Skip to content

Fix duplicate FDE TPM keyslots not getting caught correctly#49459

Open
dantecatalfamo wants to merge 1 commit into
mainfrom
44428-ubuntu-tpm-error-catch
Open

Fix duplicate FDE TPM keyslots not getting caught correctly#49459
dantecatalfamo wants to merge 1 commit into
mainfrom
44428-ubuntu-tpm-error-catch

Conversation

@dantecatalfamo

@dantecatalfamo dantecatalfamo commented Jul 17, 2026

Copy link
Copy Markdown
Member

Related issue: Resolves #44428

Unreleased bug from #48452 caught during testing

Summary by CodeRabbit

  • Bug Fixes

    • Improved handling of resource-conflict responses when wording varies, including singular and plural message formats.
    • Prevented authentication failures and unrelated bad requests from being incorrectly classified as conflicts.
  • Tests

    • Added coverage for HTTP conflict responses, recognized conflict types, message variations, and non-conflict errors.

Copilot AI review requested due to automatic review settings July 17, 2026 01:42
@dantecatalfamo
dantecatalfamo requested a review from a team as a code owner July 17, 2026 01:42

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Improves Orbit’s snapd error classification so duplicate (already-present) LUKS recovery keyslot situations are correctly treated as conflicts even when snapd returns the plural “already exist” wording (observed in snapd 2.75), ensuring the add→replace fallback logic triggers reliably.

Changes:

  • Broadened snapdAPIError.isConflict() message matching from "already exists" to "already exist" to cover both singular/plural variants.
  • Added unit tests covering status-code, kind-based, and message-based conflict detection (including the snapd 2.75 plural message regression).

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
orbit/pkg/luks/snapd_client.go Adjusts conflict detection to match plural “already exist” snapd error wording.
orbit/pkg/luks/snapd_client_test.go Adds test coverage for snapdAPIError.isConflict() regression and related cases.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +117 to +121
// The message check uses "already exist" (no trailing s) as the prefix so
// it matches both the singular ("key slot X already exists") and the
// plural ("key slots [...] already exist") wording — snapd 2.75 returns
// the plural form when a name-only keyslotRef expands to both the
// system-data and system-save containers, which is exactly our case.
@coderabbitai

coderabbitai Bot commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: e5760138-04a7-4818-957f-ae33697d59e5

📥 Commits

Reviewing files that changed from the base of the PR and between 9bb61de and 49e7099.

📒 Files selected for processing (2)
  • orbit/pkg/luks/snapd_client.go
  • orbit/pkg/luks/snapd_client_test.go

Walkthrough

Updated snapd conflict detection to match messages containing “already exist” while preserving existing status and kind checks. Added table-driven tests covering nil errors, HTTP 409 responses, conflict kinds, singular and plural key-slot messages, authentication failures, and generic bad requests.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Description check ⚠️ Warning The description only includes the related issue and a brief note; it omits the required checklist and testing details. Expand it to match the template with checklist items, testing notes, and any applicable changes-file, QA, migration, or platform details.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately summarizes the main change: fixing duplicate FDE TPM keyslot conflict detection.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch 44428-ubuntu-tpm-error-catch

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@codecov

codecov Bot commented Jul 17, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 68.07%. Comparing base (d839a38) to head (49e7099).
⚠️ Report is 9 commits behind head on main.

Additional details and impacted files
@@           Coverage Diff           @@
##             main   #49459   +/-   ##
=======================================
  Coverage   68.07%   68.07%           
=======================================
  Files        3882     3882           
  Lines      246370   246401   +31     
  Branches    13168    13168           
=======================================
+ Hits       167716   167743   +27     
+ Misses      63515    63514    -1     
- Partials    15139    15144    +5     
Flag Coverage Δ
backend 69.54% <100.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Ubuntu 26's TPM-backed disk encryption support

3 participants