From 616d7c4661c72da765cee46cd5af1d35305c013f Mon Sep 17 00:00:00 2001 From: mickael e Date: Wed, 1 Apr 2020 09:20:44 -0400 Subject: [PATCH] Ensure TemplateVMs are shut down prior to rebooting Should they call `sd-log` during shutdown sequence or otherwise, they may interfere with the reboot order and introduce failures. --- launcher/sdw_updater_gui/Updater.py | 12 +++++++++-- launcher/tests/test_updater.py | 32 +++++++++++++++++++++++------ 2 files changed, 36 insertions(+), 8 deletions(-) diff --git a/launcher/sdw_updater_gui/Updater.py b/launcher/sdw_updater_gui/Updater.py index b2a201ec..b06d5ee7 100644 --- a/launcher/sdw_updater_gui/Updater.py +++ b/launcher/sdw_updater_gui/Updater.py @@ -407,13 +407,21 @@ def shutdown_and_start_vms(): """ sdw_vms_in_order = [ - "sys-whonix", + "sd-app", "sd-proxy", + "sys-whonix", "sd-whonix", - "sd-app", "sd-gpg", "sd-log", ] + + # All TemplateVMs minus dom0 + sdw_templates = [val for key, val in current_templates.items() if key != "dom0"] + + sdlog.info("Ensure TemplateVMs are shut down") + for vm in sdw_templates: + _safely_shutdown_vm(vm) + sdlog.info("Shutting down SDW VMs for updates") for vm in sdw_vms_in_order: _safely_shutdown_vm(vm) diff --git a/launcher/tests/test_updater.py b/launcher/tests/test_updater.py index 12165d2c..7e0ce014 100644 --- a/launcher/tests/test_updater.py +++ b/launcher/tests/test_updater.py @@ -653,17 +653,27 @@ def test_shutdown_and_start_vms( call("sys-net"), call("sys-firewall"), ] + template_vm_calls = [ + call("fedora-30"), + call("sd-viewer-buster-template"), + call("sd-app-buster-template"), + call("sd-log-buster-template"), + call("sd-devices-buster-template"), + call("sd-proxy-buster-template"), + call("whonix-gw-15"), + call("securedrop-workstation-buster"), + ] app_vm_calls = [ - call("sys-whonix"), + call("sd-app"), call("sd-proxy"), + call("sys-whonix"), call("sd-whonix"), - call("sd-app"), call("sd-gpg"), call("sd-log"), ] updater.shutdown_and_start_vms() mocked_call.assert_has_calls(sys_vm_kill_calls) - mocked_shutdown.assert_has_calls(app_vm_calls) + mocked_shutdown.assert_has_calls(template_vm_calls + app_vm_calls) app_vm_calls_reversed = list(reversed(app_vm_calls)) mocked_start.assert_has_calls(sys_vm_start_calls + app_vm_calls_reversed) assert not mocked_error.called @@ -690,13 +700,23 @@ def test_shutdown_and_start_vms_sysvm_fail( call("sys-firewall"), ] app_vm_calls = [ - call("sys-whonix"), + call("sd-app"), call("sd-proxy"), + call("sys-whonix"), call("sd-whonix"), - call("sd-app"), call("sd-gpg"), call("sd-log"), ] + template_vm_calls = [ + call("fedora-30"), + call("sd-viewer-buster-template"), + call("sd-app-buster-template"), + call("sd-log-buster-template"), + call("sd-devices-buster-template"), + call("sd-proxy-buster-template"), + call("whonix-gw-15"), + call("securedrop-workstation-buster"), + ] error_calls = [ call("Error while killing sys-firewall"), call("Command 'check_call' returned non-zero exit status 1."), @@ -707,7 +727,7 @@ def test_shutdown_and_start_vms_sysvm_fail( ] updater.shutdown_and_start_vms() mocked_call.assert_has_calls(sys_vm_kill_calls) - mocked_shutdown.assert_has_calls(app_vm_calls) + mocked_shutdown.assert_has_calls(template_vm_calls + app_vm_calls) app_vm_calls_reversed = list(reversed(app_vm_calls)) mocked_start.assert_has_calls(sys_vm_start_calls + app_vm_calls_reversed) mocked_error.assert_has_calls(error_calls)