fuchsia.amber

PROTOCOLS

Control

Defined in fuchsia.amber/amber.fidl

DoTest

simple no-op that can be used to test the connection

Request

NameType
input int32

Response

NameType
output string

AddSrc

Add a TUF source repository.

Request

NameType
source SourceConfig

Response

NameType
res bool

RemoveSrc

Remove a TUF source repository. SourceConfigs that were bundled when the system was built may be removed, but that funcionality may change in the future. See PKG-150.

Request

NameType
id string

Response

NameType
res Status

ListSrcs

Get the list of URLs of the current set of sources

Request

NameType

Response

NameType
srcs vector<SourceConfig>

GetBlob

Get a content blob identified by the given hashed Merkle root. This operation is asynchronous and provides no results.

Request

NameType
merkle string

PackagesActivated

Request

NameType
merkle vector<string>

GetUpdateComplete

Get an update for the package identified by 'name' which has the provided version. If no version is supplied, the latest available version of that package will be retrieved. The package data is sent to PackageFS which then stores the package in BlobFS. This method returns a channel that will provide the ultimate results. The channel will become readable when the update is complete. If at that time the User0 signal is set on the channel, the result is an error string that may be read from the channel, otherwise the result is success, and the new merkleroot can be read from the channel.

Request

NameType
name string
version string?
merkle string?

Response

NameType
rplyChan handle<channel>

CheckForSystemUpdate

Request

NameType

Response

NameType
res bool

Login

Log into the source specified by the source id. Returns the oauth2 device flow code if the source is configured for authentication, or null if not.

Request

NameType
sourceId string

Response

NameType
device DeviceCode?

SetSrcEnabled

Request

NameType
id string
enabled bool

Response

NameType
res Status

GC

Trigger a garbage collection.

Request

NameType

PackagesFailed

Sent when a blob fails to write, causing one or more package installs to permanently fail.

Request

NameType
merkle vector<string>
error int32
blob_merkle string

OpenRepository

Opens a TUF repository specified by the provided RepositoryConfig. The repository will stay open for the life of the OpenedRepository channel.

Packages in the opened repository can be accessed via OpenedRepository.GetUpdateComplete, but will not appear in calls to the global GetUpdateComplete, above.

Request

NameType
config fuchsia.pkg/RepositoryConfig
repo request<OpenedRepository>

Response

NameType
result int32

OpenedRepository

Defined in fuchsia.amber/amber.fidl

GetUpdateComplete

Get an update for the package identified by 'name' which has the provided variant. The package data is sent to PackageFS which then stores the package in BlobFS. This method provides a FetchResult that will send the ultimate results.

Request

NameType
name string
variant string?
merkle string?
result request<FetchResult>

MerkleFor

Finds the merkle hash for the package identified by 'name' which has the provided variant. Does not install the package or fetch any blobs.

Request

NameType
name string
variant string?

Response

NameType
status int32
message string
merkle string
size int64

FetchResult

Defined in fuchsia.amber/amber.fidl

A protocol providing results for a OpenedRepository.GetUpdateComplete call. Only one event will be sent before the channel is closed.

OnSuccess

Sent when the package is successfully installed and available for use.

Response

NameType
merkle string

OnError

Sent when the package fails to install for some reason.

Response

NameType
result int32
message string

STRUCTS

OAuth2Config

Defined in fuchsia.amber/amber.fidl

NameTypeDescriptionDefault
clientId string No default
clientSecret string string
authUrl string No default
tokenUrl string No default
scopes vector<string> No default
deviceCodeUrl string No default

DeviceCode

Defined in fuchsia.amber/amber.fidl

NameTypeDescriptionDefault
userCode string No default
verificationUrl string No default
expiresIn int64 No default

KeyConfig

Defined in fuchsia.amber/amber.fidl

NameTypeDescriptionDefault
type string Supported TUF key types. The only supported algorithm is ed25519. No default
value string The value of the key encoded in hex. No default

TLSClientConfig

Defined in fuchsia.amber/amber.fidl

NameTypeDescriptionDefault
insecureSkipVerify bool If insecureSkipTlsVerify is true, TLS will accept any certificate provided by the server. This should only be used for testing. false
rootCAs vector<string> The set of root certificate authorities that clients use when verifying server certificates. If the list is empty, TLS uses the host's root CA set. No default

TransportConfig

Defined in fuchsia.amber/amber.fidl

NameTypeDescriptionDefault
disableKeepAlives bool If true, prevent re-use of TCP connections between HTTP requests. false
KeepAlive int32 The keep-alive period for an active network connection. A zero value means that we use the system default. 0
maxIdleConns int32 The maximum number of idle (keep-alive) connections across all hosts. A zero value means that we use the system default. 0
maxIdleConnsPerHost int32 The maximum number of idle (keep-alive) connections across for each host. A zero value means we use the system default. 0
connectTimeout int32 The maximum amount of time to wait for a connection to complete in milliseconds. A zero value means we use the system default. 0
requestTimeout int32 The deadline in milliseconds for a request to complete. A zero value means that we use the system default. 0
idleConnTimeout int32 The maximum amount of time in milliseconds an idle (keep-alive) connection will remain idle before closing itself. A zero value means that we use the system default. 0
responseHeaderTimeout int32 The amount of time to wait for a server's response headers. A zero value means that we use the system default. 0
expectContinueTimeout int32 The deadline in milliseconds to wait for a server's first response headers if the request has an "Expect: 100-continue" header. A zero value means that we use the system default. 0
tlsHandshakeTimeout int32 The deadline in milliseconds to wait for a TLS handshake. Zero means that we use the system default. 0
tlsClientConfig TLSClientConfig? No default

StatusConfig

Defined in fuchsia.amber/amber.fidl

NameTypeDescriptionDefault
enabled bool No default

SourceConfig

Defined in fuchsia.amber/amber.fidl

NameTypeDescriptionDefault
id string A unique identifier that distinquishes this source from others. No default
repoUrl string The canonical URL for the TUF repository. No default
blobRepoUrl string Optionally download package blobs from this repository. If not specified, blobs will be fetched from `$repoUrl/blobs`. string
rateLimit uint64 The rate limit indicates the number of requests per rateReriod, expressed in milliseconds. A limit or period of zero means there is no limit. No default
ratePeriod int32 The TUF metadata will be refreshed after it is ratePeriod seconds stale. 3600
rootKeys vector<KeyConfig> A vector of public keys. These keys must match one of the trusted keys known to the system. No default
transportConfig TransportConfig? No default
oauth2Config OAuth2Config? No default
statusConfig StatusConfig? No default
auto bool If true, the source supports the /auto SSE endpoint for live updates false
blobKey BlobEncryptionKey? No default

BlobEncryptionKey

Defined in fuchsia.amber/amber.fidl

NameTypeDescriptionDefault
data uint8[32] No default

ENUMS

Status

Type: uint32

Defined in fuchsia.amber/amber.fidl

NameValueDescription
OK 0
ERR 1
ERR_NOT_FOUND 2