pmbootstrap install: make --no-fde default (!1798)

Implement --fde, add deprecation warning to --no-fde, update related
help files and tests.

README.md

@@ -96,9 +96,14 @@ Build the rootfs:
 $ pmbootstrap install
 ```
 
-Update existing installation on SD card (full disk encryption disabled):
+Build the rootfs with full disk encryption:
 ```
-$ pmbootstrap install --sdcard=/dev/mmcblk0 --no-fde --rsync
+$ pmbootstrap install --fde
+```
+
+Update existing installation on SD card:
+```
+$ pmbootstrap install --sdcard=/dev/mmcblk0 --rsync
 ```
 
 Run the image in Qemu:

pmb/helpers/frontend.py

@@ -184,6 +184,8 @@ def initfs(args):
 
 
 def install(args):
+    if args.no_fde:
+        logging.warning("WARNING: --no-fde is deprecated, as it is now the default.")
     if args.rsync and args.full_disk_encryption:
         raise ValueError("Installation using rsync is not compatible with full"
                          " disk encryption.")

pmb/install/_install.py

@@ -383,7 +383,7 @@ def install_system_image(args):
         logging.info("Make sure that osk-sdl has been properly configured for your device")
         logging.info("or else you will be unable to unlock the rootfs on boot!")
         logging.info("If you started a device port, it is recommended you disable")
-        logging.info("FDE by re-running the install command with '--no-fde' until")
+        logging.info("FDE by re-running the install command without '--fde' until")
         logging.info("you have properly configured osk-sdl. More information:")
         logging.info("<https://postmarketos.org/osk-port>")
     pmb.install.format(args)

pmb/parse/arguments.py

@@ -455,7 +455,7 @@ def arguments():
                        help="generate TWRP flashable zip",
                        action="store_true", dest="android_recovery_zip")
     install.add_argument("--rsync", help="update the sdcard using rsync,"
-                         " only works with --no-fde", action="store_true")
+                         " does not work with --fde", action="store_true")
     install.add_argument("--cipher", help="cryptsetup cipher used to"
                          " encrypt the rootfs, eg. aes-xts-plain64")
     install.add_argument("--iter-time", help="cryptsetup iteration time (in"
@@ -463,8 +463,10 @@ def arguments():
                          " partition")
     install.add_argument("--add", help="comma separated list of packages to be"
                          " added to the rootfs (e.g. 'vim,gcc')")
-    install.add_argument("--no-fde", help="do not use full disk encryption",
+    install.add_argument("--no-fde", help=argparse.SUPPRESS,
-                         action="store_false", dest="full_disk_encryption")
+                         action="store_true", dest="no_fde")
+    install.add_argument("--fde", help="use full disk encryption",
+                         action="store_true", dest="full_disk_encryption")
     install.add_argument("--flavor",
                          help="Specify kernel flavor to include in recovery"
                               " flashable zip", default=None)

test/test_qemu_running_processes.py

@@ -112,7 +112,7 @@ class Qemu(object):
         ssh_create_askpass_script(args)
 
         # Create and run rootfs
-        pmbootstrap_yes(args, config, ["install", "--no-fde"])
+        pmbootstrap_yes(args, config, ["install"])
         self.process = pmbootstrap_run(args, config, ["qemu", "--display",
                                                       "none"], "background")