As part of the work to implement the Epoch functionality, we’re planning the migration from the current “single integer” model to the full epochs structure (two lists of integers, read and write).
From an endpoint and its functionality points of view, we need to consider which filtering is done server side, and the format of the epoch
field in the response.
This post will present a solution for almost all endpoints, but there is an open case at the end about /api/v1/snaps/details/<name>
, for which we need feedback to take the decision of what behaviour we want.
/v2/snaps/refresh
Nothing to do here, this endpoint supports full Epoch already, and all snapds hitting it already understand epochs properly, and server side proper filtering according to Epoch can be done.
/v2/snaps/info/<name>
There is no filtering server side in this case, and we can return the full structure (this endpoint is new, it was born defining the full structure in the API).
/api/v1/snaps/metadata
This endpoint was used in old snapds to refresh (new snapds use the v2 refresh/install), so we can take a simple solution here:
-
filter server side for epoch equal to 0 (which is current correct value for all snaps revisions)
-
return the epoch, which will be always 0, as it’s currently done (no format change, return just the number)
This behaviour (referred as the “backwards compatibility behaviour” through this text) will be sane for old snapds, and at the same time will provide an upgrade path so eventually the client will have new snapds with proper epochs support.
/api/v1/package/<name>, /api/v1/click-metadata, /api/v1/search, /api/v1/snaps, /api/v1/snaps/names
In these cases we can just apply the backwards compatibility behaviour, as these endpoints are not used by new snapds at all.
/api/v1/snaps/search
In this case the response will always have epoch in 0 (so it will work in any snapd), but there will not be any filtering server side, so hitting this endpoint the client would be able to see all packages (we would be maybe “lying” in the epoch value in some responses).
/api/v1/snaps/details/<name>
This is where taking a decision is complicated.
For sure we need to return an old-style response (single digit as string), otherwise we would be breaking old clients. The real decision is if we should apply any specific filter server side or not.
Possible actions:
-
avoid the client seeing packages with complex Epoch: we could filter server side, and if the package has epochs more complex than
read=[0]/write=[0]
return a 404 so the package is not accessed, but is unclear if that’s sane for 18.04 (and maybe 18.04.01) clients -
let the client see all revisions for all packages, but “lying” in some cases about their epoch value: we could not apply any filter, as we do with
/search
, but we may be letting install things that doesn’t have an upgrade path “from 0”. -
let the client see all revisions with epoch=0 for any package: in this case we just “filter out” revisions with complex epochs, returning a positive result for the client (but with information that may be really old). Note that this behaviour is the “backwards compatibility” one that we apply in other old endpoints. The problem here is that we’re allowing to install something that is old and may be insecure or have other problems.
Note that clients “snapd >= 2.32.4” could find or get info about snaps with modern epochs, as those clients would eventually hit the /refresh
endpoint to install them (which is “modern epochs capable”) but also note that really modern snapds would hit new v2 /info
endpoint instead of /details
, so one simple solution for this may be to consider all snapds hitting /details
as “old ones”.