From 2e5ffaccca1f8824384569f8add5bead28fddcdc Mon Sep 17 00:00:00 2001 From: Drew Walters Date: Wed, 17 Jul 2019 13:55:22 +0000 Subject: [PATCH] apt: Add full-system upgrade feature Currently, the APT daemonset allows the installation of new packages or upgrade of existing packages to a newer version. Sometimes, it may be desirable to trigger an update for all packages. This change introduces the ability to trigger a full-system upgrade using the .conf.apt.upgrade chart value. The new option is disabled by default. Change-Id: I611422c2093b9dbbae4e2d7cc05ebd726e895c88 Signed-off-by: Drew Walters --- divingbell/templates/bin/_apt.sh.tpl | 12 +++++++++++- divingbell/values.yaml | 1 + doc/source/index.rst | 18 +++++++++++++----- 3 files changed, 25 insertions(+), 6 deletions(-) diff --git a/divingbell/templates/bin/_apt.sh.tpl b/divingbell/templates/bin/_apt.sh.tpl index 8f700da..c31b6f9 100644 --- a/divingbell/templates/bin/_apt.sh.tpl +++ b/divingbell/templates/bin/_apt.sh.tpl @@ -54,7 +54,7 @@ load_package_list_with_versions $(dpkg -l | awk 'NR>5 {print $2"="$3}') ################################################ #Stage 2 -#Add repositories and install new packages +#Add repositories and install/upgrade packages ################################################ {{- if hasKey .Values.conf "apt" }} @@ -112,6 +112,16 @@ fi REQUESTED_PACKAGES="$REQUESTED_PACKAGES {{ .name }}" {{- end }} {{- end }} + +# Perform package upgrades +{{- if .Values.conf.apt.upgrade }} +DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true apt-get dist-upgrade \ + -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold + +if [[ -f "/var/run/reboot-required" ]]; then + log.INFO 'System reboot REQUIRED.' +fi +{{- end }} {{- end }} ################################################ diff --git a/divingbell/values.yaml b/divingbell/values.yaml index 931fc6b..7da928f 100644 --- a/divingbell/values.yaml +++ b/divingbell/values.yaml @@ -25,6 +25,7 @@ conf: chroot_mnt_path: '/mnt' log_colors: False apt: + upgrade: false blacklistpkgs: - telnetd - inetutils-telnetd diff --git a/doc/source/index.rst b/doc/source/index.rst index d94f36f..33527e4 100644 --- a/doc/source/index.rst +++ b/doc/source/index.rst @@ -101,15 +101,23 @@ Used to manage host level apparmor profiles/rules. Ex.:: apt --- -``apt`` DaemonSet does package management. It is able to install a package of -a specific version (or upgrade an existing one to requested version). Version -is optional, and if not provided, the latest available package is installed. -It can also remove packages that were previously installed by divingbell (it is -done by excluding the packages you want to remove from the configuration). +``apt`` DaemonSet does package management. It is able to install a package of a +specific version, upgrade an existing one to requested version, and perform a +full-system upgrade. Version is optional, and if not provided, the latest +available package is installed. It can also remove packages that were +previously installed by divingbell (it is done by excluding the packages you +want to remove from the configuration). + +.. NOTE:: + + When ``conf.apt.upgrade`` is ``true``, packages are upgraded `after` the + requested packages are installed. + Here is an example configuration for it:: conf: apt: + upgrade: false packages: - name: version: