Revisit dev environment or provisioning logic for dev and staging/production #469
Description
There are some situations where the provisioning logic (dev and staging/prod) where files are copied twice, in staging and prod scenarios:
- once via the rpm package to its destination
- once via rpm to
/srv/saltand then to its destination via salt
The problem with this approach is that it makes tracking the files inside RPM manifest more complex, resulting in a higher likelihood of provisioning errors. An example can be found in #468 , and given that the files are logic-dependent, it's very hard to catch regressions: In this case they were only caught by installing on a clean Qubes install.
- Keep the dev env as-is and not use rpm to copy any file outside of /srv/salt. The downside is that is requires applying dom0 state in order to update critical scripts, such as the updater. They will not be updated if there's an error with salt
- Keep the dev env as is, and introduce more conditionals in the salt logic. This might become complicated to track
requiresand correctly test the execution flow - Rework
make dev/make allto use RPMs to install todom0in the dev scenario. We could consider distinct packages that would include dev-only tools to help with copying/cleaning files to dom0. I think this method is preferred, as it would ensure the dev environment mirrors staging and production environments more closely.