Commit Graph

4949 Commits

Author SHA1 Message Date
86b8576d14 Merge pull request #2395 from balena-os/renovate/npm-systeminformation-vulnerability
Update systeminformation to v5.23.8 [SECURITY]
2024-12-20 20:42:36 +00:00
92b26c7ae2 Update systeminformation to v5.23.8 [SECURITY]
Update systeminformation from 5.22.7 to 5.23.8

Change-type: patch
2024-12-20 20:09:40 +00:00
f198983ede v16.10.2 v16.10.2 2024-12-18 18:48:57 +00:00
1a4580554e Merge pull request #2393 from balena-os/depends-on-fix
Wait for service dependencies to be running
2024-12-18 18:47:58 +00:00
8e6c0fcad7 Wait for service dependencies to be running
This fixes a regression where dependencies would only be started in
order and would start the dependent service if its dependency had been
started at some point in the past, regardless of the running condition.

This makes the behavior more consistent with docker compose where the
[dependency needs to be
running or healthy](69a83d1303/pkg/compose/convergence.go (L441)) for the service to be started.

Change-type: patch
2024-12-13 16:22:11 -03:00
81b307510d v16.10.1 v16.10.1 2024-12-11 00:28:21 +00:00
87db141687 Merge pull request #2391 from balena-os/specify-tmp-balena-dir-as-necessary
Specify `/tmp/balena|resin` directories as necessary
2024-12-11 00:27:22 +00:00
dc740a159b Specify /tmp/balena|resin directories as necessary
See: https://forums.balena.io/t/rm-cant-remove-tmp-balena-resource-busy/367888/5
Change-type: patch
Signed-off-by: Christina Ying Wang <christina@balena.io>
2024-12-10 15:54:07 -08:00
4f1f83603b v16.10.0 v16.10.0 2024-12-10 23:28:19 +00:00
e085013548 Merge pull request #2379 from balena-os/support-jetson-power-fan-configs
Support jetson power fan configs
2024-12-10 23:27:26 +00:00
2f2b2e1c50 Don't require reboot if setting fan control
Signed-off-by: Christina Ying Wang <christina@balena.io>
2024-12-09 18:43:57 -08:00
828bd22ba0 Add PowerFanConfig config backend
This config backend uses ConfigJsonConfigBackend to update
os.power and os.fan subfields under the "os" key, in order
to set power and fan configs. The expected format for os.power
and os.fan settings is:
```
{
  os: {
    power: {
      mode: string
    },
    fan: {
      profile: string
    }
  }
}
```

There may be other keys in os which are not managed by the Supervisor,
so PowerFanConfig backend doesn't read or write to them. Extra keys in os.power
and os.fan are ignored when getting boot config and removed when setting
boot config.

After this backend writes to config.json, host services os-power-mode
and os-fan-profile pick up the changes, on reboot in the former's case
and at runtime in the latter's case. The changes are applied by the host
services, which the Supervisor does not manage aside from streaming
their service logs to the dashboard.

Change-type: minor
Signed-off-by: Christina Ying Wang <christina@balena.io>
2024-12-09 18:43:51 -08:00
54fcfa22a7 Support "os" key with object values in ConfigJsonConfigBackend
Signed-off-by: Christina Ying Wang <christina@balena.io>
2024-12-09 18:29:26 -08:00
9ec45a724b Add tests for ConfigJsonConfigBackend
Also deprecate path-getting method, and remove OS version check.
The OS version itself is not used in ConfigJsonConfigBackend, so
it seems the OS version check is to confirm the existence of config.json
during class init, because OS version is a field that's always there
in a valid config.json.

Signed-off-by: Christina Ying Wang <christina@balena.io>
2024-12-09 18:29:26 -08:00
a2c9f55e89 v16.9.0 v16.9.0 2024-12-06 17:52:59 +00:00
28a27fc96d Merge pull request #2382 from balena-os/support-streaming-host-logs
Stream host logs from os-power-mode.service and os-fan-profile.service
2024-12-06 17:52:06 +00:00
8f3eeff72d Stream logs from last SV's State.FinishedAt, process uptime otherwise
This will catch any container or host logs between Supervisor runs. If
FinishedAt is invalid (0), the last sent timestamp is already set (i.e.
this isn't the first time logMonitor.start() has been called), or
the Supervisor container metadata couldn't be acquired, use the
Supervisor process uptime as the default. This has the downside of
missing any logs generated during SV downtime, but at least
means the log-streamer can proceed without error.

Signed-off-by: Christina Ying Wang <christina@balena.io>
2024-12-06 07:46:38 -08:00
fb6fa9b16c Add ability to stream logs from host services to cloud
Add `os-power-mode.service`, `nvpmodel.service`, and `os-fan-profile.service`
which report status from applying power mode and fan profile configs as read
from config.json. The Supervisor sets these configs in config.json for these
host services to pick up and apply.

Also add host log streaming from `jetson-qspi-manager.service` as it
will very soon be needed for Jetson Orins.

Relates-to: #2379
See: balena-io/open-balena-api#1792
See: balena-os/balena-jetson-orin#513
Change-type: minor
Signed-off-by: Christina Ying Wang <christina@balena.io>
2024-12-06 07:45:43 -08:00
c610710f03 Move logger.ts into logging/index.ts
Signed-off-by: Christina Ying Wang <christina@balena.io>
2024-12-05 21:55:09 -08:00
e62e245fc7 Modify log monitor logging to be more generic
Includes other host services in addition to balena.service

Signed-off-by: Christina Ying Wang <christina@balena.io>
2024-12-05 09:11:04 -08:00
5ee5db2a04 v16.8.0 v16.8.0 2024-12-05 17:06:14 +00:00
eba8c455ef Merge pull request #2392 from balena-os/host-config-locks
Take update locks for host-config changes
2024-12-05 17:05:15 +00:00
a2d4b31b23 Take update locks for host-config changes
This adds update-lock support to hostname changes via the host-config
endpoint, in addition to proxy changes as changing the hostname may
cause an engine restart from the OS.

Change-type: minor
2024-12-03 15:07:24 -03:00
21becded50 v16.7.8 v16.7.8 2024-11-28 21:23:30 +00:00
f3aade7c06 Merge pull request #2389 from balena-os/exclusive-locking-refactor
Refactor update-locks implementation
2024-11-28 21:22:34 +00:00
8b3b9a5b7b Respect lockOverride when using withLock 2024-11-27 16:40:58 -03:00
9c09329b86 Clean up remaining locks on state settle
Locks could remain from a previous supervisor run that didn't get to
settle the state. This ensures that cleanup will happen for remaining
locks every time the state is settled.

Change-type: patch
2024-11-27 16:40:58 -03:00
3c6e9dd209 Refactor update-locks implementation
The refactor simplifies the implementation and ensures that locks per
app can only be held by one supervisor task at the time.

Change-type: patch
2024-11-27 16:40:50 -03:00
d8f54c05e7 Refactor lockfile module
Updated interfaces for clarity

Change-type: patch
2024-11-15 18:25:50 -03:00
0a9de69994 v16.7.7 v16.7.7 2024-11-11 19:02:38 +00:00
b3b1fddfa5 Merge pull request #2386 from balena-os/allow-dns-from-custom-bridge-ifaces-for-firewall
Firewall: allow DNS requests from custom Docker bridge networks
2024-11-11 19:01:51 +00:00
7e1cafa866 Firewall: allow DNS requests from custom Docker bridge networks
We only allow DNS requests through `balena0` interface, but this
is the default Docker bridge which is used for containers that
don't have a custom bridge. However, the Supervisor creates a
custom bridge for all containers unless another network mode is
specified.

Change-type: patch
Signed-off-by: Christina Ying Wang <christina@balena.io>
2024-11-08 17:02:34 -08:00
dd24fc1404 v16.7.6 v16.7.6 2024-11-07 21:02:43 +00:00
91a9058a88 Merge pull request #2385 from balena-os/firewall-docs
Update firewall documentation
2024-11-07 21:01:46 +00:00
1b747f6d65 Update firewall documentation
Removes experimental warning and updates issues

Change-type: patch
2024-11-07 11:04:32 -03:00
89ab01a082 v16.7.5 v16.7.5 2024-11-07 13:34:08 +00:00
75a3b3bea0 Merge pull request #2383 from balena-os/delete-apps-by-uuid-not-in-target
Delete apps not in target from db by appUuid instead of appId
2024-11-07 13:33:15 +00:00
3d3f659f16 Delete apps not in target from db by appUuid instead of appId
Resolve an issue in balenaMachine instances that were installed at <v14.1.0,
in which a Supervisor app with random UUID is kept in the target db due to its appId
being the same, even after the BM instance has upgraded to v14.1.0 which patches
the correct reserved Supervisor app UUIDs in. This results in two Supervisors running
on devices under the BM instance which persists after BM upgrade.

See: https://balena.fibery.io/search/T7ozi#Inputs/Pattern/Two-supervisors-are-running-on-device-3370
Change-type: patch
Signed-off-by: Christina Ying Wang <christina@balena.io>
2024-11-04 14:15:55 -08:00
a8053b9217 v16.7.4 v16.7.4 2024-10-28 14:40:46 +00:00
4989db4105 Merge pull request #2374 from balena-os/renovate/npm-express-vulnerability
Update express to v4.20.0 [SECURITY]
2024-10-28 14:39:58 +00:00
f2aaf7372d Update express to v4.20.0 [SECURITY]
Update express from 4.19.2 to 4.20.0

Change-type: patch
2024-10-28 14:07:00 +00:00
52a9db43bc v16.7.3 v16.7.3 2024-10-28 14:04:26 +00:00
0c958efbca Merge pull request #2375 from balena-os/alexgg/sb
Add NXP support to balenaOS secure boot
2024-10-28 11:03:27 -03:00
619f644299 Add NXP support to balenaOS secure boot
On NXP iMX devices the partitions are not encrypted with LUKS but with
the lower level dm-crypt subsystem.

Adapt the partition mount script to use dmsetup which works for both
LUKS and dm-crypt encrypted partitions.

Change-type: patch
Signed-off-by: Alex Gonzalez <alexg@balena.io>
2024-10-18 13:53:14 -03:00
43bb9523f0 v16.7.2 v16.7.2 2024-10-18 15:21:01 +00:00
6954e7c6cf Merge pull request #2380 from balena-os/bookworm
Use bookworm image to source journalctl binaries
2024-10-18 15:19:13 +00:00
57a17ea207 Use bookworm image to source journalctl binaries
Debian no longer publishes linux/arm/v5 images for bullseye, breaking
support for raspberry pi zero.

This change might not solve the issue indefinitely
as we don't know how long debian will continue publishing armv5 images.

Change-type: patch
2024-10-18 10:42:52 -03:00
cb465a1d81 v16.7.1 v16.7.1 2024-09-26 14:28:10 +00:00
c429daafc9 Merge pull request #2373 from balena-os/add-compose-init-support
Add support for init field from compose
2024-09-26 07:27:01 -07:00
ed1c18e369 Add support for init field from compose
Init supports boolean values, and is not included in the config when
not defined.

Change-type: patch
Signed-off-by: Christina Ying Wang <christina@balena.io>
2024-09-26 10:39:59 -03:00