snapstate: add support for refresh.schedule=managed

[mvo5]

This PR allows setting refresh.schedule: managed if we have a connected plug on the system for the snapd-control interface with the refresh-schedule: managed property.

This is got get a first review, the PR needs some more work, i.e. it needs to contact the store for refreshes (even if we not act on them) so that local warnings can be issued in the future.

[pedronis]

some initial comments

[pedronis]

afaict seems we haven't used this kind of embedding pattern so far, wondering if there's a preference, I suppose it's a question for @zyga

[zyga]

I noticed this and I was thinking about it myself. While we haven't done this before I don't think it is a bad practice myself (unless there's something golang-y that I'm not familiar with). Doing it would allow us to simplify a few interfaces that just need to override one method and are happy with the semantics of common interface for others.

[bboozzoo]

FWIW it's used in #4185 too

[pedronis]

I wouldn't accept refresh-schedule to be set to an empty "" string, it seems strange (easier to leave it just out) and it's not a pattern that our plug/slot rule language supports well

[pedronis]

are we sure we can ignore errors here? anyway I think the one place using this could survive this returning an error, it's not used all over the place

[pedronis]

yes, it's a stronger check that makes sense here

[pedronis]

we could use the fakestore here instead (it could help also with setting up assertions), it's a bit of work though

[mvo5]

We also need to revert the emergency weekly refresh timer

[pedronis]

I think everything from here and below belongs to an ifacestate helper that gets hooked into snapstate

[mvo5]

Thanks, I pushed a variant of your suggestion. It seems like a device property if the refreshes are managed or not so I moved it into devicestate and hook from there. But happy to go with your original suggestion if you feel strongly about it. I also moved to us snapdeclaration and started the store hints (in a separate branch in https://github.com/snapcore/snapd/compare/master...mvo5:refresh-candidates-managed?expand=1.

[pedronis]

no, that seems reasonable as well (devicestate)

[zyga]

Some comments for your consideration.

[zyga]

Why do you add an empty sanitize helper if those are optional?

[mvo5]

It is here to make things future proof, but your question is valid and YAGNI etc - so I think its fine to remove it as long as we remember that if we add SanitizePlug to commonInterface we need to look over the existing commonInterface embedders.

[zyga]

Aha, for future-proofing, I assume. In such case can you comment in the common code so that things are clear. Alternatively just don't do this :)

[mvo5]

I removed it. I'm a strong believer in YAGNI.

[zyga]

You can merge this with the next line.

[zyga]

Curious if this should exclude ability to manually manage a system. What do you think?

[mvo5]

Interessting idea. But also a wider scope than this PR :)

[zyga]

This comment is a bit weird. Are we using MockSnap or MockReadInfo?

[mvo5]

I updated the comment now, there are a bunch of places this is copyied^Wcargo-culted^Wused, if we are happy with the update text I can fix it in all places (probably in a separate PR).

[codecov-io]

Codecov Report

Merging #4161 into master will increase coverage by 0.03%.
The diff coverage is 54.66%.

@@            Coverage Diff             @@
##           master    #4161      +/-   ##
==========================================
+ Coverage   76.17%   76.21%   +0.03%     
==========================================
  Files         443      445       +2     
  Lines       38591    38837     +246     
==========================================
+ Hits        29398    29600     +202     
- Misses       7174     7214      +40     
- Partials     2019     2023       +4

Impacted Files	Coverage Δ
overlord/ifacestate/ifacemgr.go	93.75% <ø> (-0.13%)	⬇️
corecfg/refresh.go	36.84% <0%> (-33.16%)	⬇️
daemon/api.go	72.02% <0%> (-0.08%)	⬇️
interfaces/builtin/snapd_control.go	100% <100%> (ø)	⬆️
overlord/snapstate/refreshhints.go	73.33% <100%> (+0.6%)	⬆️
cmd/snap/cmd_can_manage_refreshes.go	44.44% <44.44%> (ø)
overlord/snapstate/autorefresh.go	77.27% <64.7%> (-1.72%)	⬇️
overlord/devicestate/devicestate.go	73.96% <72%> (-0.35%)	⬇️
overlord/hookstate/ctlcmd/set.go	81.7% <0%> (-1.35%)	⬇️
store/store.go	80.13% <0%> (-0.08%)	⬇️
... and 17 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 00f25d7...fe8bc54. Read the comment docs.

[pedronis]

that should be --time, not --list, no?

[mvo5]

Yes and it shows this needs some sort of test :/

[pedronis]

looking good, a few comments more though, mostly about tests

[pedronis]

seems this def should be directly before or after CanSetRefreshScheduleManaged

[pedronis]

does CanSetRefreshScheduleManaged merit its separate unit tests now?

[pedronis]

would probably be good to check some of the false cases too or maybe those would go with the CanSetRefreshScheduleManaged tests

[pedronis]

should we return the error from this? I would still think yes

[mvo5]

I think this shows that the code here is a bit problematic and need a slight refactor. I'm not sure yet about the "how" but the pattern above smells funny and the fact that there is a comment to explain the intend does not make it better. I will try to come up with something better.

[pedronis]

I think the last bit is problematic

[pedronis]

two comments,

1. as far as I understand we always want to do this (because the schedule can be slower than once a day even in other cases)
2. this is a strange place to do this anyway in terms of sane error reporting among other things (for example that we call this from the accessor)

[mvo5]

Thanks, I misunderstood and was not aware of (1). Fixed now. And agreed to (2), I moved it but want to look at this a bit harder to see if the existing code can be written in a slightly cleaner way (its a bit entangled right now).

[bboozzoo]

some go vet failures;

overlord/devicestate/devicestate_test.go:1988: interfaces.PlugRef composite literal uses unkeyed fields
overlord/devicestate/devicestate_test.go:1989: interfaces.SlotRef composite literal uses unkeyed fields

linode:ubuntu-core-16-64:tests/main/interfaces-snapd-control-with-manage:

+ snap set core refresh.schedule=managed
error: cannot perform the following tasks:
- Run configuration of "core" snap (cannot set schedule to managed)
+ jq '.data["last-refresh-hints"]'
/bin/bash: line 84: jq: command not found
+ cat /var/lib/snapd/state.json

[pedronis]

+1, small wondering

[pedronis]

no strong opinion either way, but this could be moved to snapstate in the new autorefresh.go file and keep only CanSetRefreshScheduleManaged as the hook?

[mvo5]

I like your suggestion, I think:

        snapstate.CanAutoRefresh = canAutoRefresh
-       snapstate.RefreshScheduleManaged = refreshScheduleManaged
+       snapstate.CanSetRefreshScheduleManaged = CanSetRefreshScheduleManaged

alone is worth it, nice and symmetrical.

[niemeyer]

A few details, and LGTM once you address them to your own satisfaction. Thanks for implementing this.

[niemeyer]

can-manage-refreshes?

[niemeyer]

Let's please not change this right now as it's an unrelated change that will move a lot of code around, and thus make this unrelated PR more confusing, but it feels like this package is misplaced at the top level. This is quite dependent on the whole infrastructure of the overlord being live, and also strongly tied to two pieces of it: the hook manager and the config manager. Something like "configstate/configcore" might be a more appropriate place for it (homage to the io/ioutil and path/filepath naming style).

[mvo5]

Indeed, that makes sense. I will work on this in a followup PR.

[niemeyer]

Is this really plugConnected/plugName or more like interfaceConnected/ifaceName?

[niemeyer]

CanManageRefreshes?

[niemeyer]

The resilience here is appreciated, thanks!