ExternalVendorCode/balena-supervisor
1
0
Fork 0
mirror of https://github.com/balena-os/balena-supervisor.git synced 2024-12-18 21:27:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

v16.7.8

Browse Source
This commit is contained in:
flowzone-app[bot] 2024-11-28 21:23:30 +00:00 committed by GitHub
parent f3aade7c06
commit 21becded50
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 104 additions and 221 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

306
.versionbot/CHANGELOG.yml
View File

@ -1,3 +1,37 @@
- commits:
- subject: Clean up remaining locks on state settle
hash: 9c09329b86f08523501d4fbc54511cb2051b4bea
body: |
Locks could remain from a previous supervisor run that didn't get to
settle the state. This ensures that cleanup will happen for remaining
locks every time the state is settled.
footer:
Change-type: patch
change-type: patch
author: Felipe Lalanne
nested: []
- subject: Refactor update-locks implementation
hash: 3c6e9dd209a259211ed3fd2e7bbe00f3235f87aa
body: |
The refactor simplifies the implementation and ensures that locks per
app can only be held by one supervisor task at the time.
footer:
Change-type: patch
change-type: patch
author: Felipe Lalanne
nested: []
- subject: Refactor lockfile module
hash: d8f54c05e7536096576ada4db3294785bef6b0ff
body: |
Updated interfaces for clarity
footer:
Change-type: patch
change-type: patch
author: Felipe Lalanne
nested: []
version: 16.7.8
title: ""
date: 2024-11-28T21:23:24.352Z
- commits:
- subject: "Firewall: allow DNS requests from custom Docker bridge networks"
hash: 7e1cafa866d7ce04d983a990aa219dbd23de26c7
@ -1719,14 +1753,9 @@
- commits:
- subject: Remove dependency on @balena/happy-eyeballs
hash: 08727ed2b5f67c55b2469d3ee5c5e2857119521b
body: >
body: |
Node 20 now implements the happy eyeballs algorithm as part of its core
`net` module, with the
[autoSelectFamily](https://nodejs.org/docs/latest-v20.x/api/net.html#netgetdefaultautoselectfamily)
option of `socket.connect`. This option defaults to `true`, meaning that
a separate
`net` module, with the [autoSelectFamily](https://nodejs.org/docs/latest-v20.x/api/net.html#netgetdefaultautoselectfamily) option of `socket.connect`. This option defaults to `true`, meaning that a separate
implementation of happy eyeballs is no longer needed.
footer:
Change-type: patch
@ -1817,15 +1846,10 @@
- commits:
- subject: Fix support for rsync deltas
hash: 24e222045ac511cd4fbb3be66e57eb678a29d854
body: >
Rsync (v2) deltas have been broken since [Supervisor
v14](https://github.com/balena-os/balena-supervisor/commit/460c3ba0aab31d18a02e3f5dda1838691768c494).
While considered legacy,
body: |
Rsync (v2) deltas have been broken since [Supervisor v14](https://github.com/balena-os/balena-supervisor/commit/460c3ba0aab31d18a02e3f5dda1838691768c494). While considered legacy,
they are still used by a few customers with devices running OS < 2.47.1.
This should fix v2 delta support for those devices until we can
completely remove rsync deltas from the supervisor
footer:
Change-type: patch
@ -1888,32 +1912,19 @@
- commits:
- subject: Add special case for base DTO params on RPI config
hash: 6e6a796da5ecc846248eae4c8495bc626964c038
body: >
While ordering is important in the RPI firmware configuration file
(config.txt),
body: |
While ordering is important in the RPI firmware configuration file (config.txt),
some dt params are by default considered part of the base dt overlay
if they are not used by other overlays.
Unfortunately the [list of
dtparams](https://github.com/raspberrypi/firmware/blob/master/boot/overlays/README#L133)
Unfortunately the [list of dtparams](https://github.com/raspberrypi/firmware/blob/master/boot/overlays/README#L133)
is too long to add all of them as exceptions, but we can add the params
used in the default config.txt provided in OS images, to avoid reboots
when updating to this new supervisor and correctly parsing the
provisioning config.txt as variables.
While this addition handles most common scenarios, there is still a
chance a user may have use other base overlay dt params in the initial
config, in which case those will be interpreted according to the
relative ordering
footer:
Change-type: patch
@ -3334,21 +3345,13 @@
- commits:
- subject: Log uncaught promise exceptions on the app entry
hash: 676464142690da2e36a810cb35e4ea4d0d751636
body: >
Node 15 [changed the way it treats unhandled promise
rejections](https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V15.md#throw-on-unhandled-rejections---33021)
from a warning to a throw.
For this reason errors like a corrupt migration directory, that happens
when trying to
body: |
Node 15 [changed the way it treats unhandled promise rejections](https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V15.md#throw-on-unhandled-rejections---33021) from a warning to a throw.
For this reason errors like a corrupt migration directory, that happens when trying to
roll back to a previous supervisor version were no longer showing a
message but dumping the full minimized code into the journal logs.
This PR adds a catchall on app.ts to log the exception and throw an exit
code of 1.
footer:
Change-type: patch
@ -3361,13 +3364,9 @@
- commits:
- subject: Fix assertion error in restart-service
hash: b9e1464d96824f5332c71324d753d94ddbdecf90
body: >
From:
https://github.com/balena-os/balena-supervisor/pull/2153/commits/c0b4fafe842115933b1da9b4d68e601a19c3e4eb
Restart-service checks that both services have restarted in its test
assertion, which is
body: |
From: https://github.com/balena-os/balena-supervisor/pull/2153/commits/c0b4fafe842115933b1da9b4d68e601a19c3e4eb
Restart-service checks that both services have restarted in its test assertion, which is
incorrect as restart-service should only restart one service.
footer:
Change-type: patch
@ -3666,33 +3665,21 @@
nested: []
- subject: Reference networks by Id instead of by name
hash: 180c4ff31ad719fb2b00217548514d42a4b5c4cf
body: >
body: |
We have seen a few times devices with duplicated network names for some
reason. While we don't know the cause the networks get duplicates,
this is disruptive of updates, as the supervisor usually queries
resource by name, resulting in a 400 error from the engine because of
the ambiguity.
This replaces those queries by name to queries by id. This includes
network removal. If a `removeNetwork` step is generated, the supervisor
opts to remove all instances of the network with the same name as it
cannot easily resolve the ambiguity.
This doesn't solve the problem of ambiguous networks, because even if
networks are referenced by id when creating a container, the engine will
throw an error (see
https://github.com/balena-os/balena-supervisor/issues/590#issuecomment-1423557871)
throw an error (see https://github.com/balena-os/balena-supervisor/issues/590#issuecomment-1423557871)
footer:
Change-type: patch
change-type: patch
@ -3766,37 +3753,22 @@
- commits:
- subject: Add SIGTERM listener on application start
hash: 6683bca07da0e6b8f822dfcb22211b24a182dc16
body: >
body: |
As reported by issue #2100, the supervisor was not correctly reacting to
`SIGTERM` sent by the engine when terminating the process (for instance
before a reboot). This would lead to the supervisor requiring an
additional 10 seconds to terminate (after which the engine will send a
`SIGKILL`).
The reason for this is explained by the following info coming from Node
> Node.js was not designed to run as PID 1 which leads to unexpected
behaviour when running inside of Docker. For example, a Node.js process
running as PID 1 will not respond to `SIGINT` (`CTRL-C`) and similar
signals.
[reference](https://github.com/nodejs/docker-node/blob/main/docs/BestPractices.md#handling-kernel-signals)
> Node.js was not designed to run as PID 1 which leads to unexpected behaviour when running inside of Docker. For example, a Node.js process running as PID 1 will not respond to `SIGINT` (`CTRL-C`) and similar signals. [reference](https://github.com/nodejs/docker-node/blob/main/docs/BestPractices.md#handling-kernel-signals)
On internal testing, it was discovered that simply adding a listener for
the signal on the Node process was enough to handle the signal, even
when the process runs as PID 1.
This adds a listener for `SIGTERM` before starting the supervisor main
loop.
footer:
Closes: "#2100"
@ -4200,35 +4172,21 @@
- commits:
- subject: Migrate all device config tests to integration.
hash: 827f892c138dd05f9402d91e43125aa3a4dc35ac
body: >
body: |
This means that configuration backend tests no longer use stubs and
(mostly) avoid internal dependencies in the tests. Instead of stubs and
mock-fs, the tests use
[testfs](https://github.com/balena-io-modules/mocha-pod#working-with-the-filesystem)
mock-fs, the tests use [testfs](https://github.com/balena-io-modules/mocha-pod#working-with-the-filesystem)
which allows working with a real filesystem and ensuring everything is
re-set between tests.
This is the last change needed in order to be able to merge #1971. Here
is the list of changes
This is the last change needed in order to be able to merge #1971. Here is the list of changes
- [x] Migrate splash image backend tests
- [x] Migrate extlinux backend tests
- [x] Migrate config.txt backend tests
- [x] Migrate extra-uenv config tests
- [x] Migrate odmdata config tests
- [x] Migrate config utils tests
- [x] Migrate device-config tests
footer:
Change-type: patch
@ -5791,19 +5749,12 @@
- commits:
- subject: Ignore selinux security opts when comparing services
hash: 1b54ce8bfd5dd3d1f14f573a0bfe17ee1dd81630
body: >
The moby engine v20.x.y adds some selinux [security
configurations](https://docs.docker.com/engine/reference/run/#security-configuration)
depending on the [container
configuration](https://github.com/moby/moby/blob/master/daemon/create.go#L214).
body: |
The moby engine v20.x.y adds some selinux [security configurations](https://docs.docker.com/engine/reference/run/#security-configuration)
depending on the [container configuration](https://github.com/moby/moby/blob/master/daemon/create.go#L214).
This would cause the supervisor to enter a service restart loop as the
current and target service configurations will never match. The
supervisor now ignores selinux specific security options since those are
not supported by balenaOS.
footer:
Closes: "#1890"
@ -6041,19 +5992,12 @@
- commits:
- subject: Fix `.local` dns resolution when returning multiple addresses
hash: 39c667803d93182c595870352a597b9c07e1c9d1
body: >
body: |
The supervisor performs its own local resolution for `.local`
addresses due to a limitation in
[musl](https://wiki.musl-libc.org/future-ideas.html).
addresses due to a limitation in [musl](https://wiki.musl-libc.org/future-ideas.html).
The resolution function was not following exactly the nodejs [dns.lookup
specification](https://nodejs.org/api/dns.html#dnslookuphostname-options-callback)
which could cause certain clients to fail (in this case happy-eyeballs).
This
which could cause certain clients to fail (in this case happy-eyeballs). This
updates the function to follow the specification.
footer:
Change-type: patch
@ -6642,40 +6586,25 @@
- commits:
- subject: Fix regression with local mode push
hash: 6f5f3bc2f3aea1bf5e5772533be80c3bfbb4e3a9
body: >
body: |
PR #1749 introduced a bug when pushing local target state. An update to
the [image name
normalization](https://github.com/balena-os/balena-supervisor/blob/f1bd4b8d9bcef29e326cbf97eaddd837c2704d19/src/lib/docker-utils.ts#L81)
the [image name normalization](https://github.com/balena-os/balena-supervisor/blob/f1bd4b8d9bcef29e326cbf97eaddd837c2704d19/src/lib/docker-utils.ts#L81)
failed to consider the local image name format. This results in mangling
of image names in the database, i.e. the image `ubuntu:latest` is stored
as `/ubuntu:latest`. This causes an exception to be returned by the
dockerode `getImage('/ubuntu:latest').inspect()` call.
This sends the supervisor into a crash loop and is shown on the
supervisor
This sends the supervisor into a crash loop and is shown on the supervisor
journal logs as
```
getaddrinfo ENOTFOUND images
at GetAddrInfoReqWrap.onlookup [as oncomplete] (dns.js:64:26)
```
Unfortunately if this happens on a user device, since the mangled image
name is already on the database, the easiest way to fix is to remove the
supervisor database and let the supervisor recreate it. Deleting the
database should be side effect free.
footer:
Change-type: patch
@ -6913,22 +6842,14 @@
- commits:
- subject: Bump color-string from 1.5.3 to 1.5.5
hash: 4518c93fcaf77727663e4f91ed922b51a5d2f94f
body: >
Bumps [color-string](https://github.com/Qix-/color-string) from 1.5.3 to
1.5.5.
body: |
Bumps [color-string](https://github.com/Qix-/color-string) from 1.5.3 to 1.5.5.
- [Release notes](https://github.com/Qix-/color-string/releases)
-
[Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md)
- [Changelog](https://github.com/Qix-/color-string/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Qix-/color-string/commits/1.5.5)
---
updated-dependencies:
- dependency-name: color-string
dependency-type: indirect
...
@ -8033,16 +7954,10 @@
- commits:
- subject: "patch: bump @types/yargs from 15.0.5 to 15.0.12"
hash: 2c61a961c1ac2e7467ef84ac1c0896ef8c60d4be
body: >
Bumps
[@types/yargs](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/yargs)
from 15.0.5 to 15.0.12.
- [Release
notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
-
[Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/yargs)
body: |
Bumps [@types/yargs](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/yargs) from 15.0.5 to 15.0.12.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/yargs)
footer:
Change-type: patch
change-type: patch
@ -8055,14 +7970,10 @@
- commits:
- subject: "patch: bump pretty-ms from 7.0.0 to 7.0.1"
hash: 8a4369f8dfb5d8e77a022b82f25cbeb18edbf77e
body: >
Bumps [pretty-ms](https://github.com/sindresorhus/pretty-ms) from 7.0.0
to 7.0.1.
body: |
Bumps [pretty-ms](https://github.com/sindresorhus/pretty-ms) from 7.0.0 to 7.0.1.
- [Release notes](https://github.com/sindresorhus/pretty-ms/releases)
-
[Commits](https://github.com/sindresorhus/pretty-ms/compare/v7.0.0...v7.0.1)
- [Commits](https://github.com/sindresorhus/pretty-ms/compare/v7.0.0...v7.0.1)
footer:
Change-type: patch
change-type: patch
@ -8096,17 +8007,10 @@
- commits:
- subject: Bump systeminformation from 4.30.5 to 4.31.1
hash: 7ccbde985ee72296b189ba338bfa7ff49c3e6866
body: >
Bumps
[systeminformation](https://github.com/sebhildebrandt/systeminformation)
from 4.30.5 to 4.31.1.
- [Release
notes](https://github.com/sebhildebrandt/systeminformation/releases)
-
[Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md)
body: |
Bumps [systeminformation](https://github.com/sebhildebrandt/systeminformation) from 4.30.5 to 4.31.1.
- [Release notes](https://github.com/sebhildebrandt/systeminformation/releases)
- [Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sebhildebrandt/systeminformation/commits)
footer:
Change-type: patch
@ -8282,19 +8186,11 @@
- commits:
- subject: Bump systeminformation from 4.27.11 to 4.30.5
hash: 8036d5147950a3dfb976aaceee46a75e0025c732
body: >
Bumps
[systeminformation](https://github.com/sebhildebrandt/systeminformation)
from 4.27.11 to 4.30.5.
- [Release
notes](https://github.com/sebhildebrandt/systeminformation/releases)
-
[Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md)
-
[Commits](https://github.com/sebhildebrandt/systeminformation/compare/v4.27.11...v4.30.5)
body: |
Bumps [systeminformation](https://github.com/sebhildebrandt/systeminformation) from 4.27.11 to 4.30.5.
- [Release notes](https://github.com/sebhildebrandt/systeminformation/releases)
- [Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sebhildebrandt/systeminformation/compare/v4.27.11...v4.30.5)
footer:
Change-type: patch
change-type: patch
@ -8334,17 +8230,10 @@
- commits:
- subject: Bump systeminformation from 4.27.3 to 4.27.11
hash: 00b1bf8a7a66d4370cf1c7128184cfc0e2808178
body: >
Bumps
[systeminformation](https://github.com/sebhildebrandt/systeminformation)
from 4.27.3 to 4.27.11.
- [Release
notes](https://github.com/sebhildebrandt/systeminformation/releases)
-
[Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md)
body: |
Bumps [systeminformation](https://github.com/sebhildebrandt/systeminformation) from 4.27.3 to 4.27.11.
- [Release notes](https://github.com/sebhildebrandt/systeminformation/releases)
- [Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sebhildebrandt/systeminformation/commits)
footer:
Change-type: patch
@ -11001,26 +10890,17 @@
- commits:
- subject: Add label to expose gpu to container
hash: ae646a07ec6a6c96f7cb91f1d37898a94dbab47a
body: >
In the absence of an upstream implementation of the DeviceRequest API
introduced
body: |
In the absence of an upstream implementation of the DeviceRequest API introduced
as part of Docker API v1.40 we roll our own using a feature label.
As per my comment in the code, we fall back to the default behavior of
docker cli's `--gpu` and request single device with the `gpu` capabilty.
The only implementation at the moment is the NVIDIA driver; here:
https://github.com/balena-os/balena-engine/blob/master/daemon/nvidia_linux.go
Background on the composefile implementation:
https://github.com/compose-spec/compose-spec/issues/74
https://github.com/docker/compose/issues/6691
footer:
Change-type: patch
@ -13040,14 +12920,10 @@
author: Cameron Diver
- subject: Bump mixin-deep from 1.3.1 to 1.3.2
hash: d0f35359b3f32a87804f760c1d5303c380ea730f
body: >
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from
1.3.1 to 1.3.2.
body: |
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases)
-
[Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2)
footer:
Change-type: patch
change-type: patch

7
CHANGELOG.md
View File

@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file
automatically by Versionist. DO NOT EDIT THIS FILE MANUALLY!
This project adheres to [Semantic Versioning](http://semver.org/).
# v16.7.8
## (2024-11-28)
* Clean up remaining locks on state settle [Felipe Lalanne]
* Refactor update-locks implementation [Felipe Lalanne]
* Refactor lockfile module [Felipe Lalanne]
# v16.7.7
## (2024-11-11)

2
VERSION
View File

@ -1 +1 @@
16.7.7
16.7.8

2
balena.yml
View File

@ -2,6 +2,6 @@ name: balena-supervisor
description: 'Balena Supervisor: balena''s agent on devices.'
joinable: false
type: sw.application
version: 16.7.7
version: 16.7.8
provides:
- slug: sw.compose.long-volume-syntax

4
package-lock.json generated
View File

@ -1,12 +1,12 @@
{
"name": "balena-supervisor",
"version": "16.7.7",
"version": "16.7.8",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "balena-supervisor",
"version": "16.7.7",
"version": "16.7.8",
"license": "Apache-2.0",
"dependencies": {
"@balena/systemd": "^0.5.0",

4
package.json
View File

@ -1,7 +1,7 @@
{
"name": "balena-supervisor",
"description": "This is balena's Supervisor, a program that runs on IoT devices and has the task of running user Apps (which are Docker containers), and updating them as the balena API informs it to.",
"version": "16.7.7",
"version": "16.7.8",
"license": "Apache-2.0",
"repository": {
"type": "git",
@ -135,6 +135,6 @@
"yargs": "^17.7.2"
},
"versionist": {
"publishedAt": "2024-11-11T19:02:35.007Z"
"publishedAt": "2024-11-28T21:23:24.872Z"
}
}