Commit Graph

142 Commits

Author SHA1 Message Date
Miguel Casqueira
60c07fc2fc Move SupervisorAPI state change logs to appropriate functions
Closes: #1277
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-07 13:48:12 -04:00
Cameron Diver
31957566e5 Remove legacy fallback to DROP rule in iptables
This has not been necessary for a long time, and wwe can now remove it.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-05-05 12:15:19 +01:00
Cameron Diver
7b1f03ced5 Add an ESTABLISHED flag to API iptables rules
This allows a response to an input with dport=`supevisor api port` and
is required when the host OS is doing stateful firewalling.

This should not affect things when stateful firewalling is not in
effect, as the standard OUTPUT chain policy is ACCEPT, so we're just
being explicit about it.

Change-type: patch
Backport-to: next, current, sunset
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-05-05 12:15:12 +01:00
Miguel Casqueira
2007a98940 Added Bearer Authorization spec
Closes: #1249
Change-type: minor
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-04 13:22:58 -04:00
Miguel Casqueira
698435a5c8 Added spec for current auth implementation
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-04 10:49:09 -04:00
Cameron Diver
a43d71d1ac 📄 Upgrade knex to avoid CVE-2019-10757
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-04-15 13:37:50 +01:00
Cameron Diver
37feb7e325 Move from dbus-native to dbus
Closes: #1049
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-04-13 10:07:14 +01:00
Cameron Diver
c9c0e650cb Support matching on device type within contracts
Closes: #1191
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-04-09 10:45:07 +01:00
Pagan Gazzard
a59af6abe8 Workaround a circular dependency
Change-type: patch
2020-04-08 17:40:39 +01:00
Pagan Gazzard
a2ec35456b Convert application-manager.coffee to javascript
Change-type: patch
2020-04-08 12:15:06 +01:00
Cameron Diver
0950b66c52 Allow spaces in volume definitions
Closes: #1247
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-04-07 10:35:34 +01:00
Pagan Gazzard
81927d7861 Update to balena-register-device 6.0.1
Change-type: patch
2020-04-06 17:45:03 +01:00
Pagan Gazzard
d3221ca235 Convert test/18-startup.coffee to typescript
Change-type: patch
2020-04-02 14:25:26 +01:00
Pagan Gazzard
70b0705551 Convert test/19-compose-utils.coffee to javascript
Change-type: patch
2020-04-02 14:25:25 +01:00
Pagan Gazzard
98e956831a Convert test/18-compose-network.coffee to javascript
Change-type: patch
2020-04-02 14:25:24 +01:00
Pagan Gazzard
d3cf650ac4 Convert test/17-config-utils.spec.coffee to javascript
Change-type: patch
2020-04-02 14:25:23 +01:00
Pagan Gazzard
dcb01cb863 Convert test/16-ports.spec.coffee to typescript
Change-type: patch
2020-04-02 14:25:21 +01:00
Pagan Gazzard
515fb059f4 Convert test/15-conversions.spec.coffee to javascript
Change-type: patch
2020-03-31 16:38:07 +01:00
Pagan Gazzard
fd4cec31e7 Convert test/12-logger.spec.coffee to javascript
Change-type: patch
2020-03-31 16:25:57 +01:00
Cameron Diver
3af89cd13f Add BALENA_DEVICE_ARCH environment variable for containers
Closes: #1232
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-03-30 16:40:02 +01:00
Pagan Gazzard
7e6d32516d Tests: Add missing await
Change-type: patch
2020-03-23 19:02:17 +00:00
Cameron Diver
5c50f656c3 Allow semver comparison on l4t versions in contracts
We add an implicit .0 to the end of l4t versions which do not fulfill
semver, which allows us to always match using comparison operators, such
as < and <=.

Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-03-06 15:54:04 +00:00
Rich Bayliss
e0d2bdfaa9
config: Support loading SSDT via ConfigFS
Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
2020-03-05 13:30:06 +00:00
Cameron Diver
c21da8f3db
Convert device-state module to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-02-25 14:50:21 +07:00
Ivan
f5c51be07d Add unit test to ensure journalctl process is spawned with expected
arguments.

Signed-off-by: Ivan <ivan@mish.guru>
2020-02-22 16:44:11 -07:00
Cameron Diver
426d8cd10a
Ensure that we always have the pi4 overlay assigned
Change-type: patch
Closes: #1171
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-01-08 17:06:19 +00:00
Cameron Diver
6db1f03411
fix: ⬇️ Force a regular pull when moving from v2 to v3 deltas
Change-type: patch
Fixes: #1072
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-12-16 10:42:46 +00:00
Roman Mazur
d9c669ebad
Hide init method in configJson
ConfigJson users now don't need to worry about initialization.
It's done lazily on the first public method call.

Implementation is also rewritten to follow async/await pattern.

Change-type: patch
Signed-off-by: Roman Mazur <roman@balena.io>
2019-12-11 19:19:47 +02:00
Rich Bayliss
c3cf8fbca2
volumes: Allow the use of the 'driver' setting in volumes
A compose file can now contain a volume which uses a different driver
from the default one; local.

Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
2019-12-02 11:59:44 +00:00
Roman Mazur
f487711ba4
Add regression test for app manager init
If we had it eearlier, it would have prevented #1148.
When init is called, withImagesFromDockerAndDB in images.ts is called as well.

Change-type: patch
Signed-off-by: Roman Mazur <roman@balena.io>
2019-11-27 13:51:15 +02:00
Cameron Diver
1a6c9d489a
Consider linux4tegra versions in container contracts
Also remove ability to match on OS versions

Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-11-27 10:22:35 +00:00
Theodor Gherzan
d6adfa189f
Do not polute test output with unncessarry stack trace
Signed-off-by: Theodor Gherzan <theodor@balena.io>
2019-11-19 09:48:56 +00:00
Theodor Gherzan
8589dbf3d1
Refactor code to use async/await syntax
Signed-off-by: Theodor Gherzan <theodor@balena.io>
2019-11-16 19:43:22 +00:00
Theodor Gherzan
54e9c2edd8
Run new prettier on code base
Signed-off-by: Theodor Gherzan <theodor@balena.io>
2019-11-15 14:51:24 +00:00
Cameron Diver
09a8231fde
Extract loadTargetFromFile function to preload module
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-11-07 09:47:19 +00:00
Roman Mazur
2143180d27
event-tracker: Use std mixpanel types
Custom type definitions are removed for mixpanel module since they are embedded
into their npm package.

Change-type: patch
Signed-off-by: Roman Mazur <roman@balena.io>
2019-11-05 18:09:09 +02:00
Cameron Diver
f75b8aad2b
Support optional containers based on their contract
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-11-05 10:11:30 +00:00
Cameron Diver
b5a427f2b9
Convert some coffeescript tests to typescript
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-10-30 10:58:32 +00:00
Cameron Diver
14e442f943 Add support for container contracts
These contracts can specify an OS version and supervisor version that
they require. If any of the containers in a release have requirements
that are not met, the release is rejected, and the previous release
continues to run.

Change-type: minor
Closes: #1086
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-10-01 16:17:44 +01:00
Cameron Diver
5ce8ba8acf Add contract resolution code, which checks release requirements
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-10-01 16:17:43 +01:00
Cameron Diver
487e2c54a1 Add test number to test files name
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-10-01 16:17:42 +01:00
Cameron Diver
e78f8eccdc
Correctly handle partial IPAM configurations for networks
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-09-16 12:27:06 +01:00
Cameron Diver
76de276b92
Only consider certain array fields without order
Various fields returned from the docker daemon don't retain order (for
example the volumes field). We now only select certain array values to
compare taking order into account.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-08-19 14:55:06 +01:00
Roman Mazur
4846acb25e
Prevent supervisor from deleting itself
With recent changes to local mode behavior, supervisor removes all engine objects
that were not present before entering local mode.
With this change, supervisor also detects its own resources and does not delete them
if it was updated during local mode operations.

Change-type: patch
Signed-off-by: Roman Mazur <roman@balena.io>
2019-07-25 13:02:57 +03:00
Cameron Diver
c109a24874 Support network_modes of service:<servicename>
That way that this is performed is by first adding a depends_on entry
for the target service if it appears in a network mode. Then when we
generate the docker container for this service, we use the containerId
of the target container and replace the network_mode with
`container:<id>`.

When comparing state, we check that the containerId still points to the
contianerId of the target container, and in this way we ensure that
when a network mode target container changes, we change the dependent
container too.

Change-type: minor
Closes: #851
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-07-23 13:41:19 +01:00
Cameron Diver
050c10dbb0 Add volume tests and fix test fixture setup for applications
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-07-10 14:25:46 +01:00
Cameron Diver
37945b4aa5 Don't attempt to setup a log stream to the cloud before provision
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-07-09 13:21:05 +01:00
Michel Wohlert
39c9810bbc Merge remote-tracking branch 'balena/master' into instantly-apply-update-on-api-request 2019-07-09 13:10:15 +02:00
Michel Wohlert
7a42b6719a Apply targetState immediately after update request
Cancel delayed promise if exists and schedule a new one without delay, when /v1/update is called

Change-type: patch
2019-07-06 00:06:42 +02:00
Cameron Diver
286ba58069
Add tests for Volume
Signed-off-by: Cameron Diver <cameron@balena.io>
2019-07-04 11:47:39 +01:00