Create "direct" install sub command that will be called in a posttrans on package mode installations

[yasminvalim]

TICKET: As part of https://fedoraproject.org/wiki/Changes/BootLoaderUpdatesPhase1, for package mode installations, we will update the bootloader (copy from /usr to boot or ESP) as part of the posttrans scriptlet.

This is a slightly different path as the current update path where we have the systemd-run logic, and we notably don't have any prepared metadata.

We can start by creating a command that does a simple copy (like the scripts do) and then iterate on merging the logic between the package mode and the image mode use case.

See change and current sample/basic installation scripts:

https://fedoraproject.org/wiki/Changes/BootLoaderUpdatesPhase1
https://src.fedoraproject.org/rpms/grub2/pull-request/136
https://src.fedoraproject.org/rpms/shim/pull-request/4

See related issue: #926

[gemini-code-assist]

Code Review

This pull request introduces a new copy-to-boot subcommand to bootupd. This is intended for package-based systems to update bootloader files from /usr/lib/efi to the ESP. The implementation adds a new method to the Component trait, with a concrete implementation for the Efi component. The logic for finding the ESP and copying files is well-encapsulated in new helper functions. The existing install logic is refactored to use this new shared code, which is a great improvement. Comprehensive tests for the new functionality have been added. The changes are well-structured and clear. I have one suggestion for simplification.

[gemini-code-assist]

The .ok_or_else() call here is on a value that is guaranteed to be Some. The find_colocated_esps function returns None if no ESPs are found, which is handled by the let-else statement on line 246. If it returns Some(vec), the vector is guaranteed to be non-empty. Therefore, esp_devices.first() will never be None, and this error-handling code is unreachable.

You can simplify this by using .unwrap(), which is safe in this context. This also removes a potentially confusing error message.

Suggested change

	let esp_device = esp_devices
	.first()
	.ok_or_else(|| anyhow::anyhow!("No ESP device found"))?;
	let esp_device = esp_devices.first().unwrap();

[yasminvalim]

Same as: #1021

I encountered some issues with the git history on my previous branch, so I've pushed this new branch to resolve it.

[travier]

#1021 (comment):

@travier the command that we want to use is for package mode, also for image mode, is this right?

This command will be used exclusively on package mode.

[HuijingHei]

#1021 (comment):

@travier the command that we want to use is for package mode, also for image mode, is this right?

This command will be used exclusively on package mode.

Thank you for the confirmation, then it would be easy for us to add such tmt test.

[ravanelli]

You are harding coding the versions here, and also in line 1168 and in the other commits also for Grub. Is there any reason? it will fail if we have a diff version.

[yasminvalim]

Nice catch, it makes sense to avoid hardcoding there. I’ve fixed it to match the pattern used in the other tests.

[travier]

I have not reviewed the code yet, but in the meantime, can you test that this change works when you run it as part of a GRUB update? See %posttrans in the GRUB package: https://src.fedoraproject.org/rpms/grub2/blob/rawhide/f/grub2.spec#_430

[travier]

From a discussion with Huijing, it would be good to test this end to end on a Fedora package mode VM with a GRUB update with the change in the scriptlet.

We should then add a TMT test here in this repo that does the same check (create a fake RPM to update GRUB and run this code, install the RPM, check everything is OK and the VM still boots) to make sure we do not regress this functionnality.

[HuijingHei]

From a discussion with Huijing, it would be good to test this end to end on a Fedora package mode VM with a GRUB update with the change in the scriptlet.

We should then add a TMT test here in this repo that does the same check (create a fake RPM to update GRUB and run this code, install the RPM, check everything is OK and the VM still boots) to make sure we do not regress this functionnality.

Thank you! SGTM, will do this soon.

[yasminvalim]

Hey @HuijingHei, I can take a look on how do TMT tests and apply it here. Do you have any examples of this kind of test?

Thanks @travier for your support!

[HuijingHei]

Hey @HuijingHei, I can take a look on how do TMT tests and apply it here. Do you have any examples of this kind of test?

Thank you! Maybe can refer to coreos/ignition@e4b62af, but I think it could be simpler.

Could you help to rebase the main branch for the PR? I just do the rebase.

[HuijingHei]

@yasminvalim I am doing tests with add-post, also rebase this PR, build package for f44, and install it on package mode, failed when running posttrans, could you help to check? Thank you! fix this with a new patch and doing tests, passed.

[root@citest-1 ~]# dnf install -y /mnt/shared/bootupd/bootupd-0.2.32.23.gd2b568e-1.fc44.x86_64.rpm
...
[3/3] Installing bootupd-0:0.2.32.23.gd2b568e-1.fc44.x86_64                                                                          100% |   5.4 MiB/s |   3.5 MiB |  00m01s
>>> Running %posttrans scriptlet: bootupd-0:0.2.32.23.gd2b568e-1.fc44.x86_64
>>> Finished %posttrans scriptlet: bootupd-0:0.2.32.23.gd2b568e-1.fc44.x86_64
>>> Scriptlet output:
>>> error: unrecognized subcommand 'copy-to-boot'
>>> 
>>> Usage: bootupctl backend [OPTIONS]
>>> 
>>> For more information, try '--help'.
>>> 
Warning: skipped OpenPGP checks for 1 package from repository: @commandline
Complete!

Test with the latest patch, install with posttrans successfully. And also do tests with fake echo test > /boot/efi/EFI/BOOT/grubx64.efi, after installation, the file is updated.

[root@citest-1 ~]# dnf install -y /mnt/shared/bootupd/bootupd-0.2.32.23.g175f2fa-1.fc44.x86_64.rpm
Updating and loading repositories:
Repositories loaded.
Package                                                   Arch          Version                                                    Repository                            Size
Installing:
 bootupd                                                  x86_64        0:0.2.32.23.g175f2fa-1.fc44                                @commandline                       3.5 MiB

Transaction Summary:
 Installing:         1 package

Total size of inbound packages is 1 MiB. Need to download 0 B.
After this operation, 4 MiB extra will be used (install 4 MiB, remove 0 B).
Running transaction
[1/3] Verify package files                                                                                                           100% | 100.0   B/s |   1.0   B |  00m00s
[2/3] Prepare transaction                                                                                                            100% |  15.0   B/s |   1.0   B |  00m00s
[3/3] Installing bootupd-0:0.2.32.23.g175f2fa-1.fc44.x86_64                                                                          100% |   4.5 MiB/s |   3.5 MiB |  00m01s
Warning: skipped OpenPGP checks for 1 package from repository: @commandline
Complete!

Just one small question about this, after install the new bootupctl, /boot/efi is unmounted, maybe we should not unmount (the same as before installation)? WDYT? @travier