Turns out shell-quote's parse function also replaces environment variables, which we don't want in this case. So we escape dollar signs
before calling shell-quote's parse function.
Also shell-quote takes some characters like `>` and globs and returns an object - so we return those objects to string form.
This should still be simpler/better than writing our own shlex.split, I hope...
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
* Use the correct defaults for the delta config variables that have them
* Only mount /lib/firmware and /lib/modules if they exist on the host
* hardcode-migrations.js: Nicer line separation
* APIBinder: switch to using a header for authentication, and keep credentials saved in the API clients
* Fix hrtime measurements in milliseconds
* Do not uses classes for routers
* compose: properly initialize networkMode to the first entry in networks if there is one
* Fix some details regarding defaults in validation and service
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
Plus a few bugfixes.
* Add support for cgroup_parent
* Add support for specifying a single value in tmpfs
* Fix support for extra_hosts
* Add support for group_add
* Add support for pid mode (only host and empty value are supported for now)
* Add support for pids_limit
* Add support for security_opt
* Add support for storage_opt
* Add support for userns_mode
* Add support for ipc (except for another container's)
* Add support for mac_address
* Add support for oom_kill_disable
* Add support for 'user' compose option
* Add support for working_dir and fix support for user when image specifies it
* Add support for bind-mounting the balena socket using a label
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
* Get imageId when normalising a dep. app from the DB
* Fix the appId in migrations when updating the supervisor
* Use the update lock to update a service's metadata
* Restart clears volatile target state
* Fix function definition for updateMetadata
* Improve backwards compatibility of /v1/apps/:appId endpoint
* Fix multicontainer deltas to work with resumable-request 2.0
* Fix dependent target normalisation logic
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
* Switch default dependent device type to generic
* Reduce noise in logs
* Limit to 3 simultaneous delta downloads
* Better check for deltaSource
* When checking volume dependencies, do not compare regular (non-named) volumes
* Store imageId for dependent apps, and don't report dependent images with invalid imageIds
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
* Ensure commit is only reported when update has finished
* Change default delay between actions to 100ms
* Fix envArrayToObject for cases where the env var has an equal sign
* Use shell-quote to properly parse string command and entrypoint
* Fix preloading with a legacy apps.json
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
* Fix deleting unneeded image tags
* Fix inspectByName to work with tags besides digests when the image isn't really tagged
* Tag deltas that should have tags, and fix cleanup of dangling images
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
This also changes the deviceState object to use promises instead of timeouts to schedule
applying the target state.
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
Plus several small bug fixes:
* Allow target states with apps with no release
* Fix lock override and a TypeError in compareServicesForUpdate
* Lowercase service names when doing migrations and legacy preload
* Fix deltas from scratch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
* Fix validation of 0, fix ulimits, don't compare mem_limit or mem_reservation until OS supports them
* Remove all instances of _.forEach
* ApplicationManager: have separate compareNetworksForUpdate and compareVolumesForUpdate
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
Also several bugfixes:
* Fix VPN control, logging in deviceConfig, and action executors in proxyvisor
* Fix bug in calculation of dependencies due to fields still using snake_case
* Fix snake_case in a migration, and remove unused lib/migration.coffee
* In healthcheck, count deviceState as healthy when a fetch is in progress (as in the non-multicontainer supervisor)
* Set always as default restart policy
* Fix healthcheck, stop_grace_period and mem_limit
* Lint and reduce some cyclomatic complexities
* Namespace volumes and networks by appId, switch default network name to 'default', fix dependencies in networks and volumes, fix duplicated kill steps, fix fat arrow on provisioning
* Check that supervisor network is okay every time we're applying target state
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
Also add support for several networks per container (but with no configuration yet).
Also some bugfixes and implement healthcheck and not disabling VPN on startup.
Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
