This removes VPN status monitoring, which
would be too expensive to do with a container and is really not
necessary. The VPN status information will be available for requests via
the supervisor API.
The supervisor needs to read some files from the host root since there
are no alternative interfaces that the host provides. These files are
- /etc/os-release to read the OS version
- /run/openvpn/vpn_status/active to check the VPN status
While we are working to introduce alternative interfaces for reading the
information provided by these files, the supervisor still needs a
backwards compatible way to get that info.
This PR uses the fact that the supervisor has access to the docker
socket to mount a file into a container and read the file from there.
Change-type: minor
v14.4.5 introduced a new way to retrieve the host logs by symlinking the
log directories into the host /run/log/journal and using a local copy of
the journalctl binary instead of chrooting into the host. This failed to
account for the location of persistent logs when that option is turned
on (/var/log/journal instead of /run/log/journal). This fixes the checks
consider this case and also makes sure to remove the original symlink to
avoid having nested links `/run/log/journal/journal/journal`, which was a
bug in the previous implementation.
Change-type: patch
Clarify that only containers on a single device will be restarted following API key refresh,
not the whole fleet. Each device has its own distinct API key.
Change-type: patch
Signed-off-by: Christina Ying Wang <christina@balena.io>
The `readFromBoot` function replaced calls to readFile in the codebase
when the target location is under `/mnt/boot` in order to use `fatrw`
to check for corruption. Unfortunately this function behaved a little
differently with regards to errors. While `readFile` returns a code `ENOENT`
when the file is not found, `readFromBoot` would just throw an exception
with whatever code was given by fatrw. This would cause confusion for
some calls that were behaving differently with a `ENOENT`, causing some
issues.
Closes: #2071
Change-type: patch
The supervisor had to chroot into the host root in order to read the
journal logs. This won't be possible anymore once the supervisor becomes
an app. This commit copies the journalctl binary and necessary libraries
from a debian image into the supervisor image in order to be able to use
the tool on runtime.
Change-type: patch
This means that dynamic import statements will emit actual `import`
statements rather than being translated to `require`, the benefit being
that we can now import ES modules via dynamic imports
Change-type: patch
Adds maxMetricsFrequency, separate from maxReportFrequency.
Also ensures most recent state change event is reported.
Change-type: patch
Signed-off-by: Ken Bannister <kb2ma@runbox.com>
This PR changes the way the supervisor reads and writes files from /mnt/boot. Reads will
now use the [fatrw utility](https://github.com/balena-os/fatrw/) as a way to minimize corruption of
files in the boot partition, and thus preventing possible bricking of the device.
Since this basically changes the way a lot of configurations are read, this work was being blocked because of
the way tests were being done. While there still remain a couple of legacy tests to be migrated, this PR disables
test:legacy tests when running npm run test, as the work on refactoring those tests is in progress (see #2048) and
fatrw integration is of higher priority.
Change-type: minor
getImagesForCleanup used to query the Engine for the Supervisor
image, which is unnecessary given that the Supervisor has access
to constants.supervisorImage. Thus, this Engine query is removed.
The method is simplified and made more clear, and
imageManager.isCleanupNeeded doesn't need to be stubbed in tests.
Change-type: patch
Signed-off-by: Christina Ying Wang <christina@balena.io>
This eliminates chances of host-Docker address collision for apps such
as the Supervisor where all services have host networking.
Closes: #2062
Change-type: patch
Signed-off-by: Christina Ying Wang <christina@balena.io>
This means that configuration backend tests no longer use stubs and
(mostly) avoid internal dependencies in the tests. Instead of stubs and
mock-fs, the tests use [testfs](https://github.com/balena-io-modules/mocha-pod#working-with-the-filesystem)
which allows working with a real filesystem and ensuring everything is
re-set between tests.
This is the last change needed in order to be able to merge #1971. Here is the list of changes
- [x] Migrate splash image backend tests
- [x] Migrate extlinux backend tests
- [x] Migrate config.txt backend tests
- [x] Migrate extra-uenv config tests
- [x] Migrate odmdata config tests
- [x] Migrate config utils tests
- [x] Migrate device-config tests
Change-type: patch