checkpoint

Author: fintelia

Makefile

@@ -185,14 +185,22 @@ build-azl3: azl3-builder-image version-vars
 		-e TRIDENT_VERSION="$(LOCAL_BUILD_TRIDENT_VERSION)" \
 		-v $(PWD):/work -w /work $(AZL3_BUILDER_IMAGE) \
 		cargo build --color always --target-dir target/azl3 --release --features dangerous-options,grpc-preview
+	@docker run --rm \
+		-e TRIDENT_VERSION="$(LOCAL_BUILD_TRIDENT_VERSION)" \
+		-v $(PWD):/work -w /work $(AZL3_BUILDER_IMAGE) \
+		cargo build --color always --target-dir target/azl3 --release -p launcher
+
 
 bin/trident-azl3: build-azl3
 	@cp -u target/azl3/release/trident bin/trident-azl3
+bin/launcher: build-azl3
+	@cp -u target/azl3/release/launcher bin/launcher
+
 
 # This will do a proper build on azl3, exactly as the pipelines would, with the custom registry and all.
 bin/trident-rpms-azl3.tar.gz: packaging/docker/Dockerfile.full packaging/systemd/*.service packaging/rpm/trident.spec artifacts/osmodifier packaging/selinux-policy-trident/* version-vars
 	$(eval CARGO_REGISTRIES_BMP_PUBLICPACKAGES_TOKEN := $(shell az account get-access-token --query "join(' ', ['Bearer', accessToken])" --output tsv))
-	
+
 	@mkdir -p bin/
 	@tmpdir=$$(mktemp -d) && \
 		export CARGO_REGISTRIES_BMP_PUBLICPACKAGES_TOKEN="$(CARGO_REGISTRIES_BMP_PUBLICPACKAGES_TOKEN)" &&\
@@ -564,7 +572,7 @@ IS_UBUNTU_24_OR_NEWER := $(shell \
 RUN_NETLAUNCH_TRIDENT_BIN ?= $(if $(filter yes,$(IS_UBUNTU_24_OR_NEWER)),bin/trident-azl3,bin/trident)
 
 .PHONY: run-netlaunch run-netlaunch-stream
-run-netlaunch: $(NETLAUNCH_CONFIG) $(TRIDENT_CONFIG) $(NETLAUNCH_ISO) bin/netlaunch validate artifacts/osmodifier $(RUN_NETLAUNCH_TRIDENT_BIN)
+run-netlaunch: $(NETLAUNCH_CONFIG) $(TRIDENT_CONFIG) $(NETLAUNCH_ISO) bin/netlaunch artifacts/osmodifier $(RUN_NETLAUNCH_TRIDENT_BIN) bin/launcher
 	@echo "Using trident binary: $(RUN_NETLAUNCH_TRIDENT_BIN)"
 	@mkdir -p artifacts/test-image
 	@cp $(RUN_NETLAUNCH_TRIDENT_BIN) artifacts/test-image/trident
@@ -1016,7 +1024,7 @@ $(MINIMAL_IMAGE):
 	@tests/images/testimages.py download-image minimal
 
 MINIMAL_IMAGE_AARCH64 = artifacts/minimal_aarch64.vhdx
-$(MINIMAL_IMAGE_AARCH64): 
+$(MINIMAL_IMAGE_AARCH64):
 	@mkdir -p artifacts
 	@tests/images/testimages.py download-image minimal_aarch64
 

crates/launcher/src/main.rs

@@ -15,11 +15,11 @@ use futures::StreamExt;
 use log::{debug, error, info, trace, warn, LevelFilter};
 use semver::Version;
 use sha2::{Digest, Sha256};
-use tonic::transport::Endpoint;
+use tonic::{transport::Endpoint, Streaming};
 use trident_proto::v1::{
     servicing_response::Response as ResponseBody, update_service_client::UpdateServiceClient,
     FinalizeUpdateRequest, HostConfiguration, LogLevel, RebootHandling, RebootManagement,
-    StageUpdateRequest, StatusCode, UpdateRequest,
+    ServicingResponse, StageUpdateRequest, StatusCode, UpdateRequest,
 };
 use url::Url;
 use uuid::Uuid;
@@ -149,8 +149,13 @@ async fn trigger(url: &Url, hash: Option<String>) -> Result<(), anyhow::Error> {
         }))
         .await?;
 
-    // Iterate through the stream until we get a Control message
-    let mut stream = response.into_inner();
+    handle_servicing_stream(response.into_inner()).await
+}
+
+async fn handle_servicing_stream(
+    mut stream: Streaming<ServicingResponse>,
+) -> Result<(), anyhow::Error> {
+    // Iterate through the stream until we get a Completed message
     loop {
         match stream.next().await {
             Some(Ok(response)) => match response.response {
@@ -174,15 +179,16 @@ async fn trigger(url: &Url, hash: Option<String>) -> Result<(), anyhow::Error> {
                             "Trident install succeeded: status={:?}",
                             final_status.status()
                         );
-                        break;
+                        break Ok(());
                     } else {
                         error!("Trident install failed: status={:?}", final_status.status());
                         match final_status.error {
                             Some(err) => {
-                                return Err(anyhow::anyhow!(err.message));
+                                error!("Trident reported error: {}", err.message);
+                                break Err(anyhow::anyhow!(err.message));
                             }
                             None => {
-                                return Err(anyhow::anyhow!("Trident install failed"));
+                                break Err(anyhow::anyhow!("Trident install failed"));
                             }
                         }
                     }
@@ -193,17 +199,15 @@ async fn trigger(url: &Url, hash: Option<String>) -> Result<(), anyhow::Error> {
                 }
             },
             Some(Err(e)) => {
-                return Err(anyhow::anyhow!("Error reading from Trident stream: {e}"));
+                break Err(anyhow::anyhow!("Error reading from Trident stream: {e}"));
             }
             None => {
-                return Err(anyhow::anyhow!(
+                break Err(anyhow::anyhow!(
                     "Trident install stream ended without control message"
                 ));
             }
         }
     }
-
-    Ok(())
 }
 
 /// Query the Omaha server at the given URL for the given app and track to fetch

tests/images/trident-mos/files/download-trident.service

@@ -10,7 +10,9 @@ ExecStart=chmod +x /usr/bin/trident
 ExecStart=/sbin/restorecon -v /usr/bin/trident
 ExecStart=/bin/bash -c "curl $(grep -oP '^\s*phonehome: \\K.*(?=phonehome)' /etc/trident/config.yaml)files/osmodifier -o /usr/bin/osmodifier -f"
 ExecStart=/bin/chmod +x /usr/bin/osmodifier
+ExecStart=/bin/bash -c "curl $(grep -oP '^\s*phonehome: \\K.*(?=phonehome)' /etc/trident/config.yaml)files/launcher -o /usr/bin/launcher -f"
+ExecStart=/bin/chmod +x /usr/bin/launcher
 Type=oneshot
 
 [Install]
-WantedBy=trident-install.service
+WantedBy=trident-install.service