support self updating the binary

[ripienaar]

We already support config updates and in place restarts by simply doing an Exec on the same binary and path, this works quite well.

We should also add to this a method that can fetch a new binary, replace the running one and then exec that to do in-place upgrades.

We'd need a few things:

• Some manifest of versions available
  • Files per architecture and OS per version
  • Checksums
  • crypto signatures with pubkey in the (currently running) binary

The flow would be at least this - but probably need to be more robust than this even

• Token validated only
• Request asking to upgrade to a specific version
• If we aren't already on that version
  • Get version info and ensure it exists
  • Download file into a temp location
  • Verify file
  • Backup current executable in same dir as ${current_fname}.${current_version}
  • Move temp download into same dir, set owner, permissions etc same as current
  • mv it over current
  • restart

File Store

The file store should be just a web server, with something like this /choriaupdate/0.7.0-auto/linux/amd64/ and in there a bit of JSON about the release and the actual release.

It should be able to live on object stores like those provided by cloud providers and so might need access token support in the request (v2)

For arm the arch above would be arm5 etc and we'd need to have special handling for that

The JSON would at least need:

{
  "binary": "acme-choria-linux-amd64-0.7.0-auto",
  "hash": ".....",
  "signature": ".....",
}

binary is the path to the file to get in the same dir as the json file compressed using compress/gzip
hash is a SHA256 of the file
signature is a signature made and verifiable using the key that should be compiled into the binary thats doing the update or perhaps we support something like a public key stored in /choriaupdate/release.pem

Library Package

The package to do the update should probably be separate with an api like this:

// for the paths above repo is "/choriaupdate" here
FetchSpec(repo string, version string) (*Spec, error)
Apply(target string, update *Spec) error

This should do all the things above except any restarts etc, restarts to happen elsewhere. UpdateSpec is the data in the JSON above

[ripienaar]

Some ideas here

https://github.com/inconshreveable/go-update/blob/8152e7eb6ccf8679a64582a66b78519688d156ad/apply.go#L22-L47

[ripienaar]

project that implements a basic updater https://github.com/choria-io/go-updater without crypto support