Commit Graph

7164 Commits

Author SHA1 Message Date
Alexander Larsson
9cf2ee7324 dir: Resolve extra-data setup from sideload repo too 2020-03-24 09:16:11 +01:00
Alexander Larsson
a2299486a6 Merge pull request #3478 from mwleeds/retry-on-transient-errors-upstream
Retry network requests on transient errors
2020-03-23 18:02:09 +01:00
Alexander Larsson
d30e902d9f Add build-update-repo --deploy-sideload-collection-id option
This is a new version of --deploy-collection-id that only applies
the collection id update for new (1.7.x+) version of flatpak clients.
This allows you to enable collection ids for sideload use but not
affect older clients where the p2p codepaths are not as tested.
2020-03-23 17:58:04 +01:00
Alexander Larsson
9208913664 Migrate config: Always enable gpg-verify-summary if collection id is set
This used to not be set for collection-id remotes as we used the
ostree-metadata branch for resolving. However, we now use the summary
always when doing a remote install (and not ostree-metadata for local
sideloads), so we still want to verify summary.

The signature on the summary is a nice security feature, but it is also
a very efficient small file to download to verify that no new summary
needs to be downloaded in the no-op update case.
2020-03-23 17:58:04 +01:00
Alexander Larsson
cd88ddd2af tests: Add more tests for sideloading
* Test that we load from sideload repo even when online
 * Test that when offline we don't update to older version in sideload repo
 * Test update to explicit version in sideload repo
 * Test updates to new version from sideload repo
2020-03-23 17:58:04 +01:00
Alexander Larsson
b3da5db1c3 update: Allow update --commit to install from sideloaded repo 2020-03-23 17:58:04 +01:00
Alexander Larsson
9abbb00b33 Drop xa.sideload-collection remote option in favour of regular collection-id
Nothing fundamentally happens differently in ostree if the collection-id
is set, as long as we don't call the p2p specific apis. So, lets keep
using it instead of adding our own special magic.
2020-03-23 17:58:04 +01:00
Alexander Larsson
316baff539 Don't enforce gpg-verify false when using collection id
With the new sideload approach to collection ids it is fine to require
gpg signed summaries. (Not for the child repos or the sideload repos
though, but thoser are either trusted (sideload) or safe for other
reasons like ref-bindings and signed commits).
2020-03-23 17:58:04 +01:00
Alexander Larsson
7710549596 tests: Add tests for sideloading apps 2020-03-23 17:58:04 +01:00
Alexander Larsson
2ac6be91f3 Change how we handle refs in child-repo for system installs
We used to to do a MIRROR pull and make a copy of the upstream summary
file in the child repo. However, now that we want to allow side-loading
from a repo with a partial summary we can no longer do that.

So, the new approach is that the child repo *always* contains
"remote:ref" style refs (never heads or mirror/collection-id refs),
but in order to not let you import a signel commit into the wrong ref
name we now require the commits to have a ref-binding (they all do
since a long time anyway).
2020-03-23 17:58:04 +01:00
Alexander Larsson
904e7b2e2f tests: Remove test-unsigned-summaries.sh
We no longer support unsigned summaries since we dropped the use
of the ostree-metadata branch for p2p.
2020-03-23 17:58:04 +01:00
Alexander Larsson
1d1819840e config: Support setting sideload-repos option 2020-03-23 17:58:04 +01:00
Alexander Larsson
bea879c0d0 FlatpakRemoteState: Drop separate tracking of metadata
We now always use the metadata from the summary, so no need
to track it separately.
2020-03-23 17:58:04 +01:00
Alexander Larsson
124b0be92e Drop more collection_id use
Most code that looks for a regular collection id set on the remote is
removed, as these should never happen in flatpak repo setups now.

Some is replaces with looking at xa.sideload-collection-id:
 * The libflatpak FlatpakRef::collection-id property now comes comes from the sideload id
 * Various CLI commands showing or changing the collection-id for a remote now uses the sideload id
 * Collection id deploy in update now sets the sideload-collection-id instead
 * Setting the collection id for a remote in libflatpak now sets the sideload id

Additionally we now delete the code that allows unsigned summaries
when there is a collection id (because there is none).

create-usb now uses the sideload id as as collection id source when exporting.

The direct repo operations (export, bundle, commit-from) still support
collection ids, because on the server we do want to set it so that we
can sideload.
2020-03-23 17:58:04 +01:00
Alexander Larsson
336a127f55 Support sideloaded repos
This adds a xa.sideload-collection-id option to the remote
configuration and a global xa.sideload-repos option (which is a list
of paths to local repos).

When resolving or listing refs, if we fail to download the real remote
summary (i.e. we're offline) then we instead look into the configured
sideloaded repos for refs that match ref and the sideloaded collection
id for the remote.

For the transaction to resolve the ref we need more metadata. In the
regular summary case we use the metadata from the summary, but that
is not available in the (partial) summary in the sideload repo, so
there we load the actual commit object and use the data from there.
(The ostree-metadata branch is not used/needed.)

This actually also fixes a longstanding issue when you "flatpak update
--checksum=XYZ" because we now handle this correctly by downloading
the commit object from the remote. Before we used the metadata in the
summary which is not right for non-HEAD commits.

To handle the sideloading we record the path to the sideload repo
when sideloading and pass the url to the repo as the remote name
when pulling, which will do a direct local pull.

We avoid using sideloaded refs when offline if the timestamp in the
commits is older than what is already installed locally.
2020-03-23 17:58:04 +01:00
Alexander Larsson
9061b855d8 Initial remove of p2p codepaths
This removes the most basic codepaths for p2p installation, as well
as the tests for it. There still remains various codepaths that
looks as the collection id, these will be removed later.

This is the first step in dropping the p2p code and replacing it with
a simpler approach that focuses on the sideloading case only.
2020-03-23 17:58:04 +01:00
Alexander Larsson
116a8b8487 transaction: Ensure the metadata in the pulled commit matches what we resolved
We're using the metadata from the summary, ostree-metadata or available
commit when making security sensitive decisions, so lets verify this
matches what we get in the actual commit we pulled.

We already did check that this then actually also matches what gets deployed,
so the new check shares code with that.

Note, we don't do this for OCI installs, because it seems the current
fedora flatpaks don't have this set, and we don't want to break
existing remotes.
2020-03-23 17:58:04 +01:00
Alexander Larsson
32194f2d29 create-usb: Detect the case of partial deploys and warn/fail
We don't want to make a usb repo with e.g. just one translation.
2020-03-23 17:58:04 +01:00
Alexander Larsson
83ef801537 dir: Add flatpak_deploy_data_has_subpaths() helper 2020-03-23 17:58:04 +01:00
Alexander Larsson
224b60016f tests: Print calling file+lineno when assert fails 2020-03-23 17:58:04 +01:00
Matthew Leeds
384c68d77a test-http-utils.sh: Fix a few typos 2020-03-20 15:52:50 -07:00
Matthew Leeds
5560132ba6 flatpak-utils-http.c: Add retry logic for transient failures
Currently if flatpak is installing an extra data app such as Spotify and
the server with the .deb file fails to complete the request, the
installation fails with a message like "Connection terminated
unexpectedly". This commit makes flatpak instead try 5 times to download
a given URI if the error returned seems like a transient one (so not,
for example, 404 not found). This is analogous to what was done in
libostree in commit 938055392fd455027a69398c441b992ae521aa87, and we use
some code from there.
2020-03-20 15:47:18 -07:00
Matthew Leeds
0b25455af1 flatpak-utils-http.c: Use more specific GIOError codes
Instead of defaulting to G_IO_ERROR_FAILED, use more specific codes when
we can. These were copied from libostree.
2020-03-20 13:46:36 -07:00
Alexander Larsson
ee93324333 tests: Avoid showing stderr for commands expected to fail 2020-03-20 15:37:10 +01:00
Alexander Larsson
241c5c7f40 tests: Hide unnecessary trace output from the test logs
We use some BASH_XTRACEFD hackery to hide the trace output from
the internals of the assert (and ok) functions, so that the
log output can focus on what is important, i.e. what asserts are
checked and what errors do they print.
2020-03-20 15:37:10 +01:00
Alexander Larsson
b1fdf6c4ef tests: Add and use "ok" helper
This allows us to print some separators for the logs also.

tests: Convert more tests to ok helper
2020-03-20 15:37:10 +01:00
Bastien Nocera
98c4b07322 common: Allow version numbers in app-id for DConf migration
Allow the app-id or the DConf path to finish with a digit and still be
considered similar enough for DConf migration purposes.

This allows the org.gnome.Rhythmbox3 app-id to migrate its
/org/gnome/rhythmbox DConf path.

See https://github.com/flathub/org.gnome.Rhythmbox3/pull/26
2020-03-17 13:12:57 +01:00
Bastien Nocera
a4df2bae2b tests: Better failure output for test_dconf_paths
Output whether we get an unexpected failure or success, and the values
we passed in, to make it easy to pinpoint the failing test.
2020-03-17 13:11:54 +01:00
Alexander Larsson
6395d04e40 Merge pull request #3471 from owtaylor/oci-error-overwrite
oci-authenticator: fix failures to clear GError
2020-03-17 11:12:51 +01:00
Alexander Larsson
7f7ceab633 Merge pull request #3468 from alexlarsson/token-type-endianness
Enforce little endian for token-type
2020-03-17 10:51:36 +01:00
Alexander Larsson
e22d4ff880 Merge pull request #3472 from owtaylor/oci-token-reuse
oci-authenticator: reuse token results when we already have them
2020-03-17 10:50:48 +01:00
Owen W. Taylor
08636d4729 oci-authenticator: reuse token results when we already have them
When we already have a token for the first repository after probing
for no-auth authenticator or testing user-entered credentials, just
use that, don't request it again in the loop over repositories.

This gives a significant optimization of the prompted-credentials
case for registry.redhat.io, which takes 4-5 seconds to generate a
token, hopefully avoiding the user thinking something has gone wrong.

Signed-off-by: Owen W. Taylor <otaylor@fishsoup.net>
2020-03-16 16:26:04 -04:00
Owen W. Taylor
425f628263 oci-authenticator: fix failures to clear GError
Fix problems overwriting a GError when we retry multiple times.
One of these was introduced with the recent change
e3f17a89a flatpak-oci-authenticator: try getting a token without credentials
but the other was existing.

Signed-off-by: Owen W. Taylor <otaylor@fishsoup.net>
2020-03-16 15:59:21 -04:00
Alexander Larsson
fc8a6f0681 Merge pull request #3469 from alexlarsson/fix-gpg-tests
tests: Fix gpg signature failure checks
2020-03-16 15:18:08 +01:00
Alexander Larsson
ab5f2dd7e8 tests: Fix gpg signature failure checks
It seems recent ostree reports a different error string for signature
check failures.
2020-03-16 15:01:54 +01:00
Alexander Larsson
360797dcd7 Merge pull request #3465 from alexlarsson/fix-repair-crash
repair: Don't crash if no remotes are configured
2020-03-16 12:30:59 +01:00
Alexander Larsson
00edd32596 common: Don't potentially write outside allocation
flatpak_bwrap_bundle_args() for some reasons does:

data = g_new (gchar, data_len);
*data = 0;

And then it starts copying in the data into the allocation, overwriting
the initial 0. If data_len is 0 this causes a write past end of
allocation, so just drop the second line above.
2020-03-16 12:30:49 +01:00
Alexander Larsson
ff317fd4fb Enforce little endian for token-type
When storing the token-type in the commit and the summary cache we
hardcode it to little-endian.

In theory this breaks the "ABI", but in practice this change is a
no-op on little-endian systems which is what most are. Additionally as most
servers are little-endian this also fixes using big-endian clients with
such servers.

This fixes:
https://github.com/flatpak/flatpak/issues/3434
2020-03-16 11:26:10 +01:00
Alexander Larsson
e2ee3306b7 repair: Don't crash if no remotes are configured
If no remotes are configured, ostree_repo_remote_list returns NULL
so don't dereference it.

Fixes: https://github.com/flatpak/flatpak/issues/3436
2020-03-16 10:47:41 +01:00
Alexander Larsson
b79e878a75 document-export: Support exporting directories
This adds support for exporting a directory as a document, as
supported by version 4 of the portal:

  https://github.com/flatpak/xdg-desktop-portal/pull/447
2020-03-16 09:29:55 +01:00
Matthew Leeds
6aa3ff0d6f common: Don't shadow parameter variables 2020-03-16 09:29:31 +01:00
Matthew Leeds
2f49385379 dir: Add a comment to an empty block
This makes lgtm.com happy
2020-03-16 09:29:31 +01:00
Matthew Leeds
24a99b354c repair: Don't shadow checksum parameter 2020-03-16 09:29:31 +01:00
Matthew Leeds
2005a52498 app/parse-datetime.h: Add #pragma once 2020-03-16 09:29:31 +01:00
Matthew Leeds
84c68ad501 oci-authenticator: Don't shadow a global variable 2020-03-16 09:29:31 +01:00
Matthew Leeds
4e7cee1b98 app: Don't shadow global variables
These were pointed out by lgtm.com
2020-03-16 09:29:31 +01:00
Zetrov (Zhengchao)
194ef58fb9 Update flatpak-build-init.xml 2020-03-16 09:27:20 +01:00
Zetrov (Zhengchao)
8b0a1936c0 typo 2020-03-16 09:27:20 +01:00
Zetrov (Zhengchao)
d99af85f05 Improvements for new users & fix example
New users who jump directly into this command might think this command is to init a project or application dictionary but it actually creates somehow a  directory for *built* app to run inside. 

plus, fix not working example

Sorry for such minor and boring commit.
2020-03-16 09:27:20 +01:00
Owen W. Taylor
f7616a8b3c flatpak-oci-registry.c: supply a default scope when getting a token
If no scope parameter is supplied in the WWW-Authenticate header,
docker and libpod will make up their own of the form
repository:<reponame>:pull when requesting a bearer token. Match that.

Signed-off-by: Owen W. Taylor <otaylor@fishsoup.net>
2020-03-16 09:15:00 +01:00