flatcar-update: Support Flatcar OEM and extension payloads #101
Conversation
pothos
force-pushed
the
kai/flatcar-update-sysext
branch
7 times, most recently
from
b1e480c to
4b9413c
Compare
pothos
force-pushed
the
kai/flatcar-update-sysext
branch
from
4b9413c to
165d641
Compare
| @@ -89,6 +119,32 @@ if [ "${FORCE_DEV_KEY}" = "1" ] && [ "${FORCE_FLATCAR_KEY}" = "1" ]; then | |||
| echo "Error: must only specify one of --force-dev-key or --force-flatcar-key" > /dev/stderr ; exit 1 | |||
| fi | |||
|
|
|||
| # Use the old mount point for compatibility with old instances, where the script gets copied to | |||
| OEMID=$({ grep -m 1 -o "^ID=.*" /usr/share/oem/oem-release 2> /dev/null || true ; } | cut -d = -f 2) | |||
There was a problem hiding this comment.
| OEMID=$({ grep -m 1 -o "^ID=.*" /usr/share/oem/oem-release 2> /dev/null || true ; } | cut -d = -f 2) | |
| OEMID=$({ grep -m 1 -o "^ID=.*" /usr/share/oem/oem-release 2> /dev/null || true ; } | cut -d = -f 2-) |
There was a problem hiding this comment.
The delimiter is = and not supposed to be part of the OEMID, or?
There was a problem hiding this comment.
I hope so. :) Another option here is (if you want):
| OEMID=$({ grep -m 1 -o "^ID=.*" /usr/share/oem/oem-release 2> /dev/null || true ; } | cut -d = -f 2) | |
| OEMID=$(source /usr/share/oem/oem-release || :; echo "${ID:-}") |
There was a problem hiding this comment.
Good idea, since this is used at other places, I think we should change it everywhere in a follow-up
There was a problem hiding this comment.
Tested it and it breaks the main script execution if oem-release would have an invalid syntax.
There was a problem hiding this comment.
What works is this here: $(sh -c "source /usr/share/oem/oem-release" || :; echo "${ID:-}")
There was a problem hiding this comment.
Tested it and it breaks the main script execution if
oem-releasewould have an invalid syntax.
Alright, let's have a solution that works. I'll have a look at making sure that this file is valid for sourcing.
There was a problem hiding this comment.
I'm sure it's valid as we ship it but if it's broken due to invalid user changes I wanted the script not to crash, hence the sh -c workaround (since it's a subshell, || : won't be needed then).
There was a problem hiding this comment.
Ah, no, my example is broken because the echo should be part of the sh -c
There was a problem hiding this comment.
This here works ID=$(sh -c 'source /usr/share/oem/oem-release; echo "${ID:-}"' 2>/dev/null || true)
The OEMs are now getting ported over to systemd-sysext images and they are delivered as additional update payloads in the Omaha response. We also define optional Flatcar extensions that the user can enable. While update-engine's post-install action and the initrd have a fallback mechanism that use the release server in case flatcar-update does not provide the required payloads, this does not work for airgapped environments or updating to developer payloads. Let flatcar-update download the required payloads for the running machine from the release server instead of relying on any fallback logic and also request the user to provide any required extension payloads.
pothos
force-pushed
the
kai/flatcar-update-sysext
branch
2 times, most recently
from
df81001 to
98f6810
Compare
The cleanup of all subprocesses through "kill 0" also ends up sending a SIGTERM to the script itself, which prevents ending with a successful return code. Keep track of spawned subprocesses (at least the top ones) and only kill them.
pothos
force-pushed
the
kai/flatcar-update-sysext
branch
from
98f6810 to
879698a
Compare
| @@ -89,6 +119,32 @@ if [ "${FORCE_DEV_KEY}" = "1" ] && [ "${FORCE_FLATCAR_KEY}" = "1" ]; then | |||
| echo "Error: must only specify one of --force-dev-key or --force-flatcar-key" > /dev/stderr ; exit 1 | |||
| fi | |||
|
|
|||
| # Use the old mount point for compatibility with old instances, where the script gets copied to | |||
| OEMID=$({ grep -m 1 -o "^ID=.*" /usr/share/oem/oem-release 2> /dev/null || true ; } | cut -d = -f 2) | |||
There was a problem hiding this comment.
I hope so. :) Another option here is (if you want):
| OEMID=$({ grep -m 1 -o "^ID=.*" /usr/share/oem/oem-release 2> /dev/null || true ; } | cut -d = -f 2) | |
| OEMID=$(source /usr/share/oem/oem-release || :; echo "${ID:-}") |
The OEMs are now getting ported over to systemd-sysext images and they are delivered as additional update payloads in the Omaha response. We also define optional Flatcar extensions that the user can enable. While update-engine's post-install action and the initrd have a fallback mechanism that use the release server in case flatcar-update does not provide the required payloads, this does not work for airgapped environments or updating to developer payloads.
Let flatcar-update download the required payloads for the running machine from the release server instead of relying on any fallback logic and also request the user to provide any required extension payloads.
How to use
Testing done
See flatcar/update_engine#24