ExternalVendorCode/balena-supervisor
1
0
Fork 0
mirror of https://github.com/balena-os/balena-supervisor.git synced 2024-12-19 13:47:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Only delete the provisioning key if the supervisor is running on an OS that supports using the deviceApiKey

Browse Source 
This avoids problems when updating the supervisor on an older OS, where the VPN and other
host services still require config.json to have an apiKey field to authenticate.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
This commit is contained in:
Pablo Carranza Velez 2017-04-27 13:20:20 -07:00
parent 8a1d17a697
commit c251de1cd3
2 changed files with 20 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package.json
View File

@ -40,6 +40,8 @@
"resin-register-device": "^3.0.0",
"rimraf": "^2.5.4",
"rwlock": "^5.0.0",
"semver": "^5.3.0",
"semver-regex": "^1.0.0",
"sqlite3": "^3.1.0",
"typed-error": "~0.1.0",
"yamljs": "^0.2.7"
@ -52,4 +54,4 @@
"resin-lint": "^1.3.1",
"versionist": "^2.8.0"
}
}
}

24
src/bootstrap.coffee
View File

@ -10,6 +10,10 @@ appsPath = '/boot/apps.json'
_ = require 'lodash'
deviceConfig = require './device-config'
TypedError = require 'typed-error'
osRelease = require './lib/os-release'
semver = require 'semver'
semverRegex = require('semver-regex')()
userConfig = {}
DuplicateUuidError = message: '"uuid" must be unique.'
@ -150,15 +154,21 @@ bootstrapper.done = new Promise (resolve) ->
resolve(userConfig)
# If we're still using an old api key we can try to exchange it for a valid device key
if userConfig.apiKey?
exchangeKey()
.then ->
delete userConfig.apiKey
knex('config').update(value: userConfig.deviceApiKey).where(key: 'apiKey')
.then ->
fs.writeFileAsync(configPath, JSON.stringify(userConfig))
Promise.join(
osRelease.getOSVersion(config.hostOSVersionPath)
exchangeKey()
(osVersion) ->
# Only delete the provisioning key if we're on a Resin OS version that supports using the deviceApiKey (2.0.2 and above)
# or if we're in a non-Resin OS (which is assumed to be updated enough).
# Otherwise VPN and other host services that use an API key will break.
hasDeviceApiKeySupport = !/^Resin OS /.test(osVersion) or semver.gte(semverRegex.test(osVersion), '2.0.2')
delete userConfig.apiKey if hasDeviceApiKeySupport
utils.setConfig('apiKey', userConfig.deviceApiKey)
.then ->
fs.writeFileAsync(configPath, JSON.stringify(userConfig))
)
return
bootstrapper.bootstrapped = false
bootstrapper.startBootstrapping = ->
# Load config file