// forget validation sets from the old/new model.
	ForceForget bool
}

ForgetValidationSetOpts holds options for ForgetValidationSet.

type RefreshAssertionsOptions 

type RefreshAssertionsOptions struct {
	IsAutoRefresh bool
	// IsRefreshOfAllSnaps indicates if assertions are refreshed together with
	// all installed snaps, which means validation set assertions can be refreshed
	// as well. It is implied if IsAutoRefresh is true.
	IsRefreshOfAllSnaps bool
}

type ResolveOptions 

type ResolveOptions struct {
	AllowLocalFallback bool
}

ResolveOptions carries extra options for ValidationSetAssertionForMonitor.

type ValidationSetMode 

type ValidationSetMode int

ValidationSetMode reflects the mode of respective validation set, which is either monitoring or enforcing. 

const (
	Monitor ValidationSetMode = iota
	Enforce
)

type ValidationSetTracking 

type ValidationSetTracking struct {
	AccountID string            `json:"account-id"`
	Name      string            `json:"name"`
	Mode      ValidationSetMode `json:"mode"`

	// PinnedAt is an optional pinned sequence point, or 0 if not pinned.
	PinnedAt int `json:"pinned-at,omitempty"`

	// Current is the current sequence point.
	Current int `json:"current,omitempty"`

	// LocalOnly indicates that the assertion was only available locally at the
	// time it was applied for monitor mode. This tells bulk refresh logic not
	// to error out on such assertion if it's not in the store.
	// This flag makes sense only in monitor mode and if pinned.
	LocalOnly bool `json:"local-only,omitempty"`
}

ValidationSetTracking holds tracking parameters for associated validation set.

func FetchAndApplyEnforcedValidationSet 

func FetchAndApplyEnforcedValidationSet(st *state.State, accountID, name string, sequence, userID int, snaps []*snapasserts.InstalledSnap, ignoreValidation map[string]bool) (*ValidationSetTracking, error)

FetchAndApplyEnforcedValidationSet tries to fetch the given validation set and enforce it. If all validation sets constrains are satisfied, the current validation sets tracking state is saved in validation sets history.

func MonitorValidationSet 

func MonitorValidationSet(st *state.State, accountID, name string, sequence int, userID int) (*ValidationSetTracking, error)

MonitorValidationSet tries to fetch the given validation set and monitor it. The current validation sets tracking state is saved in validation sets history.

func (*ValidationSetTracking) Sequence 

func (vs *ValidationSetTracking) Sequence() int

Sequence returns the sequence number of the currently used validation set.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.