We add an endpoint to the supervisor API that checks the following conditions to determine whether the supervisor is healthy:
* That the update cycle has run fully, in a time that's less than twice the poll interval. Unless we're downloading an image, in which case
we assume it's healthy (otherwise we'd get into the issue of determining a reasonable timeout for the image download, which is already done in a configurable way with delta options and the like).
* That the current state report to the Resin API hasn't failed more than 3 times. Unless the device has no connectivity, or the connectivity check is disabled, in which case we don't know
if the report failed simply because there's no network.
* That the gosuper component is working (since we periodically hit its API to get the IP addresses, we mark it as not working if this API call fails).
We need this endpoint to be unauthenticated for the docker daemon to be able to hit it (though, as the rest of the API, it is protected with iptables rules).
Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
I realized we're not deleting config.txt entries because the function checked for the values to apply
not to be empty, instead of just checking if the *changes* are empty.
So this closes#450
(Still not a complete solution to config.txt issues, which will come with the multicontainer PR, but at least it's a step forward)
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
Otherwise, devices where we update from legacy supervisors might have other keys, like RESIN_SUPERVISOR_DELTA, stored in deviceConfig.values,
causing `_.isEqual(values, targetValues)` to always return false.
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
Should only be relevant in really old OS versions, but still this is the correct default.
Fixes#439
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
This folder is used to add proxy configuration on build, and the dind build fails
if it doesn't exist.
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
We've been using UglifyJS 0.4.6 (the webpack default) so far, but this doesn't support ES6 and some dependency
updates are starting to cause builds to break (e.g. https://github.com/request/request/issues/2772, which also happens to break
my builds in the multicontainer branch).
Here we switch to the latest uglifyjs-webpack-plugin which is designed for ES2015 support.
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
We used to have a recursion based on Promises and Promise.delay, which caused the promise never to resolve
so eventually the stack would be exhausted.
This fixes it by using a simpler way to check if reporting the state is in progress and using a setImmediate to
call applyState outside of the Promise chain.
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
It seems that the ARG ARCH causes a cache miss in the next RUN statement (for some reason our use of cache-from in the other stages of the build works better, but here it always causes a miss).
We move the ARG statement to later in the Dockerfile, just before actually using it. Hopefully this will improve caching for most supervisor builds.
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
This change makes us always try to use the latest master builds of the intermediate images
for the --cache-from option in our docker build of the supervisor.
This prevents cache misses when we're rebasing a branch and a PR has been merged that modifies a component that we're not modifying
in the current branch.
For example:
Branch 1 modifies the base image. Branch 2 only modifies the nodejs code. Branch 1 gets merged before Branch 2, so in our Branch2 PR we
rebase from master - in the next build for Branch 2, we'll have a cache miss on the base image, unless we're using the last master for caching.
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
When sending events to mixpanel, we now use an explicit whitelist for the properties sent with the event, to avoid accidental leakage of any sensitive information.
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
JSONStream is a hybrid executable-library that doesn't get along well with webpack: it tries to run its binary code
which can throw uncaught exceptions. So we use a custom loader for it - which replaces remove-hashbang-loader, as it only
affected JSONStream too.
(I tried replacing JSONStream altogether, but turns out dockerode uses it too)
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
This change removes the behavior where we would try to fetch an app image when starting the app. This might cause an unintended
download of an app that is not really needed anymore because we're starting the app on boot and an update cycle would make this image unnecessary.
So now we try to inspect the image, and if this fails we will throw an error, causing the app to be soft-deleted and the next update cycle to properly trigger
a download of whatever image we need from the target state.
We also improve the error catching when fetching an image, to specifically catch an "image not found" error before trying to download - otherwise, any other
random error will cause us to try to download the image again, which will not be a noop if we're using deltas. If there's any other error, the correct behavior
is to throw and retry later.
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
We change the way container cleanup works so that it compares running
app containers with the container names for the known apps. This allows
the cleanup to effectively delete any spurious/duplicated app containers.
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
By storing the container name before creating the container, we avoid problems
if the supervisor crashes or the device reboots between creating a container and storing its id.
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
