Aktualizr
C++ SOTA Client
All Classes Namespaces Files Functions Variables Enumerations Enumerator Pages
garage_deploy.cc
1 #include <string>
2 
3 #include <boost/filesystem.hpp>
4 #include <boost/program_options.hpp>
5 
6 #include "accumulator.h"
7 #include "authenticate.h"
8 #include "check.h"
9 #include "deploy.h"
10 #include "garage_common.h"
11 #include "garage_tools_version.h"
12 #include "logging/logging.h"
13 #include "ostree_http_repo.h"
14 
15 namespace po = boost::program_options;
16 
17 int main(int argc, char **argv) {
18  logger_init();
19 
20  int verbosity;
21  std::string ostree_commit;
22  std::string name;
23  boost::filesystem::path fetch_cred;
24  boost::filesystem::path push_cred;
25  std::string hardwareids;
26  std::string cacerts;
27  int max_curl_requests;
28  RunMode mode = RunMode::kDefault;
29  po::options_description desc("garage-deploy command line options");
30  // clang-format off
31  desc.add_options()
32  ("help", "print usage")
33  ("version", "Current garage-deploy version")
34  ("verbose,v", accumulator<int>(&verbosity), "Verbose logging (use twice for more information)")
35  ("quiet,q", "Quiet mode")
36  ("commit", po::value<std::string>(&ostree_commit)->required(), "OSTree commit to deploy")
37  ("name", po::value<std::string>(&name)->required(), "Name of image")
38  ("fetch-credentials,f", po::value<boost::filesystem::path>(&fetch_cred)->required(), "path to source credentials")
39  ("push-credentials,p", po::value<boost::filesystem::path>(&push_cred)->required(), "path to destination credentials")
40  ("hardwareids,h", po::value<std::string>(&hardwareids)->required(), "list of hardware ids")
41  ("cacert", po::value<std::string>(&cacerts), "override path to CA root certificates, in the same format as curl --cacert")
42  ("jobs", po::value<int>(&max_curl_requests)->default_value(30), "maximum number of parallel requests")
43  ("dry-run,n", "check arguments and authenticate but don't upload");
44  // clang-format on
45 
46  po::variables_map vm;
47 
48  try {
49  po::store(po::parse_command_line(argc, reinterpret_cast<const char *const *>(argv), desc), vm);
50 
51  if (vm.count("help") != 0u) {
52  LOG_INFO << desc;
53  return EXIT_SUCCESS;
54  }
55  if (vm.count("version") != 0) {
56  LOG_INFO << "Current garage-deploy version is: " << garage_tools_version();
57  exit(EXIT_SUCCESS);
58  }
59  po::notify(vm);
60  } catch (const po::error &o) {
61  LOG_ERROR << o.what();
62  LOG_ERROR << desc;
63  return EXIT_FAILURE;
64  }
65 
66  // Configure logging
67  if (verbosity == 0) {
68  // 'verbose' trumps 'quiet'
69  if (static_cast<int>(vm.count("quiet")) != 0) {
70  logger_set_threshold(boost::log::trivial::warning);
71  } else {
72  logger_set_threshold(boost::log::trivial::info);
73  }
74  } else if (verbosity == 1) {
75  logger_set_threshold(boost::log::trivial::debug);
76  LOG_DEBUG << "Debug level debugging enabled";
77  } else if (verbosity > 1) {
78  logger_set_threshold(boost::log::trivial::trace);
79  LOG_TRACE << "Trace level debugging enabled";
80  } else {
81  assert(0);
82  }
83 
84  Utils::setUserAgent(std::string("garage-deploy/") + garage_tools_version());
85 
86  if (vm.count("dry-run") != 0u) {
87  mode = RunMode::kDryRun;
88  }
89 
90  if (max_curl_requests < 1) {
91  LOG_FATAL << "--jobs must be greater than 0";
92  return EXIT_FAILURE;
93  }
94 
95  ServerCredentials fetch_credentials(fetch_cred);
96  TreehubServer fetch_server;
97  if (authenticate(cacerts, fetch_credentials, fetch_server) != EXIT_SUCCESS) {
98  LOG_FATAL << "Authentication with fetch server failed";
99  return EXIT_FAILURE;
100  }
101 
102  ServerCredentials push_credentials(push_cred);
103  TreehubServer push_server;
104  if (authenticate(cacerts, push_credentials, push_server) != EXIT_SUCCESS) {
105  LOG_FATAL << "Authentication with push server failed";
106  return EXIT_FAILURE;
107  }
108 
109  OSTreeRepo::ptr src_repo = std::make_shared<OSTreeHttpRepo>(&fetch_server);
110  try {
111  OSTreeHash commit(OSTreeHash::Parse(ostree_commit));
112  // Since the fetches happen on a single thread in OSTreeHttpRepo, there
113  // isn't much reason to upload in parallel, but why hold the system back if
114  // the fetching is faster than the uploading?
115  if (!UploadToTreehub(src_repo, push_server, commit, mode, max_curl_requests)) {
116  LOG_FATAL << "Upload to treehub failed";
117  return EXIT_FAILURE;
118  }
119 
120  if (mode == RunMode::kDefault || mode == RunMode::kPushTree) {
121  if (!push_credentials.CanSignOffline()) {
122  LOG_FATAL << "Provided push credentials are missing required components to sign Targets metadata.";
123  return EXIT_FAILURE;
124  }
125  if (!OfflineSignRepo(ServerCredentials(push_credentials.GetPathOnDisk()), name, commit, hardwareids)) {
126  return EXIT_FAILURE;
127  }
128 
129  if (CheckRefValid(push_server, ostree_commit, mode, max_curl_requests) != EXIT_SUCCESS) {
130  LOG_FATAL << "Check if the ref is present on the server or in targets.json failed";
131  return EXIT_FAILURE;
132  }
133  } else {
134  LOG_INFO << "Dry run. Not attempting offline signing.";
135  }
136  } catch (OSTreeCommitParseError &e) {
137  LOG_FATAL << e.what();
138  return EXIT_FAILURE;
139  }
140 
141  return EXIT_SUCCESS;
142 }
143 // vim: set tabstop=2 shiftwidth=2 expandtab:
RunMode::kPushTree
Walk the entire tree and upload any missing objects.
OSTreeHash
Definition: ostree_hash.h:9
ServerCredentials
Definition: server_credentials.h:25
OSTreeCommitParseError
Definition: ostree_hash.h:28
TreehubServer
Definition: treehub_server.h:11
OSTreeHash::Parse
static OSTreeHash Parse(const std::string &hash)
Parse an OSTree hash from a string.
Definition: ostree_hash.cc:7
garage_common.h
RunMode::kDefault
Default operation.
RunMode::kDryRun
Dry run.
RunMode
RunMode
Execution mode to run garage tools in.
Definition: garage_common.h:6
Generated by   doxygen 1.8.16