banger

Author SHA1 Message Date

Author	SHA1	Message	Date
Thales Maciel	92ca1aa96f	cli: add `banger update` command Wires updater + the existing system-install helpers into a single operator-facing flow: 1. FetchManifest, resolve target release (default: latest_stable; override with --to vX.Y.Z). 2. --check exits with a one-line "up to date" / "update available". Same as `banger update --check` style for tools polling on a timer. 3. requireRoot beyond this point — we're about to write /usr/local/bin and talk to systemctl. 4. daemon.operations.list → refuse if any operation isn't Done. --force overrides; per the v0.1.0 plan there's no drain wait. 5. PrepareCleanStaging + DownloadRelease + StageTarball into /var/cache/banger/updates/. 6. Sanity-run the staged binaries: `banger --version` must mention the expected version; `bangerd --check-migrations --system` must exit 0 (compatible) or 1 (will auto-migrate). Exit 2 (incompatible) aborts before the swap. 7. --dry-run stops here with a one-line plan, leaves staging. 8. Swap (vsock → bangerd → banger) → restart bangerd-root then bangerd → waitForDaemonReady on the system socket. 9. Run `banger doctor` against the JUST-INSTALLED CLI binary (not d.doctor in-process — we want to exercise the new binary end-to-end). FAIL triggers auto-rollback: restore .previous backups, restart services, surface the original failure with "(rolled back to previous install)". 10. UpdateBuildInfo on /etc/banger/install.toml. CleanupBackups. Wipe staging dir. rollbackAndWrap / rollbackAndRestart split: the former is for failures BEFORE the systemctl restart (old binaries are still on disk under .previous; the OLD daemon is still running because the restart never happened). The latter is for failures AFTER, where rollback ALSO needs another systemctl restart so the OLD versions take over again. If even rollback's restart fails, we surface everything we know — the install is broken and the operator gets the breadcrumbs to fix it manually. Existing TestNewBangerCommandHasExpectedSubcommands updated to include "update" in the expected ordering. Live exercise against the empty bucket today errors as expected: $ banger update --check banger: discover: fetch manifest: HTTP 404 Not Found # exit 1 once the user publishes the first manifest the same command will report "up to date" or "update available". Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-29 12:35:04 -03:00

92ca1aa96f

cli: add banger update command

Wires updater + the existing system-install helpers into a single
operator-facing flow:

  1. FetchManifest, resolve target release (default: latest_stable;
     override with --to vX.Y.Z).
  2. --check exits with a one-line "up to date" / "update available".
     Same as `banger update --check` style for tools polling on a
     timer.
  3. requireRoot beyond this point — we're about to write
     /usr/local/bin and talk to systemctl.
  4. daemon.operations.list → refuse if any operation isn't Done.
     --force overrides; per the v0.1.0 plan there's no drain wait.
  5. PrepareCleanStaging + DownloadRelease + StageTarball into
     /var/cache/banger/updates/.
  6. Sanity-run the staged binaries: `banger --version` must mention
     the expected version; `bangerd --check-migrations --system`
     must exit 0 (compatible) or 1 (will auto-migrate). Exit 2
     (incompatible) aborts before the swap.
  7. --dry-run stops here with a one-line plan, leaves staging.
  8. Swap (vsock → bangerd → banger) → restart bangerd-root then
     bangerd → waitForDaemonReady on the system socket.
  9. Run `banger doctor` against the JUST-INSTALLED CLI binary
     (not d.doctor in-process — we want to exercise the new binary
     end-to-end). FAIL triggers auto-rollback: restore .previous
     backups, restart services, surface the original failure with
     "(rolled back to previous install)".
  10. UpdateBuildInfo on /etc/banger/install.toml. CleanupBackups.
     Wipe staging dir.

rollbackAndWrap / rollbackAndRestart split: the former is for
failures BEFORE the systemctl restart (old binaries are still on
disk under .previous; the OLD daemon is still running because the
restart never happened). The latter is for failures AFTER, where
rollback ALSO needs another systemctl restart so the OLD versions
take over again. If even rollback's restart fails, we surface
everything we know — the install is broken and the operator gets
the breadcrumbs to fix it manually.

Existing TestNewBangerCommandHasExpectedSubcommands updated to
include "update" in the expected ordering.

Live exercise against the empty bucket today errors as expected:
$ banger update --check
banger: discover: fetch manifest: HTTP 404 Not Found  # exit 1
once the user publishes the first manifest the same command will
report "up to date" or "update available".

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-29 12:35:04 -03:00

1 commit