For our product we use mender in both managed and standalone modes, and our users want to know before updating what version will be installed. For this we want to use the artifact name or the provides of the artifact to identify the new update.
As far a I have seen there is no obvious way to retrieve this information without downloading and installing the update first. So my question is whether there are ways to retrieve this information?
I am in a similar situation. Let me share how I managed to retrieve this information without installing the update or without downloading the the whole release.
The idea is to read the artifact and extract the header.tar.gz information.
With my client written in python, I first check for the next update. If a deployment is ready, the response includes the url to dowload the artifact. (Make sure to provide the right right parameters in the request in order to receive the right response from mender).
I then query the URL using requests library with stream=True mode. I then use my request .raw attribute as a file object that I provide to tarfile.open(fileobj=req.raw, mode="r|").
From this tar file, I .next() to the header.tar.gz file, and then I open it with tarfile.open(mode="r|*", fileobj=f.extractfile(tarinfo)).
I can then extract any file for header.tar.gz including headers/0000/meta-data and headers/0000/type-info.
I then close the connection. This way I quickly have access to supplemental information only available in the artifact without triggering an update. And since header.tar.gz is a the beginning of the tar archive. I only need to download a fraction of the deployment to get the information I need. And the update remain available when the update is triggered by the user.
The same works in standalone mode.
I tried to do the same with a bash script but did not find a way to stream only the relevant part of the archive over http to extract the header information.
Artifact encryption is yet to be implemented in my case, but I assume it should not be a problem.