[reconfigurator] Add RoT options for reconfigurator-sp-updater (#8193)

karencfv · web-flow · commit 5ecc8994a160 · 2025-06-03T06:51:17.000Z
Related: #7989 Closes: #8198
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/dev-tools/reconfigurator-sp-updater/Cargo.toml b/dev-tools/reconfigurator-sp-updater/Cargo.toml
@@ -14,6 +14,7 @@ chrono.workspace = true
 dropshot.workspace = true
 futures.workspace = true
 gateway-client.workspace = true
+gateway-types.workspace = true
 humantime.workspace = true
 internal-dns-resolver.workspace = true
 internal-dns-types.workspace = true
diff --git a/dev-tools/reconfigurator-sp-updater/src/main.rs b/dev-tools/reconfigurator-sp-updater/src/main.rs
@@ -13,9 +13,11 @@ use clap::Subcommand;
 use futures::StreamExt;
 use gateway_client::types::SpIgnition;
 use gateway_client::types::SpType;
+use gateway_types::rot::RotSlot;
 use internal_dns_types::names::ServiceName;
 use nexus_mgs_updates::ArtifactCache;
 use nexus_mgs_updates::MgsUpdateDriver;
+use nexus_types::deployment::ExpectedActiveRotSlot;
 use nexus_types::deployment::ExpectedVersion;
 use nexus_types::deployment::PendingMgsUpdate;
 use nexus_types::deployment::PendingMgsUpdateDetails;
@@ -118,6 +120,7 @@ impl ReconfiguratorSpUpdater {
                 .expect("we just waited for this condition");
             format!("http://{}", mgs_backend.address)
         };
+
         let mgs_client = gateway_client::Client::new(
             &mgs_url,
             log.new(o!("mgs_url" => mgs_url.clone())),
@@ -374,9 +377,40 @@ struct SetArgs {
 #[derive(Clone, Debug, Subcommand)]
 enum Component {
     Sp {
+        /// expected version of the active slot
+        #[arg(long, short = 'a')]
         expected_active_version: ArtifactVersion,
+        /// expected version of the inactive slot
+        #[arg(long, short = 'i')]
         expected_inactive_version: ExpectedVersion,
     },
+    Rot {
+        /// whether we expect the "A" or "B" slot to be active
+        #[arg(long, short = 's')]
+        expected_active_slot: RotSlot,
+        /// expected version of the "A" slot
+        #[arg(long, short = 'a')]
+        expected_slot_a_version: ExpectedVersion,
+        /// expected version of the "B" slot
+        #[arg(long, short = 'b')]
+        expected_slot_b_version: ExpectedVersion,
+        /// the expected persistent boot preference written into the current
+        /// authoritative CFPA page (ping or pong).
+        /// Will default to the value of expected_active_version when not set
+        #[arg(long, short = 'p')]
+        expected_persistent_boot_preference: Option<RotSlot>,
+        /// the expected persistent boot preference written into the CFPA scratch
+        /// page that will become the persistent boot preference in the authoritative
+        /// CFPA page upon reboot, unless CFPA update of the authoritative page fails
+        /// for some reason
+        #[arg(long, short = 'x')]
+        expected_pending_persistent_boot_preference: Option<RotSlot>,
+        // this field is not in use yet.
+        //
+        /// override persistent preference selection for a single boot
+        #[arg(long, short = 't')]
+        expected_transient_boot_preference: Option<RotSlot>,
+    },
 }
 
 fn cmd_set(
@@ -397,6 +431,46 @@ fn cmd_set(
                 expected_active_version,
                 expected_inactive_version,
             },
+            Component::Rot {
+                expected_active_slot,
+                expected_slot_a_version,
+                expected_slot_b_version,
+                expected_persistent_boot_preference,
+                expected_pending_persistent_boot_preference,
+                expected_transient_boot_preference,
+            } => {
+                let (active_version, expected_inactive_version) =
+                    match expected_active_slot {
+                        RotSlot::A => {
+                            (expected_slot_a_version, expected_slot_b_version)
+                        }
+                        RotSlot::B => {
+                            (expected_slot_b_version, expected_slot_a_version)
+                        }
+                    };
+
+                let expected_active_version = match active_version {
+                    ExpectedVersion::Version(v) => v,
+                    ExpectedVersion::NoValidVersion => {
+                        return Err(anyhow!(
+                            "the expected active slot version must have a valid version"
+                        ));
+                    }
+                };
+
+                PendingMgsUpdateDetails::Rot {
+                    expected_active_slot: ExpectedActiveRotSlot {
+                        slot: expected_active_slot,
+                        version: expected_active_version,
+                    },
+                    expected_inactive_version,
+                    expected_persistent_boot_preference:
+                        expected_persistent_boot_preference
+                            .unwrap_or(expected_active_slot),
+                    expected_pending_persistent_boot_preference,
+                    expected_transient_boot_preference,
+                }
+            }
         },
         artifact_hash: args.artifact_hash,
         artifact_version: ArtifactVersion::new(args.version)
diff --git a/gateway-types/src/rot.rs b/gateway-types/src/rot.rs
@@ -5,6 +5,7 @@
 use daft::Diffable;
 use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
+use std::str::FromStr;
 
 #[derive(
     Debug,
@@ -199,6 +200,22 @@ impl RotSlot {
     }
 }
 
+impl FromStr for RotSlot {
+    type Err = String;
+
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        match s {
+            "a" | "A" => Ok(RotSlot::A),
+            "b" | "B" => Ok(RotSlot::B),
+            _ => Err(format!(
+                "unrecognized value {} for RoT slot. \
+                Must be one of `a`, `A`, `b`, or `B`",
+                s
+            )),
+        }
+    }
+}
+
 impl From<gateway_messages::RotSlotId> for RotSlot {
     fn from(slot: gateway_messages::RotSlotId) -> Self {
         match slot {
diff --git a/nexus/mgs-updates/src/rot_updater.rs b/nexus/mgs-updates/src/rot_updater.rs
@@ -399,6 +399,28 @@ impl SpComponentUpdateHelper for ReconfiguratorRotUpdater {
     ) -> BoxFuture<'a, Result<(), GatewayClientError>> {
         mgs_clients
             .try_all_serially(log, move |mgs_client| async move {
+                // We want to set the slot we've just updated as the active one
+                debug!(log, "attempting to set active slot");
+                let inactive_slot = match &update.details {
+                    PendingMgsUpdateDetails::Rot { expected_active_slot, .. } => {
+                        expected_active_slot.slot().toggled().to_u16()
+                    },
+                    PendingMgsUpdateDetails::Sp { .. } => unreachable!(
+                        "pending MGS update details within ReconfiguratorRotUpdater \
+                        will always be for the RoT"
+                    )
+                };
+                let persist = true;
+                mgs_client
+                    .sp_component_active_slot_set(
+                        update.sp_type,
+                        update.slot_id,
+                        &SpComponent::ROT.to_string(),
+                        persist,
+                        &SpComponentFirmwareSlot { slot: inactive_slot }
+                    )
+                    .await?;
+
                 debug!(log, "attempting to reset device");
                 mgs_client
                     .sp_component_reset(
