Commit Graph

4224 Commits

Author SHA1 Message Date
Christina Wang
0a9c7282e8 Add compose support for volumes defined with long syntax
balena-compose already supports this, and with this PR, Supervisor can
have the option of using HostConfig.Mounts for internal bind mounts such as
ones added by feature labels. This will be handled in a future PR.

The only blocker to having users use long syntax is adding this feature
to target state. This PR does not add that feature.

Relates-to: https://github.com/balena-os/balena-supervisor/pull/1780
Relates-to: https://github.com/balena-os/balena-engine/issues/220
Relates-to: #1933
Change-type: patch
Signed-off-by: Christina Wang <christina@balena.io>
2022-05-17 11:08:23 -07:00
Balena CI
713d39a85e v13.1.7 2022-05-17 18:46:23 +03:00
bulldozer-balena[bot]
f06a0542fc
Merge pull request #1938 from balena-os/remove-throttle
Prevent throttling reports when nothing was sent
2022-05-17 15:33:00 +00:00
20k-ultra
67f9c44a6c Prevent throttling reports when nothing was sent
Change-type: patch
Signed-off-by: 20k-ultra <3946250+20k-ultra@users.noreply.github.com>
2022-05-16 15:19:55 -04:00
Balena CI
6620bca7bd v13.1.6 2022-05-06 22:05:50 +03:00
bulldozer-balena[bot]
b0a89cf4b3
Merge pull request #1929 from balena-os/splash-image-no-fail
Avoid splash image failures if image is corrupt
2022-05-06 19:03:30 +00:00
Balena CI
cbd74954b3 v13.1.5 2022-05-06 21:29:08 +03:00
bulldozer-balena[bot]
bd2dbc9ac8
Merge pull request #1877 from balena-os/write-sync-vfat
Use write+sync when writing to `/mnt/boot`
2022-05-06 18:27:39 +00:00
Felipe Lalanne
a5ede01b18 Avoid splash image failures if image is corrupt
Splash image backend would throw if the image is not a valid png during
the write step. This could prevent the device from provisioning if some
corruption happens at some point.

Change-type: patch
2022-05-03 15:30:18 +00:00
Felipe Lalanne
c04955354a Use write + sync when writing configs to /mnt/boot
This commit updates all backends that write to /mnt/boot to do it
through a new `lib/host-utils` module. Writes are now done using write +
sync as rename is not an atomic operation in vfat.

The change also applies for writes through the `/v1/host-config`
endpoint.

Finally this change includes some improvements on tests.

Change-type: patch
2022-05-03 11:23:00 -04:00
Balena CI
5686cc363d v13.1.4 2022-04-28 21:29:01 +03:00
bulldozer-balena[bot]
01934503e5
Merge pull request #1936 from balena-os/sleep-between-reports
Use delay instead of interval to recursively report state
2022-04-28 18:26:43 +00:00
20k-ultra
2e81a7328e Use delay instead of interval to recursively report state
Change-type: patch
Signed-off-by: 20k-ultra <3946250+20k-ultra@users.noreply.github.com>
2022-04-27 23:16:38 -04:00
Balena CI
4557644149 v13.1.3 2022-04-20 22:38:47 +03:00
bulldozer-balena[bot]
2740d252d2
Merge pull request #1926 from balena-os/prevent-restart-policy-violation
Prevent restart policy violation
2022-04-20 19:36:51 +00:00
20k-ultra
5437aea786 Remove in memory storage of started/stopped containers
Change-type: patch
Signed-off-by: 20k-ultra <3946250+20k-ultra@users.noreply.github.com>
2022-04-19 22:27:15 -04:00
20k-ultra
ca9945bdfb Only start a container once in its lifetime
This will ensure the restart policy specified is not violated

Change-type: patch
Closes: #1668
Signed-off-by: 20k-ultra <3946250+20k-ultra@users.noreply.github.com>
2022-04-19 22:27:15 -04:00
Balena CI
9aa50eea8a v13.1.2 2022-04-18 23:34:21 +03:00
bulldozer-balena[bot]
f8f337cbc5
Merge pull request #1931 from balena-os/clarify-v2-state-status-response-meaning
Explain /v2/state/status's status field in its response
2022-04-18 20:32:39 +00:00
Christina Wang
27249c2785 Explain /v2/state/status's status field in its response
The status field does not indicate the current state of the Engine on the device.
Rather, it only indicates whether the HTTP response returned successfully or not.

To get the current state of the device, i.e. whether it has applied target state or not,
use the `appState` field in the response.

Change-type: patch
Signed-off-by: Christina Wang <christina@balena.io>
2022-04-18 13:16:32 -07:00
Balena CI
81a8705ff8 v13.1.1 2022-04-13 22:29:32 +03:00
bulldozer-balena[bot]
3df8494f35
Merge pull request #1928 from balena-os/lockfiles-cleanup
Do not fail lockfile cleanup if files do not exist
2022-04-13 19:27:06 +00:00
Felipe Lalanne
8681d6b580 Do not fail lockfile cleanup if files do not exist
Change-type: patch
2022-04-13 12:33:15 -04:00
Balena CI
f5ca7e87f0 v13.1.0 2022-04-12 22:27:08 +03:00
bulldozer-balena[bot]
f8bdd06a8b
Merge pull request #1893 from balena-os/1758-lockfile-binary-with-nobody-user
Differentiate Supervisor-created lockfiles from userapp-created lockfiles
2022-04-12 19:25:21 +00:00
Christina Wang
babe10e2a7 Move Supervisor-specific from lockfile.ts to update-lock.ts to
make lockfile module more generic

BASE_LOCK_DIR, LOCKFILE_UID moved to update-lock.ts

Signed-off-by: Christina Wang <christina@balena.io>
2022-04-12 12:02:57 -07:00
Christina Wang
cfd3f03e4a Make lockfile cleanup multi-app aware
When disposing of resources which include Supervisor-created lockfiles,
only dispose of lockfiles for the specified user application.

Signed-off-by: Christina Wang <christina@balena.io>
2022-04-12 12:02:28 -07:00
Christina Wang
e9738b5f78 Modify update lock module to use new lockfile binary and library
Also uninstall lockfile NPM package as we're no longer using it

Signed-off-by: Christina Wang <christina@balena.io>
2022-04-12 12:02:28 -07:00
Christina Wang
51e63ea22b Add lockfile binary and internal lib for interfacing with it
The linked issue describes the Supervisor not cleaning up locks it creates due
to crashing at just the wrong time. After internal discussion we decided to
differentiate Supervisor-created lockfiles from user-created lockfiles by using
the `nobody` UID (65534) for Supervisor-created lockfiles.

As the existing NPM lockfile lib does not allow creating lockfiles atomically
with different UIDs, we move to using the lockfile binary, which is part of the
procmail package. To allow nonroot users to write to lock directories, permissions
are changed to allow write access by nonroot users.

See: https://www.flowdock.com/app/rulemotion/r-resinos/threads/gWMgK5hmR26TzWGHux62NpgJtVl
Change-type: minor
Closes: #1758
Signed-off-by: Christina Wang <christina@balena.io>
2022-04-12 12:02:26 -07:00
Balena CI
a2f739789d v13.0.3 2022-04-08 20:44:13 +03:00
bulldozer-balena[bot]
790259560a
Merge pull request #1917 from balena-os/compulab-no-dmidecode
Add system id/model support for Compulab IOT-gate
2022-04-08 17:41:50 +00:00
Felipe Lalanne
e6fa22306b Add system id/model support for Compulab IOT-gate
dmidecode for alpine 3.11 doesn't work in this device type. This change
moves to using `/proc/device-tree/product-sn` and
`/proc/device-tree/product-name` for these devices.

Resolves: #1916
Change-type: patch
2022-04-08 12:02:21 -04:00
Balena CI
ebdfff10ad v13.0.2 2022-04-08 05:58:26 +03:00
bulldozer-balena[bot]
c5f40b4c83
Merge pull request #1920 from balena-os/eval-download-progress-correctly
Correctly evaluate downloadProgress when computing current state
2022-04-08 02:56:14 +00:00
20k-ultra
c1b5e58ebd Correctly evaluate downloadProgress when computing current state
Change-type: patch
Closes: #1918
Signed-off-by: 20k-ultra <3946250+20k-ultra@users.noreply.github.com>
2022-04-07 21:21:44 -04:00
Balena CI
fa9074ce76 v13.0.1 2022-04-05 17:38:16 +03:00
bulldozer-balena[bot]
1f511d4ef6
Merge pull request #1914 from balena-os/migrate-legacy
Fix database migration for legacyApps
2022-04-05 14:34:39 +00:00
Felipe Lalanne
eee2460445 Fix database migration for legacyApps
Migration `M00008` had a bug with the check for legacy apps, which
resulted in devices that had at some point been updated from a single
container supervisor to get the error

```
Undefined binding(s) detected when compiling UPDATE. Undefined column(s): [appUuid] query
```

This adds a new migration with the fix to ensure broken fix the
inconsistent database state.

Change-type: patch
Closes: #1913
2022-04-01 17:58:20 -03:00
Balena CI
ffc61ee0b4 v13.0.0 2022-03-29 00:01:51 +03:00
bulldozer-balena[bot]
a89b23ac7c
Merge pull request #1765 from balena-os/v3-target-state
Update supervisor to use new v3 target state format
2022-03-28 20:59:53 +00:00
Felipe Lalanne
b11696144f Only report current state of apps in the target state
If an app is not in the target state means the supervisor no longer
has permissions to that app hence it cannot report on it. When moving
between apps, there is a transitional period where containers and images
from both apps can be in the current state, therefore filtering is
needed to prevent getting 401 errors from the API.
2022-03-22 19:28:43 -03:00
Felipe Lalanne
b2b1b111b3 Ignore the supervisor in the target state
Starting with v3 state endpoint, the supervisor may receive the configuration
for the supervisor service on the target state. This commit allows the
supervisor to filter out the supervisor container from the current and target
state to let the update-balena-supervisor script handle the creation and update
of the supervisor container.

Updating and creating the supervisor container will be handled by a
future commit
2022-03-22 19:28:43 -03:00
Felipe Lalanne
8e40f1c2f5 Ignore unknown image classes on the target state
Starting with v3 state endpoint, the supervisor can receive
service configuration for services that are meant to be installed as
overlays or filesets on the host, as well as configuration for services
that are meant to be installed on the root partition. This commit just
ignores those services from the target state until support is added
2022-03-22 19:28:43 -03:00
Felipe Lalanne
8bf8792583 Only uninstall 'fleet' apps when localMode is set
Local mode is still a device level config. Eventually it will become a
property of an app, but for now, we don't want the supervisor trying to
uninstall supervisor or host app when local mode is set
2022-03-22 19:28:43 -03:00
Felipe Lalanne
f1cd3d367c Cleanup unused methods and dependencies on db ids 2022-03-22 19:28:43 -03:00
Felipe Lalanne
381abeadb9 Refactor current state report to patch v3 state
This change makes the `api-binder/report` module more agnostic
to internal device state implementation details, moving necessary
healthchecks and data filtering to getCurrentForReport in device-state.

This also adds generic functions to perform comparison between current
state reports.
2022-03-22 19:28:36 -03:00
Felipe Lalanne
25e9ab4786 Refactor api-binder as a directory
The role of the api-binder module is to be the intermediary
between the cloud API and the device-state. For this reason it makes sense to
isolate target state retrieval and current state reporting into this
module. This change just moves current state reporting to the directory.
2022-03-22 19:08:03 -03:00
Felipe Lalanne
97f3b2a51e Update types and create methods for reporting v3 state 2022-03-22 19:08:03 -03:00
Felipe Lalanne
e9af9d8e83 Allow application manager to match apps between environments
If an app with the same app uuid exists between environments, the
supervisor will match the apps by uuid to prevent stopping the running
app
2022-03-22 19:08:03 -03:00
Felipe Lalanne
5c5483dd3d Rename networks to <appUuid>_<networkName>
This is required as we are phasing out app ids and we need to be able to
get app uuid from the current state of the network. The app-id now
exists as a container in new networks

This commit will restart containers as it needs to recreate the network.
2022-03-22 19:08:03 -03:00