keys: improve refresh behaviour

refresh mirror key(s) before looking for a valid one to use for offline key
refreshing, and disentagle these two parts of "refreshing keys".

also, refreshing is no longer async since dropping hyper, so drop the
async/await-s accordingly.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>

diff --git a/src/bin/proxmox_offline_mirror_cmds/subscription.rs b/src/bin/proxmox_offline_mirror_cmds/subscription.rs
index 027f1bf79723310777d2fbf39a5e9c3c24094534..94ed53f59d6f14fecf67f54784690db0af47f472 100644 (file)
--- a/src/bin/proxmox_offline_mirror_cmds/subscription.rs
+++ b/src/bin/proxmox_offline_mirror_cmds/subscription.rs
@@ -6,7 +6,7 @@ use std::convert::TryFrom;
 
 use proxmox_offline_mirror::{
     config::{SubscriptionKey, SubscriptionKeyUpdater},
-    subscription::{extract_mirror_key, refresh},
+    subscription::{extract_mirror_key, refresh_mirror_key, refresh_offline_keys},
     types::{ProductType, PROXMOX_SUBSCRIPTION_KEY_SCHEMA},
 };
 use proxmox_subscription::{files::DEFAULT_SIGNING_KEY, SubscriptionStatus};
@@ -235,21 +235,18 @@ async fn add_mirror_key(config: Option<String>, key: String, _param: Value) -> R
         );
     }
 
-    let mut refreshed =
-        proxmox_offline_mirror::subscription::refresh(data.clone(), vec![], public_key()?).await?;
+    let info = proxmox_offline_mirror::subscription::refresh_mirror_key(data.clone())?;
 
-    if let Some(info) = refreshed.pop() {
-        eprintln!(
-            "Refreshed subscription info - status: {}, message: {}",
-            info.status,
-            info.message.as_ref().unwrap_or(&"-".to_string())
-        );
+    eprintln!(
+        "Refreshed subscription info - status: {}, message: {}",
+        info.status,
+        info.message.as_ref().unwrap_or(&"-".to_string())
+    );
 
-        if info.key.as_ref() == Some(&data.key) {
-            data.info = Some(base64::encode(serde_json::to_vec(&info)?));
-        } else {
-            bail!("Server returned subscription info for wrong key.");
-        }
+    if info.key.as_ref() == Some(&data.key) {
+        data.info = Some(base64::encode(serde_json::to_vec(&info)?));
+    } else {
+        bail!("Server returned subscription info for wrong key.");
     }
 
     section_config.set_data(&data.key, "subscription", &data)?;
@@ -310,13 +307,13 @@ async fn add_key(
     if refresh {
         let mirror_key =
             extract_mirror_key(&section_config.convert_to_typed_array("subscription")?)?;
+        refresh_mirror_key(mirror_key.clone())?;
 
-        let mut refreshed = proxmox_offline_mirror::subscription::refresh(
+        let mut refreshed = proxmox_offline_mirror::subscription::refresh_offline_keys(
             mirror_key,
             vec![data.clone()],
             public_key()?,
-        )
-        .await?;
+        )?;
 
         if let Some(info) = refreshed.pop() {
             if info.key.as_ref() == Some(&data.key) {
@@ -440,16 +437,39 @@ pub async fn refresh_keys(config: Option<String>, key: Option<String>) -> Result
 
     let (mut config, _digest) = proxmox_offline_mirror::config::config(&config_file)?;
 
-    let keys: Vec<SubscriptionKey> = config.convert_to_typed_array("subscription")?;
+    let mut keys: Vec<SubscriptionKey> = config.convert_to_typed_array("subscription")?;
+    for key in &mut keys {
+        if key.product() == ProductType::Pom {
+            match refresh_mirror_key(key.clone()) {
+                Ok(info) => {
+                    eprintln!(
+                        "Refreshed mirror key info - key: {}, status: {}, message: {}",
+                        key.key,
+                        info.status,
+                        info.message.as_ref().unwrap_or(&"-".to_string())
+                    );
+                    key.info = Some(base64::encode(serde_json::to_vec(&info)?));
+                    config.set_data(&key.key.clone(), "subscription", key)?;
+                }
+                Err(err) => eprintln!(
+                    "Failed refreshing mirror key info - key: {}, error: {err}",
+                    key.key
+                ),
+            }
+        }
+    }
+
     let mirror_key = extract_mirror_key(&keys)?;
 
     let refreshed = if let Some(key) = key {
         match keys.iter().find(|k| k.key == key) {
-            Some(key) => refresh(mirror_key, vec![key.to_owned()], public_key()?).await?,
+            Some(key) => {
+                refresh_offline_keys(mirror_key, vec![key.to_owned()], public_key()?)?
+            }
             None => bail!("Subscription key '{key}' not configured."),
         }
     } else {
-        refresh(mirror_key, keys, public_key()?).await?
+        refresh_offline_keys(mirror_key, keys, public_key()?)?
     };
 
     for info in refreshed {

diff --git a/src/subscription.rs b/src/subscription.rs
index a4f2a5d469a3cef4125c128c00a2c87699b3c324..97b6964ac837fd63d2f4841cfdc4f5e6b74029ad 100644 (file)
--- a/src/subscription.rs
+++ b/src/subscription.rs
@@ -41,26 +41,19 @@ pub fn extract_mirror_key(keys: &[SubscriptionKey]) -> Result<SubscriptionKey, E
 
 /// Refresh `offline_keys` using `mirror_key`.
 ///
-/// This consists of three phases:
-/// 1. refresh the mirror key (if it expires/gets outdated step 3 would fail)
-/// 2. refresh all the offline keys (so that the info downloaded in step 3 is current)
-/// 3. get updated signed blobs for all offline keys (for transfer to offline systems)
-pub async fn refresh(
+/// This consists of two phases:
+/// 1. refresh all the offline keys (so that the info downloaded in step 3 is current)
+/// 2. get updated signed blobs for all offline keys (for transfer to offline systems)
+pub fn refresh_offline_keys(
     mirror_key: SubscriptionKey,
     mut offline_keys: Vec<SubscriptionKey>,
     public_key: openssl::pkey::PKey<openssl::pkey::Public>,
 ) -> Result<Vec<SubscriptionInfo>, Error> {
     let mut errors = false;
 
-    let mirror_info = proxmox_subscription::check::check_subscription(
-        mirror_key.key.clone(),
-        mirror_key.server_id.clone(),
-        PRODUCT_URL.to_string(),
-        client(),
-    )?;
     offline_keys.retain(|k| k.product() != ProductType::Pom);
     if offline_keys.is_empty() {
-        return Ok(vec![mirror_info]);
+        return Ok(vec![]);
     }
 
     for key in &offline_keys {
@@ -95,3 +88,16 @@ pub async fn refresh(
         bail!("Refresh failed - {}", res.status());
     }
 }
+
+/// Refresh a mirror key.
+///
+/// Should be called before calling `extract_mirror_key()` or
+/// `refresh_offline_keys()` to ensure mirror key is (still) valid.
+pub fn refresh_mirror_key(mirror_key: SubscriptionKey) -> Result<SubscriptionInfo, Error> {
+    proxmox_subscription::check::check_subscription(
+        mirror_key.key,
+        mirror_key.server_id,
+        PRODUCT_URL.to_string(),
+        client(),
+    )
+}