adelorenzo/kubesolo-os
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases 4 Wiki Activity
Files
bce565e2f7787502d39e1e82aa3d8b2dd0632034
kubesolo-os/update/main.go
Adolfo Delorenzo bce565e2f7
Some checks failed
ARM64 Build / Build generic ARM64 disk image (push) Failing after 4s
Details
CI / Go Tests (push) Successful in 1m31s
Details
CI / Shellcheck (push) Successful in 47s
Details
CI / Build Go Binaries (amd64, linux, linux-amd64) (push) Failing after 10s
Details
CI / Build Go Binaries (arm64, linux, linux-arm64) (push) Failing after 16s
Details
feat(update): persistent state machine + lifecycle metrics 
Phase 5 of v0.3. Adds an explicit, on-disk state machine to the update agent
so the lifecycle of an attempt is observable end-to-end, instead of being
inferred from logs and side effects.

New package update/pkg/state:
- Phase enum (idle, checking, downloading, staged, activated, verifying,
  success, rolled_back, failed)
- UpdateState struct persisted to /var/lib/kubesolo/update/state.json
  (overridable via --state). Atomic write (.tmp + rename). Survives reboots
  and slot switches because the file lives on the data partition.
- Transition helper that bumps AttemptCount when an attempt starts, resets
  it when the target version changes, sets/clears LastError on
  failed/success transitions, and stamps StartedAt + UpdatedAt.
- 13 unit tests cover the lifecycle, atomic write, version-change reset,
  error recording, idempotent SetFromVersion, garbage-file handling.

Wired into the existing commands:
- apply.go transitions Idle -> Checking -> Downloading -> Staged, with
  RecordError on any step failure. Reads the active slot's version file to
  populate FromVersion.
- activate.go transitions to Activated.
- healthcheck.go transitions Activated -> Verifying -> Success on pass,
  or to Failed on fail. Skips transitions if state isn't post-activation
  (manual healthcheck on a stable system shouldn't churn the state).
- rollback.go transitions to RolledBack with LastError="manual rollback".
- check.go intentionally untouched — checks are passive queries, not
  attempts; they shouldn't reset AttemptCount.

status.go gains a --json mode that emits the full state report (A/B slots,
boot counter, full UpdateState) for orchestration tooling. Human-readable
mode also prints an Update Lifecycle section when state.phase != idle.

pkg/metrics gains three new series, derived from state.json at scrape time:
- kubesolo_update_phase{phase="..."} — 1 for current, 0 for all others;
  all nine phase values always emitted so dashboards see complete series
- kubesolo_update_attempts_total
- kubesolo_update_last_attempt_timestamp_seconds
Server.SetStatePath() configures the file location; defaults to absent
which emits Idle defaults. Three new tests cover the absent / active /
all-phases-emitted cases.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-14 18:11:47 -06:00

96 lines
3.0 KiB
Go
Raw Blame History

// kubesolo-update is the atomic update agent for KubeSolo OS.
//
// It manages A/B partition updates with automatic rollback:
//
// kubesolo-update check Check for available updates
// kubesolo-update apply Download + write update to passive partition
// kubesolo-update activate Set passive partition as next boot target
// kubesolo-update rollback Force rollback to other partition
// kubesolo-update healthcheck Post-boot health verification
// kubesolo-update status Show current A/B slot and boot status
// kubesolo-update sign Sign update artifacts with Ed25519 key
// kubesolo-update genkey Generate new Ed25519 signing key pair
// kubesolo-update metrics Start Prometheus-compatible metrics server
package main
import (
"fmt"
"log/slog"
"os"
"github.com/portainer/kubesolo-os/update/cmd"
)
func main() {
slog.SetDefault(slog.New(slog.NewTextHandler(os.Stderr, &slog.HandlerOptions{
Level: slog.LevelInfo,
})))
if len(os.Args) < 2 {
usage()
os.Exit(1)
}
var err error
switch os.Args[1] {
case "check":
err = cmd.Check(os.Args[2:])
case "apply":
err = cmd.Apply(os.Args[2:])
case "activate":
err = cmd.Activate(os.Args[2:])
case "rollback":
err = cmd.Rollback(os.Args[2:])
case "healthcheck":
err = cmd.Healthcheck(os.Args[2:])
case "status":
err = cmd.Status(os.Args[2:])
case "sign":
err = cmd.Sign(os.Args[2:])
case "genkey":
err = cmd.GenKey(os.Args[2:])
case "metrics":
err = cmd.Metrics(os.Args[2:])
default:
fmt.Fprintf(os.Stderr, "unknown command: %s\n\n", os.Args[1])
usage()
os.Exit(1)
}
if err != nil {
slog.Error("command failed", "command", os.Args[1], "error", err)
os.Exit(1)
}
}
func usage() {
fmt.Fprintf(os.Stderr, `Usage: kubesolo-update <command> [options]
Commands:
check Check for available updates
apply Download and write update to passive partition
activate Set passive partition as next boot target
rollback Force rollback to other partition
healthcheck Post-boot health verification (marks boot successful)
status Show current A/B slot and boot status
sign Sign artifacts with Ed25519 private key (build system)
genkey Generate new Ed25519 signing key pair
metrics Start Prometheus-compatible metrics HTTP server
Options:
--server URL Update server URL (default: from /etc/kubesolo/update.conf)
--grubenv PATH Path to grubenv file (default: /boot/grub/grubenv)
--state PATH Update state file (default: /var/lib/kubesolo/update/state.json)
--timeout SECS Health check timeout in seconds (default: 120)
--pubkey PATH Ed25519 public key for signature verification (optional)
--json For 'status': emit JSON instead of human-readable output
Examples:
kubesolo-update check --server https://updates.example.com
kubesolo-update apply --server https://updates.example.com --pubkey /etc/kubesolo/update-pubkey.hex
kubesolo-update healthcheck
kubesolo-update status
kubesolo-update status --json
`)
}
Reference in New Issue View Git Blame Copy Permalink