Start9/start-os
2
0
Fork 0
mirror of https://github.com/Start9Labs/start-os.git synced 2026-04-02 05:23:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

update ota script, rbind for dependency mounts, cli list-ingredients fix, and formatting

Browse Source
This commit is contained in:
Aiden McClelland
2026-01-28 16:09:37 -07:00
parent c65db31fd9
commit d232b91d31
45 changed files with 446 additions and 157 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
core/src/registry/admin.rs
View File

@@ -94,7 +94,12 @@ impl Model<BTreeMap<Guid, SignerInfo>> {
.next()
.transpose()?
.map(|(a, _)| a)
.ok_or_else(|| Error::new(eyre!("{}", t!("registry.admin.unknown-signer")), ErrorKind::Authorization))
.ok_or_else(|| {
Error::new(
eyre!("{}", t!("registry.admin.unknown-signer")),
ErrorKind::Authorization,
)
})
}
pub fn get_signer_info(&self, key: &AnyVerifyingKey) -> Result<(Guid, SignerInfo), Error> {
@@ -104,7 +109,12 @@ impl Model<BTreeMap<Guid, SignerInfo>> {
.filter_ok(|(_, s)| s.keys.contains(key))
.next()
.transpose()?
.ok_or_else(|| Error::new(eyre!("{}", t!("registry.admin.unknown-signer")), ErrorKind::Authorization))
.ok_or_else(|| {
Error::new(
eyre!("{}", t!("registry.admin.unknown-signer")),
ErrorKind::Authorization,
)
})
}
pub fn add_signer(&mut self, signer: &SignerInfo) -> Result<Guid, Error> {
@@ -119,7 +129,11 @@ impl Model<BTreeMap<Guid, SignerInfo>> {
return Err(Error::new(
eyre!(
"{}",
t!("registry.admin.signer-already-exists", guid = guid, name = s.name)
t!(
"registry.admin.signer-already-exists",
guid = guid,
name = s.name
)
),
ErrorKind::InvalidRequest,
));

25
core/src/registry/context.rs
View File

@@ -44,7 +44,11 @@ const DEFAULT_REGISTRY_LISTEN: SocketAddr =
pub struct RegistryConfig {
#[arg(short = 'c', long = "config", help = "help.arg.config-file-path")]
pub config: Option<PathBuf>,
#[arg(short = 'l', long = "listen", help = "help.arg.registry-listen-address")]
#[arg(
short = 'l',
long = "listen",
help = "help.arg.registry-listen-address"
)]
pub registry_listen: Option<SocketAddr>,
#[arg(short = 'H', long = "hostname", help = "help.arg.registry-hostname")]
pub registry_hostname: Vec<InternedString>,
@@ -52,7 +56,11 @@ pub struct RegistryConfig {
pub tor_proxy: Option<Url>,
#[arg(short = 'd', long = "datadir", help = "help.arg.data-directory")]
pub datadir: Option<PathBuf>,
#[arg(short = 'u', long = "pg-connection-url", help = "help.arg.postgres-connection-url")]
#[arg(
short = 'u',
long = "pg-connection-url",
help = "help.arg.postgres-connection-url"
)]
pub pg_connection_url: Option<String>,
}
impl ContextConfig for RegistryConfig {
@@ -195,9 +203,11 @@ impl CallRemote<RegistryContext> for CliContext {
.push("v0");
url
} else {
return Err(
Error::new(eyre!("{}", t!("registry.context.registry-required")), ErrorKind::InvalidRequest).into(),
);
return Err(Error::new(
eyre!("{}", t!("registry.context.registry-required")),
ErrorKind::InvalidRequest,
)
.into());
};
if let Ok(local) = cookie {
@@ -331,7 +341,10 @@ impl SignatureAuthContext for RegistryContext {
}
}
Err(Error::new(eyre!("{}", t!("registry.context.unauthorized")), ErrorKind::Authorization))
Err(Error::new(
eyre!("{}", t!("registry.context.unauthorized")),
ErrorKind::Authorization,
))
}
async fn post_auth_hook(
&self,

20
core/src/registry/os/asset/add.rs
View File

@@ -154,7 +154,10 @@ async fn add_asset(
})?;
Ok(())
} else {
Err(Error::new(eyre!("{}", t!("registry.os.asset.unauthorized")), ErrorKind::Authorization))
Err(Error::new(
eyre!("{}", t!("registry.os.asset.unauthorized")),
ErrorKind::Authorization,
))
}
})
.await
@@ -231,10 +234,12 @@ pub async fn cli_add_asset(
sign_phase.start();
let blake3 = file.blake3_mmap().await?;
let size = file
.size()
.await
.ok_or_else(|| Error::new(eyre!("{}", t!("registry.os.asset.failed-read-metadata")), ErrorKind::Filesystem))?;
let size = file.size().await.ok_or_else(|| {
Error::new(
eyre!("{}", t!("registry.os.asset.failed-read-metadata")),
ErrorKind::Filesystem,
)
})?;
let commitment = Blake3Commitment {
hash: Base64(*blake3.as_bytes()),
size,
@@ -336,7 +341,10 @@ async fn remove_asset(
.remove(&platform)?;
Ok(())
} else {
Err(Error::new(eyre!("{}", t!("registry.os.asset.unauthorized")), ErrorKind::Authorization))
Err(Error::new(
eyre!("{}", t!("registry.os.asset.unauthorized")),
ErrorKind::Authorization,
))
}
})
.await

12
core/src/registry/os/asset/get.rs
View File

@@ -125,17 +125,9 @@ pub struct CliGetOsAssetParams {
pub version: Version,
#[arg(help = "help.arg.platform")]
pub platform: InternedString,
#[arg(
long = "download",
short = 'd',
help = "help.arg.download-directory"
)]
#[arg(long = "download", short = 'd', help = "help.arg.download-directory")]
pub download: Option<PathBuf>,
#[arg(
long = "reverify",
short = 'r',
help = "help.arg.reverify-hash"
)]
#[arg(long = "reverify", short = 'r', help = "help.arg.reverify-hash")]
pub reverify: bool,
}

15
core/src/registry/os/asset/sign.rs
View File

@@ -89,7 +89,10 @@ async fn sign_asset(
.contains(&guid)
{
return Err(Error::new(
eyre!("{}", t!("registry.os.asset.signer-not-authorized", guid = guid)),
eyre!(
"{}",
t!("registry.os.asset.signer-not-authorized", guid = guid)
),
ErrorKind::Authorization,
));
}
@@ -184,10 +187,12 @@ pub async fn cli_sign_asset(
sign_phase.start();
let blake3 = file.blake3_mmap().await?;
let size = file
.size()
.await
.ok_or_else(|| Error::new(eyre!("{}", t!("registry.os.asset.failed-read-metadata")), ErrorKind::Filesystem))?;
let size = file.size().await.ok_or_else(|| {
Error::new(
eyre!("{}", t!("registry.os.asset.failed-read-metadata")),
ErrorKind::Filesystem,
)
})?;
let commitment = Blake3Commitment {
hash: Base64(*blake3.as_bytes()),
size,

3
core/src/registry/os/mod.rs
View File

@@ -26,7 +26,6 @@ pub fn os_api<C: Context>() -> ParentHandler<C> {
)
.subcommand(
"version",
version::version_api::<C>()
.with_about("about.commands-add-remove-list-versions"),
version::version_api::<C>().with_about("about.commands-add-remove-list-versions"),
)
}

9
core/src/registry/os/version/signer.rs
View File

@@ -95,7 +95,14 @@ pub async fn remove_version_signer(
.mutate(|s| Ok(s.remove(&signer)))?
{
return Err(Error::new(
eyre!("{}", t!("registry.os.version.signer-not-authorized", signer = signer, version = version)),
eyre!(
"{}",
t!(
"registry.os.version.signer-not-authorized",
signer = signer,
version = version
)
),
ErrorKind::NotFound,
));
}

36
core/src/registry/package/add.rs
View File

@@ -112,7 +112,10 @@ pub async fn add_package(
Ok(())
} else {
Err(Error::new(eyre!("{}", t!("registry.package.add.unauthorized")), ErrorKind::Authorization))
Err(Error::new(
eyre!("{}", t!("registry.package.add.unauthorized")),
ErrorKind::Authorization,
))
}
})
.await
@@ -228,8 +231,12 @@ pub async fn remove_package(
}: RemovePackageParams,
) -> Result<bool, Error> {
let peek = ctx.db.peek().await;
let signer =
signer.ok_or_else(|| Error::new(eyre!("{}", t!("registry.package.missing-signer")), ErrorKind::InvalidRequest))?;
let signer = signer.ok_or_else(|| {
Error::new(
eyre!("{}", t!("registry.package.missing-signer")),
ErrorKind::InvalidRequest,
)
})?;
let signer_guid = peek.as_index().as_signers().get_signer(&signer)?;
let rev = ctx
@@ -270,7 +277,10 @@ pub async fn remove_package(
}
Ok(())
} else {
Err(Error::new(eyre!("{}", t!("registry.package.unauthorized")), ErrorKind::Authorization))
Err(Error::new(
eyre!("{}", t!("registry.package.unauthorized")),
ErrorKind::Authorization,
))
}
})
.await;
@@ -345,7 +355,10 @@ pub async fn add_mirror(
Ok(())
} else {
Err(Error::new(eyre!("{}", t!("registry.package.add-mirror.unauthorized")), ErrorKind::Authorization))
Err(Error::new(
eyre!("{}", t!("registry.package.add-mirror.unauthorized")),
ErrorKind::Authorization,
))
}
})
.await
@@ -461,8 +474,12 @@ pub async fn remove_mirror(
}: RemoveMirrorParams,
) -> Result<(), Error> {
let peek = ctx.db.peek().await;
let signer =
signer.ok_or_else(|| Error::new(eyre!("{}", t!("registry.package.missing-signer")), ErrorKind::InvalidRequest))?;
let signer = signer.ok_or_else(|| {
Error::new(
eyre!("{}", t!("registry.package.missing-signer")),
ErrorKind::InvalidRequest,
)
})?;
let signer_guid = peek.as_index().as_signers().get_signer(&signer)?;
ctx.db
@@ -501,7 +518,10 @@ pub async fn remove_mirror(
}
Ok(())
} else {
Err(Error::new(eyre!("{}", t!("registry.package.remove-mirror.unauthorized")), ErrorKind::Authorization))
Err(Error::new(
eyre!("{}", t!("registry.package.remove-mirror.unauthorized")),
ErrorKind::Authorization,
))
}
})
.await

11
core/src/registry/package/mod.rs
View File

@@ -52,10 +52,14 @@ pub fn package_api<C: Context>() -> ParentHandler<C> {
if !changed {
tracing::warn!(
"{}",
t!("registry.package.remove-not-exist",
t!(
"registry.package.remove-not-exist",
id = args.params.id,
version = args.params.version,
sighash = args.params.sighash.map_or(String::new(), |h| format!("#{h}"))
sighash = args
.params
.sighash
.map_or(String::new(), |h| format!("#{h}"))
)
);
}
@@ -96,7 +100,6 @@ pub fn package_api<C: Context>() -> ParentHandler<C> {
)
.subcommand(
"category",
category::category_api::<C>()
.with_about("about.update-categories-registry"),
category::category_api::<C>().with_about("about.update-categories-registry"),
)
}

9
core/src/registry/package/signer.rs
View File

@@ -118,7 +118,14 @@ pub async fn remove_package_signer(
.is_some()
{
return Err(Error::new(
eyre!("{}", t!("registry.package.signer.not-authorized", signer = signer, id = id)),
eyre!(
"{}",
t!(
"registry.package.signer.not-authorized",
signer = signer,
id = id
)
),
ErrorKind::NotFound,
));
}