update/
commit.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
// Copyright 2020 The Fuchsia Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

use anyhow::{Context, Error};
use fidl_fuchsia_update::{CommitStatusProviderMarker, CommitStatusProviderProxy};
use fuchsia_async as fasync;
use fuchsia_component::client::connect_to_protocol;
use futures::future::FusedFuture;
use futures::prelude::*;
use std::pin::pin;
use std::time::Duration;

const WARNING_DURATION: Duration = Duration::from_secs(30);

/// Connects to the FIDL service, waits for the commit, and prints updates to stdout.
pub async fn handle_wait_for_commit() -> Result<(), Error> {
    let proxy = connect_to_protocol::<CommitStatusProviderMarker>()
        .context("while connecting to fuchsia.update/CommitStatusProvider")?;
    handle_wait_for_commit_impl(&proxy, Printer).await
}

/// The set of events associated with the `wait-for-commit` path.
#[derive(Debug, PartialEq)]
enum CommitEvent {
    Begin,
    Warning,
    End,
}

/// An observer of `update wait-for-commit`.
trait CommitObserver {
    fn on_event(&self, event: CommitEvent);
}

/// A `CommitObserver` that forwards the events to stdout.
struct Printer;
impl CommitObserver for Printer {
    fn on_event(&self, event: CommitEvent) {
        let text = match event {
            CommitEvent::Begin => "Waiting for commit.",
            CommitEvent::Warning => {
                "It's been 30 seconds. Something is probably wrong. Consider \
                running `update revert` to fall back to the previous slot."
            }
            CommitEvent::End => "Committed!",
        };
        println!("{text}");
    }
}

/// Waits for the system to commit (e.g. when the EventPair observes a signal).
async fn wait_for_commit(proxy: &CommitStatusProviderProxy) -> Result<(), Error> {
    let p = proxy.is_current_system_committed().await.context("while obtaining EventPair")?;
    fasync::OnSignals::new(&p, zx::Signals::USER_0)
        .await
        .context("while waiting for the commit")?;
    Ok(())
}

/// Waits for the commit and sends updates to the observer. This is abstracted from the regular
/// `handle_wait_for_commit` fn so we can test events without having to wait the `WARNING_DURATION`.
/// The [testability rubric](https://fuchsia.dev/fuchsia-src/concepts/testing/testability_rubric)
/// exempts logs from testing, but in this case we test them anyway because of the additional layer
/// of complexity that the warning timeout introduces.
async fn handle_wait_for_commit_impl(
    proxy: &CommitStatusProviderProxy,
    observer: impl CommitObserver,
) -> Result<(), Error> {
    let () = observer.on_event(CommitEvent::Begin);

    let commit_fut = wait_for_commit(proxy).fuse();
    futures::pin_mut!(commit_fut);
    let mut timer_fut = pin!(fasync::Timer::new(WARNING_DURATION).fuse());

    // Send a warning after the WARNING_DURATION.
    let () = futures::select! {
        commit_res = commit_fut => commit_res?,
        _ = timer_fut => observer.on_event(CommitEvent::Warning),
    };

    // If we timed out on WARNING_DURATION, try again.
    if !commit_fut.is_terminated() {
        let () = commit_fut.await.context("while calling wait_for_commit second")?;
    }

    let () = observer.on_event(CommitEvent::End);
    Ok(())
}

#[cfg(test)]
mod tests {
    use super::*;
    use fidl_fuchsia_update::CommitStatusProviderRequest;
    use fuchsia_sync::Mutex;
    use futures::pin_mut;
    use futures::task::Poll;
    use zx::{EventPair, HandleBased, Peered};

    struct TestObserver {
        events: Mutex<Vec<CommitEvent>>,
    }
    impl TestObserver {
        fn new() -> Self {
            Self { events: Mutex::new(vec![]) }
        }
        fn assert_events(&self, expected_events: &[CommitEvent]) {
            assert_eq!(self.events.lock().as_slice(), expected_events);
        }
    }
    impl CommitObserver for &TestObserver {
        fn on_event(&self, event: CommitEvent) {
            self.events.lock().push(event);
        }
    }

    #[test]
    fn test_wait_for_commit() {
        let mut executor = fasync::TestExecutor::new_with_fake_time();

        let (proxy, mut stream) =
            fidl::endpoints::create_proxy_and_stream::<CommitStatusProviderMarker>();
        let (p, p_stream) = EventPair::create();
        fasync::Task::spawn(async move {
            while let Some(req) = stream.try_next().await.unwrap() {
                let CommitStatusProviderRequest::IsCurrentSystemCommitted { responder } = req;
                let pair = p_stream.duplicate_handle(zx::Rights::BASIC).unwrap();
                let () = responder.send(pair).unwrap();
            }
        })
        .detach();

        let observer = TestObserver::new();

        let fut = handle_wait_for_commit_impl(&proxy, &observer);
        pin_mut!(fut);

        // Begin the `wait_for_commit`.
        match executor.run_until_stalled(&mut fut) {
            Poll::Ready(res) => panic!("future unexpectedly completed with: {res:?}"),
            Poll::Pending => (),
        };
        observer.assert_events(&[CommitEvent::Begin]);

        // We should observe no new events when both the system is not committed and we are within
        // the warning duration.
        executor.set_fake_time(fasync::MonotonicInstant::after(
            (WARNING_DURATION - Duration::from_secs(1)).into(),
        ));
        assert!(!executor.wake_expired_timers());
        match executor.run_until_stalled(&mut fut) {
            Poll::Ready(res) => panic!("future unexpectedly completed with: {res:?}"),
            Poll::Pending => (),
        };
        observer.assert_events(&[CommitEvent::Begin]);

        // Once we hit the warning duration, we should get a warning event.
        executor
            .set_fake_time(fasync::MonotonicInstant::after(zx::MonotonicDuration::from_seconds(1)));
        assert!(executor.wake_expired_timers());
        match executor.run_until_stalled(&mut fut) {
            Poll::Ready(res) => panic!("future unexpectedly completed with: {res:?}"),
            Poll::Pending => (),
        };
        observer.assert_events(&[CommitEvent::Begin, CommitEvent::Warning]);

        // Once we get the commit signal, the future should complete.
        let () = p.signal_peer(zx::Signals::NONE, zx::Signals::USER_0).unwrap();
        match executor.run_until_stalled(&mut fut) {
            Poll::Ready(res) => res.unwrap(),
            Poll::Pending => panic!("future unexpectedly pending"),
        };
        observer.assert_events(&[CommitEvent::Begin, CommitEvent::Warning, CommitEvent::End]);
    }
}