2196 Commits

Author SHA1 Message Date
Pablo Carranza Velez
208b799c4b Make local mode only work in development OS, and make it remove app containers and allow unauthenticated API requests
Local mode makes the API accept unauthenticated requests.
Local mode now also removes app containers when stopping them.

Local mode only works on a host OS that has `VARIANT_ID = "dev"` in /etc/os-release.

Also add more explicit logging when stopping an app and it was already stopped
or the container was already removed.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-10 01:19:19 +02:00
Pablo Carranza Velez
72f6b2cea5 Restore default value when clearing a special action config variable
Up to now we've only been running the "special actions" (like vpn on/off, logs on/off)
when the target state includes a current value for the corresponding config variable.
We now also check if there was a *previous* value, and in that case also call the action function.
These functions are prepared to reset to a default when they're called with an undefined value.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-10 01:19:19 +02:00
Pablo Carranza Velez
538e384442 Allow all config variables to take truthy or falsy values
Config variables now use a checkTruthy validation function,
and can be "1", "on", "true" or true to be considered true, or
"0", "off", "false" or false to be considered false.

Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-10 01:19:19 +02:00
Pablo Carranza Velez
9ae4f02bc5 Allow setting the supervisor to a "local mode" which stops apps and prevents cleanup
A RESIN_SUPERVISOR_LOCAL_MODE variable is introduced. When this variable is "1", all apps
are stopped and the update cycle stops executing changes other than deviceConfig changes
and the proxyvisor.

Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-10 01:19:19 +02:00
Pablo Carranza Velez
9d36064bdb Quick fix: unindent the definition for dockerUtils.createContainer
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-09 08:57:26 -03:00
Pablo Carranza Velez
b6206f9012 Issues #23 and #236: Use docker logs to get all logs from the container, including those before supervisor start
We've been using docker attach, which only gives us the logs since we attach. This change allows getting the
full logs from the beginning.
We also use the timestamps that come with the logs from docker, as they will be more precise and are more relevant now
that we're getting previous logs from history.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-07 17:26:38 +02:00
Pablo Carranza Velez
b64ed9568c Issues #389 and #390: Remove /host_run/dbus and /host/var/lib/connman bind mounts for non-ResinOS-1.X devices
On ResinOS 2.X the default mounts should not include the previously deprecated host_run, and there's no connman which makes the connman mount confusing.
This is a breaking change as it is not backwards-compatible on non-ResinOS instances of the supervisor.

Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-07 17:26:23 +02:00
Pablo Carranza Velez
f7c702b845 Issue #386: Allow forcing updates when an update was already scheduled
The logic for updateStatus.forceNext is changed so that its value is checked when the scheduled update is run, instead
of when the update is scheduled. And when an update is already scheduled and a new request comes in,
we mark forceNext as true if the new request requires a force update.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-03-07 17:06:10 +02:00
Pablo Carranza Velez
3b5906a307 3.0.1 v3.0.1 2017-02-15 17:52:15 -08:00
Pablo Carranza Vélez
ca5d2a8fd2 Merge pull request #384 from resin-io/381-preloaded-deviceconfig
Issue #381: Set target deviceConfig values from preloaded apps
2017-02-03 11:05:00 -03:00
Pablo Carranza Velez
e8fbadb8d6 Issue #381: Set target deviceConfig values from preloaded apps
Also split out deviceConfig set and get to a separate module to avoid circular dependencies.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-01-19 13:56:20 -03:00
Pablo Carranza Velez
1e2d3d1af7 3.0.0
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
v3.0.0
2017-01-18 14:27:44 -03:00
Pablo Carranza Vélez
97d7a20fb7 Merge pull request #383 from resin-io/382-validate-delta-timeouts
Issue #382: Validate delta timeout variables
2017-01-18 14:26:31 -03:00
Pablo Carranza Velez
0d870954ef Issue #382: Validate delta timeout variables
Also take validation functions into a module, and use that in all cases where
we need to check for an integer or string.

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-01-18 12:28:24 -03:00
Pablo Carranza Vélez
0e76b540ea Merge pull request #379 from resin-io/378-delta-timeout
Increase delta timeouts, and provide nicer message when the delta server times out
2017-01-17 18:49:19 -03:00
Pablo Carranza Vélez
60ef2af3a5 Merge pull request #380 from resin-io/versionist-2.8.0
Update versionist to v2.8.0
2017-01-17 16:02:41 -03:00
Pablo Carranza Velez
9c8ac58128 Issue #378: Increase delta timeouts (to avoid ESOCKETTIMEOUT errors), make them configurable, and provide nicer message when the delta server times out
Current delta timeouts are too limiting, so we increase the request timeout to 30 minutes which is big enough that
the server will time out first and we can provide a nice message letting the user know we'll retry; and we increase
the total timeout to 24 hours to account for really big deltas over slower connections (the rsync calls will time out anyways
if something else goes wrong, as they have a 5 minute I/O timeout).

The timeouts are now configurable with the RESIN_SUPERVISOR_DELTA_REQUEST_TIMEOUT and RESIN_SUPERVISOR_DELTA_TOTAL_TIMEOUT
configuration variables.

Change-Type: minor
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-01-17 14:21:10 -03:00
Pablo Carranza Velez
6a94782a1d Update versionist to v2.8.0
Also remove versionist.conf.js as it's no longer necessary (versionist now
defaults to its internal versionist.conf).

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-01-16 22:41:28 -03:00
Pablo Carranza Vélez
6ab2b45104 Merge pull request #370 from resin-io/359-kmod-only-in-resinos1
[Breaking] Do not bind mount kmod if the host is not Resin OS 1.X
2017-01-16 12:51:08 -03:00
Pablo Carranza Vélez
f4fa159a22 Merge pull request #377 from resin-io/375-throttle-updatestate
Add a delay between successive updates of device state to the API
2017-01-12 18:21:56 -03:00
Pablo Carranza Velez
f8d3ea1a22 Add a delay between successive updates of device state to the API
We add a 1s delay between requests to the API to apply state changes,
as this will throttle it to a point that it has a reasonable rate while
preventing too many unnecessary requests to the API.

Closes #375

Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-01-12 15:57:09 -03:00
Pablo Carranza Vélez
9b7c3ce1f1 Merge pull request #376 from resin-io/374-docker-progress-2.3.3
Update docker-progress to v2.3.3
2017-01-12 15:54:41 -03:00
Pablo Carranza Velez
c2544afe47 Update docker-progress to v2.3.3
Closes #374

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-01-12 15:51:37 -03:00
Pablo Carranza Vélez
8d02d49e98 Merge pull request #369 from resin-io/368-dind-aufs
Switch to aufs for the docker-in-docker development supervisor
2017-01-12 15:50:17 -03:00
Pablo Carranza Velez
58af4f7094 Switch to aufs for the docker-in-docker development supervisor
Also update a few details about the dind on the README.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-01-06 15:45:41 -03:00
Pablo Carranza Velez
458add1759 Do not bind mount kmod if the host is not Resin OS 1.X
Resin OS 2.X removes the use of compressed modules, which was the initial
motivation for us to bind mount kmod into user containers (as Debian distros
don't include support for compressed modules).

This is a breaking change, but we still keep bind mounting on devices that are
on 1.X to ensure we don't break apps currently relying on the feature.

Implementation note: some functions in device.coffee have been refactored to
extract (DRY) a memoization procedure for Promise-returning functions.
`device.getOSVersion()` now also memoizes its result.

Change-Type: major
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2017-01-04 18:48:45 -03:00
Pablo Carranza Velez
e419ea32d2 2.9.0
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
v2.9.0
2016-12-20 21:09:20 -03:00
Pablo Carranza Vélez
c553efc1db Merge pull request #371 from resin-io/355-deltas-aufs-mount
Bump docker-delta to v1.0.1 to fix deltas on aufs when there's many layers
2016-12-20 21:07:37 -03:00
Pablo Carranza Velez
dd708ac3f9 Bump docker-delta to v1.0.1 to fix deltas on aufs when there's many layers
Fixes #355
Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2016-12-20 17:48:38 -03:00
Carlo Maria Curinga
d1e8be2ae3 Merge pull request #288 from resin-io/dependent-apps-docs
document dependent apps feature
2016-12-20 20:46:12 +01:00
Pablo Carranza Velez
68e89fbded 2.8.5
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
v2.8.5
2016-12-20 15:10:19 -03:00
Pablo Carranza Vélez
e7388d6338 Merge pull request #354 from resin-io/353-deviceconfig-populate
If there's no entries in deviceConfig table, always create one.
2016-12-20 14:18:43 -03:00
Pablo Carranza Velez
c67977cbed Fix error applying device configuration because deviceConfig table is empty
If there's no entries in deviceConfig table, always create one.

Avoids problems if the supervisor is stopped while running the db initialization
(deviceConfig gets created but not populated).

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2016-12-20 03:01:55 -03:00
Pablo Carranza Vélez
7006f58267 Merge pull request #366 from resin-io/sort-files-in-base-image-md5
Use find and sort to make the base image hash more deterministic
2016-12-20 03:00:37 -03:00
curcuz
b10cb20ea4 document dependent apps feature
Signed-off-by: Carlo Maria Curinga <czkzcz.cmc@gmail.com>

Change-Type: minor
2016-12-19 20:33:15 +01:00
Pablo Carranza Velez
9540ed415b Make the base image hash more deterministic
We've been using tar directly on the base image folder, and this makes
the file ordering unpredictable between filesystems, so we use find and
sort so that the files are always tarred in the same order, producing the same
hash in different filesystems.

We also now set the mtime to the specific Unix timestamp 0, to avoid differences
due to timezones.

Also remove the dest folder before calculating the hash.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2016-12-17 15:37:22 -03:00
Pablo Carranza Velez
5ca6c30d4d 2.8.4
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
v2.8.4
2016-12-16 19:00:11 -03:00
Pablo Carranza Vélez
bb1b93cdf6 Merge pull request #363 from resin-io/362-base-image-build
Build the base image together with the supervisor
2016-12-16 23:58:11 +02:00
Pablo Carranza Vélez
7602ff0bdb Merge pull request #365 from resin-io/use-versionist-default
Use versionist's default configuration
2016-12-16 23:56:04 +02:00
Pablo Carranza Velez
2f5df355fa Use versionist's default configuration
I had forgotten to git add versionist.conf in #364 :S
This will be unnecessary if resin-io/versionist#58 is addressed, but
we want it in the meantime.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2016-12-16 16:53:53 -03:00
Pablo Carranza Vélez
3a3093efa2 Merge pull request #364 from resin-io/versionist
Start using versionist for versioning and changelog
2016-12-16 21:26:20 +02:00
Pablo Carranza Velez
9e327bf7a6 Build the base image together with the supervisor
This commit changes the automation scripts so that the base image
is built together with the rest of the supervisor. We use a hash of
the contents of the base-image folder as tag for the base image so
that unnecessary rebuilds are avoided.

The build scripts are also modified to always clean up the resulting base image
and the image used to build it. We use docker pull and push to enable caching.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2016-12-16 16:25:49 -03:00
Pablo Carranza Velez
50b865737b Start using versionist for versioning and changelog
We use the default versionist configuration.
Changelog has been edited to match the versionist format as much as possible.

Change-Type: patch
Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
2016-12-15 19:14:07 -03:00
Pablo Carranza Vélez
b22470a4c8 Merge pull request #357 from resin-io/rsync_limits
Bump the MAX_BASIS_DIRS limit for rsync.
2016-12-15 14:39:28 +02:00
Michal Mazurek
7a0540e0f5 Bump the MAX_BASIS_DIRS limit for rsync.
Signed-off-by: Michal Mazurek <michal@resin.io>
2016-12-09 16:26:08 +01:00
Pablo Carranza Velez
40675b6f10 2.8.3 2016-12-01 11:20:13 -03:00
Pablo Carranza Velez
fefb1e6928 Fallback to DROP when iptables REJECT is not available
Using REJECT allows better feedback for legitimate users while providing the same level
of security than drop (see http://www.chiark.greenend.org.uk/~peterb/network/drop-vs-reject).

But some hosts don't have REJECT support in the kernel config, so in that case we fall back to DROP.
2016-12-01 11:18:06 -03:00
Pablo Carranza Velez
2b4c674a1a 2.8.2 v2.8.2 2016-11-07 03:27:45 -03:00
Pablo Carranza Vélez
1dbab76237 Merge pull request #347 from resin-io/supervisor-base-20161103
Update the supervisor base to 20161103 to include the i386 fix
2016-11-07 03:23:53 -03:00
Page-
e85bdae265 Merge pull request #346 from resin-io/fix-undefined-app
Fix an error when trying to call logSystemEvent with an undefined app
2016-11-07 08:16:06 +02:00