interfaces/builtin: rework for avahi interface

[kubiko]

rework for avahi-observe

• removing classic only restriction
• adding slot declaration which can be now implemented by application snaps.
  Adding new avahi-control for control level of capabilities

[zyga]

Hey. Is there any forum discussion on the background of this change?

[kubiko]

@zyga not really, something I hit when snapping various projects. Also avahi snap as it exists now is quite limited compare to what avahi delivers on classic system. So this is just evening behaviour between UC and Classic on observer part of the interface. And control is just to go all the way on avahi interface. @jdstrand suggested to split it into observe and control parts which sounds reasonable.

Additionally avahi is often used when building bridges to Apple ecosystem, so common thing in IOT. homebridge project is good example.

Happy to create forum post though

[zyga]

Some early feedback. Let's iterate on this together.

One of the helpers I mentioned are not merged yet, I'll get them in ASAP.

[zyga]

2017

[zyga]

The summary doesn't really say this is about mDNS and service discovery.

[zyga]

Nice

[zyga]

Can you please ensurePlugIfaceMatch here?

[zyga]

Can you please use ensureSlotIfaceMatch here?

[zyga]

Can you please use snaptest.MockInfo and extract those from the resulting snap.Info instead?

[zyga]

Please use release.MockOnClassic here

[zyga]

Same here

[zyga]

Please use release.MockOnClassic here

[zyga]

And here

[zyga]

Please use release.MockOnClassic here

[zyga]

Just say spec here, it's shorter. If you need multiple split those to individual tests. This will also clean up the problem of mocking the right data and you can move that up to the top of the file / into the suite type.

[zyga]

Please use release.MockOnClassic here

[zyga]

Same as above (use one of the new helpers).

[zyga]

Same as above (use one of the new helpers).

[zyga]

Why is this change necessary?

[zyga]

Please use the right mocking helper here.

[zyga]

Please use the right mocking helper here.

[zyga]

Please use the right mocking helper here.

[zyga]

Please use release.MockOnClassic

[zyga]

Please use release.MockOnClassic

[zyga]

I'll push some cleanups into this PR, please don't close it

[zyga]

I merged master and resolved API breaking conflicts. Let's please iterate on this branch to address remaining points and one @jdstrand is happy, land it.

[zyga]

Actually, I just noticed one more thing to fix. Give me a moment.

[codecov-io]

Codecov Report

Merging #3624 into master will increase coverage by 0.06%.
The diff coverage is 100%.

@@            Coverage Diff             @@
##           master    #3624      +/-   ##
==========================================
+ Coverage   75.16%   75.22%   +0.06%     
==========================================
  Files         388      389       +1     
  Lines       33655    33725      +70     
==========================================
+ Hits        25297    25371      +74     
+ Misses       6539     6536       -3     
+ Partials     1819     1818       -1

Impacted Files	Coverage Δ
interfaces/builtin/avahi_observe.go	100% <100%> (ø)	⬆️
interfaces/builtin/avahi_control.go	100% <100%> (ø)
interfaces/sorting.go	98.71% <0%> (-1.29%)	⬇️
release/release.go	89.18% <0%> (-0.15%)	⬇️
overlord/ifacestate/helpers.go	62.33% <0%> (ø)	⬆️
cmd/cmd.go	83.87% <0%> (ø)	⬆️
snap/snapenv/snapenv.go	97.1% <0%> (+0.22%)	⬆️
interfaces/builtin/common.go	65.57% <0%> (+3.27%)	⬆️
interfaces/builtin/broadcom_asic_control.go	100% <0%> (+8.82%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 653f17c...5b096df. Read the comment docs.

[zyga]

I think this is ready for review. @jdstrand please note that the two interfaces, avahi-{observe,control} share some snippets. I would perhaps rather have them explicitly shared (e.g. using a common 3rd snipped) or just copy-paste the relevant parts to the primary snippets. Please advise on how you'd like to see this.

@kubiko I updated the PR and re-worked tests (have a look). I cut tests that were just checking the slot/plug app pattern generator and instead focused on testing where and what kind of snippets do we generate. I also tweaked how tests are prepared, how variables and snap apps are named, all for readability and (hopefully) some more consistency with other interfaces. This is constantly evolving but I'm trying my best to cut the amount of useless code and signal/noise ratio.

[kubiko]

check two comments I have, I'm not sure about those two changes

[kubiko]

are you sure about this? Idea here is that control also includes observe part.
avahiControlConnectedPlugAppArmor + avahiControlConnectedPlugAppArmor seems odd to me

[zyga]

Well, this is avahi_control and otherwise the control snippet was just unused. Perhaps the rules need tweaking but this was a clear mistake IMO.

[kubiko]

same here

[zyga]

Same as above.

[jdstrand]

This looks really good, thanks! :)

Just a few small things and I think it will be ready to merge.

[jdstrand]

It would be nice to have a comment here. Eg:

# Description: allows configuration of service discovery via mDNS/DNS-SD

[kubiko]

Done

[jdstrand]

I think it is fine to re-use this variable, but can you make a comment here. I suggest:

# avahi-control implies avahi-observe, so add snippets for both here

[kubiko]

Done

[jdstrand]

Same here:

# avahi-control implies avahi-observe, so add snippets for both here

[kubiko]

Done

[jdstrand]

Let's update the summary to be in line with the control summary. I suggest:

const avahiObserveSummary = `allows discovery on a local network via the mDNS/DNS-SD protocol suite`

[kubiko]

Done

[jdstrand]

The base declaration looks good for both control and observe.

[jdstrand]

Also, since avahiObserveConnectedSlotAppArmor is used in avahi-control, let's mention that above avahiObserveConnectedSlotAppArmor:

# Note: avahiObserveConnectedSlotAppArmor is also used by avahi-control in AppArmorConnectedSlot

[kubiko]

Done

[jdstrand]

And here:

# Note: avahiObservePermanentSlotDBus is used by avahi-control in DBusPermanentSlot

[kubiko]

Done

[jdstrand]

I realize you (essentially) copied upstream's bus policy, but I wonder how applicable the 'netdev' policy is here on Ubuntu Core. I suggest either removing it or commenting it out with a comment as to why.

[kubiko]

Good find, indeed makes no sense here.
I removed the policy and added comment about it there.

[jdstrand]

Can you adjust this comment:

# Description: allows domain browsing, service browsing and service resolving

to be:

# Description: allows domain, record, service, and service type browsing
# as well as address, host and service resolving

[kubiko]

Done

[jdstrand]

Same here for avahiObserveConnectedPlugAppArmor:

# Note: avahiObserveConnectedPlugAppArmor is also used by avahi-control in AppArmorConnectedPlug

[kubiko]

Done

[jdstrand]

Can you comment on the addition of Resolve* and IsNSSSupportAvailable? It seems like Resolve* should be listed below....

[kubiko]

when I was testing it with third party apps, some are using instead of {Host/Address/Domain}Resolver direct resolve functions (ResolveHostName, ResolveAddress, ResolveService, ….). Then I was split to either use separate rules and add it under each respective resolving section, or to add it to existing Get* rule all at once. Similar for IsNSSSupportAvailable which did not fit anywhere. I did not have strong opinion here, smaller amounts of rules won eventually.
But happy to split them and add each to respective sections, if that improves readability.

[jdstrand]

I think it is fine to leave them combined, but perhaps add this comment:

# Allow accessing DBus properties and resolving

[jdstrand]

Can you add a comment above this rule:

# Allow receiving anything from the slot server

[kubiko]

Done

[jdstrand]

It might be nice to verify a specific rule from avahi-observe and from avahi-control for AddConnectedPlug and AddConnectedSlot since avahi-control pulls in both.

[kubiko]

Tests are now improved for both observe and control to check if observe does not include control and if control includes observe

[kubiko]

@jdstrand I now pushed changes in, let me know if you want me to split
member={Get*,Resolve*,IsNSSSupportAvailable}
and include each rule in respective sections. Rational behind is explained in comment above, again I have no strong opinion either way, so whatever fits better with other interfaces implementation :)
Rest of the comments should be addressed in commit

[zyga]

@kubiko I suggest that you install some plugin for your editor to go fmt the code on each save.

Formatting wrong in following files:
/tmp/static-unit-tests/src/github.com/snapcore/snapd/interfaces/builtin/avahi_control_test.go
/tmp/static-unit-tests/src/github.com/snapcore/snapd/interfaces/builtin/avahi_observe.go
/tmp/static-unit-tests/src/github.com/snapcore/snapd/interfaces/builtin/avahi_observe_test.go
/tmp/static-unit-tests/src/github.com/snapcore/snapd/interfaces/builtin/avahi_control_test.go
/tmp/static-unit-tests/src/github.com/snapcore/snapd/interfaces/builtin/avahi_observe.go
/tmp/static-unit-tests/src/github.com/snapcore/snapd/interfaces/builtin/avahi_observe_test.go

[kubiko]

formating now fixed as well

[jdstrand]

Thanks for all the updates! Approving, though please consider adding a comment for the 'Get*/Resolve*' as mentioned earlier today.

[kubiko]

@jdstrand thanks you
I now added comment you mentioned.

[niemeyer]

Great collaboration in this PR. Thanks to all involved.