add update hook RPC(s) in addition to qubes.PostInstall

[devk8]

The problem you're addressing (if any)

It would be useful to be able to add custom functionality to the process of updating templates. For example, when flatpaks are installed in templates, it would be nice for qubes-update-gui to also update the flatpaks after the system package manager updates.

Currently, some guides and salt repos approach this by adding a script to /etc/qubes/post-install.d (see Solene's flatpak guide or my salt state definition). The problem is that the qubes.PostInstall RPC is only called by the VM update agent when at least one package was upgraded (source). This is a more significant issue when using minimal templates, as the time between system package upgrades can be longer.

The solution you'd like

In addition to the qubes.PostInstall hook (which appears primarily designed for installed packages to request qube features), I would like there to be a qubes.PostUpdate RPC which is called after the system package manager upgrades, regardless of whether any system packages were upgraded. A qubes.PreUpdate could be useful as well, but is not necessary for my use case.

The value to a user and who that user might be

Using these RPC hooks, users can use other package managers (flatpak, pip, npm, etc.) in templates and ensure these are kept up to date.

Completion criteria checklist

(This section is for developer use only. Please do not modify it.)

[alimirjamali]

This is perfectly doable and will have many uses. I can list some examples:

1. Performing some (partial) backup tasks before/after update. Right within the template.
2. While we intend to integrate Flatpak (and possibly Snap and other major ones) in vmupdate, hooks are still nice for pip, AUR and similar.
3. Some sort of user custom notification mechanism.

If implementing qubes.PreUpdate and qubes.PostUpdate is approved, I can work on it.

[jmynes]

This would be greatly appreciated for web development!