Client side

Introduction

The client tool is used to calclate the update, download the files, validate them and then set the needed flags for the upgrader to pick them up and apply.

Requirements

• Secure download of the indexes (HTTPS + GPG)

• Support for everything described in the GPG spec (revocation list, multiple keyrings, ...)

• Resolution of the best upgrade path based on different policies (total download size, least number of reboots, ...)
• Download and validation of the files
• Flexible implementation to allow different upgrader setups with minimal changes required
• Support for suspend/resume of downloads

Nice to have

• Bandwidth limiting is a nice to have and might be tricky to implement.

Implementation

The current implementation is a command line tool, however it's expected to be turned into a DBus service that the Touch UI can drive.

Step-by-step example for an update

Whenever called the client does the following:

1. Grab https://server/channels.json and lookup the index for the current channel. If present, also grab the device GPG keyring.

2. Grab https://server/<channel>/<model>/index.json

3. Read the current version number of the device (ubuntu-build file)
4. Look for the most recent version available
5. Resolve an upgrade path to it, minimizing download size and number of reboots
6. Download any file needed up until the next reboot
7. Validate all the files
8. Write them to the cache partition
9. Write the list of updates for the upgrader to use
10. Reboot into the upgrader

Those steps don't include all of the specific GPG validation bits required to ensure the authenticity of all files. Those are detailed in the separate GPG wiki page.

Security (e.g. what to download over https/http) is outlined in the server security section.

Code

• https://code.launchpad.net/~barry/+junk/resolver