Only delete the provisioning key if the supervisor is running on an OS that supports using the deviceApiKey

This avoids problems when updating the supervisor on an older OS, where the VPN and other
host services still require config.json to have an apiKey field to authenticate.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
This commit is contained in:
Pablo Carranza Velez 2017-04-27 13:20:20 -07:00
parent 8a1d17a697
commit c251de1cd3
2 changed files with 20 additions and 8 deletions

View File

@ -40,6 +40,8 @@
"resin-register-device": "^3.0.0", "resin-register-device": "^3.0.0",
"rimraf": "^2.5.4", "rimraf": "^2.5.4",
"rwlock": "^5.0.0", "rwlock": "^5.0.0",
"semver": "^5.3.0",
"semver-regex": "^1.0.0",
"sqlite3": "^3.1.0", "sqlite3": "^3.1.0",
"typed-error": "~0.1.0", "typed-error": "~0.1.0",
"yamljs": "^0.2.7" "yamljs": "^0.2.7"

View File

@ -10,6 +10,10 @@ appsPath = '/boot/apps.json'
_ = require 'lodash' _ = require 'lodash'
deviceConfig = require './device-config' deviceConfig = require './device-config'
TypedError = require 'typed-error' TypedError = require 'typed-error'
osRelease = require './lib/os-release'
semver = require 'semver'
semverRegex = require('semver-regex')()
userConfig = {} userConfig = {}
DuplicateUuidError = message: '"uuid" must be unique.' DuplicateUuidError = message: '"uuid" must be unique.'
@ -150,15 +154,21 @@ bootstrapper.done = new Promise (resolve) ->
resolve(userConfig) resolve(userConfig)
# If we're still using an old api key we can try to exchange it for a valid device key # If we're still using an old api key we can try to exchange it for a valid device key
if userConfig.apiKey? if userConfig.apiKey?
exchangeKey() Promise.join(
.then -> osRelease.getOSVersion(config.hostOSVersionPath)
delete userConfig.apiKey exchangeKey()
knex('config').update(value: userConfig.deviceApiKey).where(key: 'apiKey') (osVersion) ->
.then -> # Only delete the provisioning key if we're on a Resin OS version that supports using the deviceApiKey (2.0.2 and above)
fs.writeFileAsync(configPath, JSON.stringify(userConfig)) # or if we're in a non-Resin OS (which is assumed to be updated enough).
# Otherwise VPN and other host services that use an API key will break.
hasDeviceApiKeySupport = !/^Resin OS /.test(osVersion) or semver.gte(semverRegex.test(osVersion), '2.0.2')
delete userConfig.apiKey if hasDeviceApiKeySupport
utils.setConfig('apiKey', userConfig.deviceApiKey)
.then ->
fs.writeFileAsync(configPath, JSON.stringify(userConfig))
)
return return
bootstrapper.bootstrapped = false bootstrapper.bootstrapped = false
bootstrapper.startBootstrapping = -> bootstrapper.startBootstrapping = ->
# Load config file # Load config file