[reconfigurator] Pre-checks and post_update actions for RoT bootloader update (#8325)

This commit implements several checks that must happen before updating
an RoT bootloader, and post-update actions.

Related: #7988

Author: karencfv

Cargo.lock

@@ -22,5 +22,6 @@ serde.workspace = true
 serde_json.workspace = true
 schemars.workspace = true
 slog.workspace = true
+thiserror.workspace = true
 uuid.workspace = true
 omicron-workspace-hack.workspace = true

clients/gateway-client/Cargo.toml

@@ -63,7 +63,7 @@ progenitor::generate_api!(
         HostPhase2RecoveryImageId = { derives = [PartialEq, Eq, PartialOrd, Ord] },
         ImageVersion = { derives = [PartialEq, Eq, PartialOrd, Ord] },
         RotImageDetails = { derives = [PartialEq, Eq, PartialOrd, Ord] },
-        RotImageError = { derives = [ PartialEq, Eq, PartialOrd, Ord] },
+        RotImageError = { derives = [ thiserror::Error, PartialEq, Eq, PartialOrd, Ord] },
         RotState = { derives = [PartialEq, Eq, PartialOrd, Ord] },
         SpComponentCaboose = { derives = [PartialEq, Eq] },
         SpIdentifier = { derives = [Copy, PartialEq, Hash, Eq] },

clients/gateway-client/src/lib.rs

@@ -11,6 +11,7 @@ chrono.workspace = true
 futures.workspace = true
 gateway-client.workspace = true
 gateway-types.workspace = true
+gateway-messages.workspace = true
 iddqd.workspace = true
 id-map.workspace = true
 internal-dns-resolver.workspace = true

nexus/mgs-updates/Cargo.toml

@@ -267,7 +267,7 @@ pub trait SpComponentUpdateHelper {
         log: &'a slog::Logger,
         mgs_clients: &'a mut MgsClients,
         update: &'a PendingMgsUpdate,
-    ) -> BoxFuture<'a, Result<(), GatewayClientError>>;
+    ) -> BoxFuture<'a, Result<(), PostUpdateError>>;
 }
 
 /// Describes the live state of the component before the update begins
@@ -319,12 +319,66 @@ pub enum PrecheckError {
     WrongInactiveVersion { expected: ExpectedVersion, found: FoundVersion },
 }
 
-#[derive(Debug)]
+#[derive(Debug, thiserror::Error)]
+pub enum PostUpdateError {
+    #[error("communicating with MGS")]
+    GatewayClientError(#[from] GatewayClientError),
+
+    #[error("transient error: {message:?}")]
+    TransientError { message: String },
+
+    #[error("fatal error: {error:?}")]
+    FatalError { error: String },
+}
+
+impl PostUpdateError {
+    pub fn is_fatal(&self) -> bool {
+        match self {
+            PostUpdateError::GatewayClientError(error) => {
+                !matches!(error, gateway_client::Error::CommunicationError(_))
+            }
+            PostUpdateError::TransientError { .. } => false,
+            PostUpdateError::FatalError { .. } => true,
+        }
+    }
+}
+
+#[derive(Debug, Clone)]
 pub enum FoundVersion {
     MissingVersion,
     Version(String),
 }
 
+impl FoundVersion {
+    pub fn matches(
+        &self,
+        expected: &ExpectedVersion,
+    ) -> Result<(), PrecheckError> {
+        match (expected, &self) {
+            // expected garbage, found garbage
+            (ExpectedVersion::NoValidVersion, FoundVersion::MissingVersion) => {
+                ()
+            }
+            // expected a specific version and found it
+            (
+                ExpectedVersion::Version(artifact_version),
+                FoundVersion::Version(found_version),
+            ) if artifact_version.to_string() == *found_version => (),
+            // anything else is a mismatch
+            (ExpectedVersion::NoValidVersion, FoundVersion::Version(_))
+            | (ExpectedVersion::Version(_), FoundVersion::MissingVersion)
+            | (ExpectedVersion::Version(_), FoundVersion::Version(_)) => {
+                return Err(PrecheckError::WrongInactiveVersion {
+                    expected: expected.clone(),
+                    found: self.clone(),
+                });
+            }
+        };
+
+        Ok(())
+    }
+}
+
 pub(crate) fn error_means_caboose_is_invalid(
     error: &GatewayClientError,
 ) -> bool {