AppStreams promise type enhancements#136
Merged
nickanderson merged 6 commits intocfengine:masterfrom Apr 22, 2026
Merged
Conversation
nickanderson
force-pushed
the
appstreams-enhancements-v2
branch
4 times, most recently
from
f73f03d to
8d34c03
Compare
nickanderson
force-pushed
the
appstreams-enhancements-v2
branch
2 times, most recently
from
03bec2e to
a6c0ca7
Compare
larsewi
approved these changes
Apr 22, 2026
| self.log_error(f" Package {pkg} failed: {error}") | ||
|
|
||
| def _install_module(self, mpc, base, module_name, stream, profile): | ||
| def _apply_dnf_options(self, base, options): |
Contributor
There was a problem hiding this comment.
This function seems to apply DNF configuration options at best effort. I.e., if it fails, it just logs a warning and continues. Is this the intention? If so, maybe you should rename the function to _try_apply_dnf_options?
Member
Author
There was a problem hiding this comment.
Yeah good point i was still thinking about this and maybe would be best to fail here.
| self.log_error( | ||
| f"Failed to verify module switch for {module_name}:{stream}/{profile}" | ||
| ) | ||
| return Result.NOT_KEPT |
Contributor
There was a problem hiding this comment.
Maybe you can flatten this code to avoid too many nested if's. If you turn the conditions on their head you could get something like:
enabled_stream = mpc.getEnabledStream(module_name)
if enabled_stream != stream:
# Log error saying enabled stream was not equal to stream
return Result.NOT_KEPT
installed_profiles = mpc.getInstalledProfiles(module_name)
if profile not in installed_profiles:
# Log error saying profile not in installed_profiles
return Result.NOT_KEPT
# etc... and then eventually return REPAIREDIt's a little bit more readable in my opinion. But it's only an opinion. There is nothing wrong with the way you did it.
Member
Author
Yeah things were messy and eventually I gave up trying to have a logical commit order but I will give it another go to try and make it easier to follow. |
nickanderson
force-pushed
the
appstreams-enhancements-v2
branch
2 times, most recently
from
34ad32e to
aab1de7
Compare
Add an 'options' attribute that accepts a list of DNF configuration
options as "key=value" strings. Options are applied generically using
DNF's set_or_append_opt_value() API, enabling any DNF configuration
option without hardcoding specific cases.
Example usage:
appstreams:
"php"
state => "installed",
stream => "8.2",
options => { "install_weak_deps=false" };
The _try_apply_dnf_options() method applies options at best effort,
logging warnings for failures but continuing execution. This prevents
invalid options from blocking module operations.
Replace manual mpc.enable/install/save sequence with DNF's ModuleBase API (module_base.install()). This provides proper module context and ensures module-specific package versions are installed correctly.
Detect when a module is already installed with a different stream and
automatically switch to the requested stream using DNF's ModuleBase
switch_to() API. This enables both upgrades (e.g., php:8.1 → 8.2) and
downgrades (e.g., php:8.2 → 8.1) without manual intervention.
Stream switching is triggered when:
1. state => "installed" is requested
2. A module is already enabled with a different stream
3. The requested stream differs from the currently enabled stream
The _switch_module() method:
- Uses ModuleBase.switch_to() for proper DNF module transitions
- Downloads packages explicitly to avoid stale cache issues
- Verifies both stream and profile installation after switching
- Provides detailed error messages for each failure case
Example usage:
appstreams:
"php"
state => "installed",
stream => "8.2"; # Will switch from 8.1 if already installed
Mock dnf.module.module_base to support testing the ModuleBase API refactoring. Without this mock, the import sets dnf.module=None and tests fail when trying to access module_base.ModuleBase().
nickanderson
force-pushed
the
appstreams-enhancements-v2
branch
from
aab1de7 to
72c56c5
Compare
Invalid DNF options are configuration errors and should fail the promise as NOT_KEPT rather than logging warnings and continuing. Changes: - Renamed _try_apply_dnf_options -> _apply_dnf_options - Removed try/except wrapper inside _apply_dnf_options - Added try/except in callers to catch ConfigError and return NOT_KEPT - Added test_invalid_dnf_option_not_kept to verify behavior This aligns with strict configuration validation - if a user specifies an invalid option, it's a policy error that should be fixed.
nickanderson
force-pushed
the
appstreams-enhancements-v2
branch
from
72c56c5 to
b3364f5
Compare
|
Alright, I triggered a build: Jenkins: https://ci.cfengine.com/job/pr-pipeline/13581/ Packages: http://buildcache.cfengine.com/packages/testing-pr/jenkins-pr-pipeline-13581/ |
nickanderson
force-pushed
the
appstreams-enhancements-v2
branch
from
600330b to
10bcd44
Compare
Document the new features added in this PR: - Stream switching (automatic upgrades/downgrades) - Generic DNF options support - Audit trail attributes (handle, comment) Add usage examples for stream switching and DNF options.
nickanderson
force-pushed
the
appstreams-enhancements-v2
branch
from
10bcd44 to
fef723c
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Generic DNF Options Support
Previously the appstreams promise type had no way to pass DNF configuration options. Users could not control behavior like weak dependency installation.
After adding support for
optionsthe module now accepts any DNF configuration option.Changes now log to dnf history. sys.argv is faked so that
dnf historywill output useful information in the prominent "Command Line" field.It's now possibly to easily switch streams. Previously, if a module was already enabled at one stream and you requested a different stream, the promise would report KEPT without making changes or would fail.
Promise would report KEPT because it detected the module was "installed", but didn't check if the stream matched. Now there is automatic detection and handling of stream changes (both upgrades and downgrades).
Same policy, same starting state:
DNF History shows:
And downgrades:
Result:
Fixed Package Versions installed by stream.
Previously packages might be installed from the wrong stream or default stream instead of the requested module stream.
Policy:
Result (with old mpc.enable/install API):
dnf history showed what we desired and what actually happened:
Now it uses the ModuleBase api and resolves versions from the module stream correctly:
Same policy:
Result:
DNF history:
optionsattribute