mirror of
https://github.com/balena-os/balena-supervisor.git
synced 2024-12-23 23:42:29 +00:00
Only delete the provisioning key if the supervisor is running on an OS that supports using the deviceApiKey
This avoids problems when updating the supervisor on an older OS, where the VPN and other host services still require config.json to have an apiKey field to authenticate. Change-Type: patch Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
This commit is contained in:
parent
8a1d17a697
commit
c251de1cd3
@ -40,6 +40,8 @@
|
|||||||
"resin-register-device": "^3.0.0",
|
"resin-register-device": "^3.0.0",
|
||||||
"rimraf": "^2.5.4",
|
"rimraf": "^2.5.4",
|
||||||
"rwlock": "^5.0.0",
|
"rwlock": "^5.0.0",
|
||||||
|
"semver": "^5.3.0",
|
||||||
|
"semver-regex": "^1.0.0",
|
||||||
"sqlite3": "^3.1.0",
|
"sqlite3": "^3.1.0",
|
||||||
"typed-error": "~0.1.0",
|
"typed-error": "~0.1.0",
|
||||||
"yamljs": "^0.2.7"
|
"yamljs": "^0.2.7"
|
||||||
|
@ -10,6 +10,10 @@ appsPath = '/boot/apps.json'
|
|||||||
_ = require 'lodash'
|
_ = require 'lodash'
|
||||||
deviceConfig = require './device-config'
|
deviceConfig = require './device-config'
|
||||||
TypedError = require 'typed-error'
|
TypedError = require 'typed-error'
|
||||||
|
osRelease = require './lib/os-release'
|
||||||
|
semver = require 'semver'
|
||||||
|
semverRegex = require('semver-regex')()
|
||||||
|
|
||||||
userConfig = {}
|
userConfig = {}
|
||||||
|
|
||||||
DuplicateUuidError = message: '"uuid" must be unique.'
|
DuplicateUuidError = message: '"uuid" must be unique.'
|
||||||
@ -150,15 +154,21 @@ bootstrapper.done = new Promise (resolve) ->
|
|||||||
resolve(userConfig)
|
resolve(userConfig)
|
||||||
# If we're still using an old api key we can try to exchange it for a valid device key
|
# If we're still using an old api key we can try to exchange it for a valid device key
|
||||||
if userConfig.apiKey?
|
if userConfig.apiKey?
|
||||||
exchangeKey()
|
Promise.join(
|
||||||
.then ->
|
osRelease.getOSVersion(config.hostOSVersionPath)
|
||||||
delete userConfig.apiKey
|
exchangeKey()
|
||||||
knex('config').update(value: userConfig.deviceApiKey).where(key: 'apiKey')
|
(osVersion) ->
|
||||||
.then ->
|
# Only delete the provisioning key if we're on a Resin OS version that supports using the deviceApiKey (2.0.2 and above)
|
||||||
fs.writeFileAsync(configPath, JSON.stringify(userConfig))
|
# or if we're in a non-Resin OS (which is assumed to be updated enough).
|
||||||
|
# Otherwise VPN and other host services that use an API key will break.
|
||||||
|
hasDeviceApiKeySupport = !/^Resin OS /.test(osVersion) or semver.gte(semverRegex.test(osVersion), '2.0.2')
|
||||||
|
delete userConfig.apiKey if hasDeviceApiKeySupport
|
||||||
|
utils.setConfig('apiKey', userConfig.deviceApiKey)
|
||||||
|
.then ->
|
||||||
|
fs.writeFileAsync(configPath, JSON.stringify(userConfig))
|
||||||
|
)
|
||||||
return
|
return
|
||||||
|
|
||||||
|
|
||||||
bootstrapper.bootstrapped = false
|
bootstrapper.bootstrapped = false
|
||||||
bootstrapper.startBootstrapping = ->
|
bootstrapper.startBootstrapping = ->
|
||||||
# Load config file
|
# Load config file
|
||||||
|
Loading…
Reference in New Issue
Block a user