Commit Graph

483 Commits

Author SHA1 Message Date
Felipe Lalanne
7833fa1ff3 Un-skip fs-utils test 2022-09-28 10:37:40 -03:00
Felipe Lalanne
460659429d Update dependencies to fix NPM build
Change-type: patch
2022-09-26 15:26:48 -03:00
Felipe Lalanne
e00687408c Disable event tracking
The supervisor used to rely on specific event reporting for identifying
issues at runtime. As the platform has grown, it has become much more
difficult to get any signal from the event noise. Recently the API side
for these events has been disabled, meaning these events only
contribute to bandwidth consumption.  This commit disables the
event reporting feature of the supervisor which will be most likely
replaced by something like Sentry in the near future.

Change-type: minor
2022-09-20 14:19:26 -03:00
Pagan Gazzard
5518eb17bd Update to nodejs 16
Change-type: minor
2022-09-19 17:51:48 +01:00
Pagan Gazzard
96418d55b5 Update @balena/lint to 6.2.0
Change-type: patch
2022-09-19 16:41:28 +01:00
Pagan Gazzard
a4c13aa2e9 Update to typescript 4.8.2
Change-type: patch
2022-09-19 16:36:17 +01:00
Felipe Lalanne
3e45e9561e Fix withDefault type helper to work with boolean
`withDefault` is a type helper that allows to create a type that
defaults to a default value when trying to decode a nullish value.
That type was not correctly working with boolean types, causing `false`
values to be replaced by true. This would specifically cause issues when
parsing the target state, where a `running: false` in a service would
become a `running: true` due to the type decoding.

Change-type: patch
2022-09-13 20:08:32 +00:00
Felipe Lalanne
48e0733c7e Remove side effects for module imports
The supervisor uses the following pattern for async module
initialization

```typescript
// module.ts

export const initialised = (async () => {
    // do some async initialization
})();

// somewhere else
import * as module from 'module';

async function setup() {
  await module.initialise;
}
```

The above pattern means that whenever the module is imported, the
initialisation procedure will be ran, which is an anti-pattern.

This converts any instance of this pattern into a function

```typescript
export const initialised = _.once(async () => {
    // do some async initialization
});
```

And anywhere else on the code it replaces the call with a

```typescript
await module.initialised();
```

Change-type: patch
2022-09-06 15:48:18 -04:00
Alexandru Costache
36544b7d6e Add custom DTB support for imx8mm-var-som
Change-type: patch
Signed-off-by: Alexandru Costache <alexandru@balena.io>
2022-09-06 16:33:35 +02:00
Felipe Lalanne
e0e1eacc6e Migrate lockfile tests to testfs
Since tests are ran in a container, lockfile tests no longer need to
mock the behavior of the `lockfile` binary.
2022-08-24 16:07:25 -04:00
Felipe Lalanne
6d004f0994 Setup docker-compose.test
This allows to run integration tests during development and on CI
with the right dependencies. There are several changes that this
involves, but the gist of it is that a test environment is setup using
`docker-compose.test.yml`. This file is loaded by `resin-ci` during the
build, and ensures that integration tests are ran after setting up all
requirements. This commit also defines a test environment command that
can be setup using `npm run test:env` in order to run tests in a local
development machine.
2022-08-24 16:07:20 -04:00
Felipe Lalanne
ba51ca5fc0 Add mocha-pod for running integration tests
This ensure that whenever integration tests are ran, they
are executed in a containerized environment.
2022-08-24 14:29:17 -04:00
Felipe Lalanne
c1e6dadeb4 Create test/unit and test/integration folders
This sets up the new `test/unit` and `test/integration` folders
and starts classification of some of the test files.

Note that unit tests include, `fs-utils` and `system-info` tests.

While these tests interact with the filesystem, the implementation
of these modules is simple enough, and the tests are fast enough to
allow these tests to fall under the `unit` test category (according to
test/README)

Change-type: patch
2022-08-24 14:28:36 -04:00
Felipe Lalanne
e1e35eb83b Move the current test suite under test/legacy
We are refactoring the supervisor test suite into unit tests (for
algorithms an domain model tests) and integration
tests (for interaction with out-of-process dependencies).
This means the current test suite needs to be classified into
these two categories, and fixed whenever possible.

This commit moves the test suite under the `test/legacy` folder, this
folder should be progressively migrated and eventually removed.
Subsequent commits will begin to split these files into unit and
integration whenever possible.

Depends-on: #1996
Change-type: patch
2022-08-22 17:21:51 -04:00
Felipe Lalanne
382cdb0cfa Refactor test suite to use tsconfig paths
This replaces all relative paths in the test suite  (e.g
`../src/compose/service.ts`) with the aliased path configured through
tsconfig.

This is a big change but it doesn't affect any functionality
2022-08-18 13:05:10 -04:00
Felipe Lalanne
71eaa3327e Use tsconfig-paths for easier access to the source
Currently, tests only can import source code modules through relative
paths `../../`. This makes it very difficult to refactor and organize
tests in folders as the paths change.

[tsconfig-paths](https://www.npmjs.com/package/tsconfig-paths) allows to
reference the source through an alias defined in the "paths" section of
tsconfig.json
2022-08-18 12:23:31 -04:00
Felipe Lalanne
274503feb3 Simplify test commands in package.json
The supervisor used to perform tests both for the transpiled code (after
tsc) and one for the typescript code (using
ts-node/register/transpile-only). There is not really a reason for this
and this added complexity to the test configuration. This used to make
testing harder, as the built code didn't include source maps, meaning
the tests did not point to the right code.

Since we want to split tests in unit and integration tests as the next
test improvement, it makes sense to simplify these commands before
adding more complexity.

Change-type: patch
2022-08-18 12:23:20 -04:00
Christina Wang
12b67742c8 Wait for Stopping services to stop before target apply success
This mitigates an edge case bug introduced in v13.1.3 where services that
are slow to exit may get stuck in a state of Downloaded if a service var is
changed then reverted rapidly. More detailed description in linked issue.

Change-type: patch
Closes: #1991
Signed-off-by: Christina Wang <christina@balena.io>
2022-08-02 14:34:25 -07:00
Felipe Lalanne
861e902d7f Allow directories to be used as lockfiles
Some libraries, like [proper-lockfile](https://www.npmjs.com/package/proper-lockfile)
use directories instead of files for locking. This PR allows the supervisor to be able to
work with those types of locks when lock override is requested.

Closes: #1978
Change-type: patch
2022-07-13 13:05:38 -04:00
Christina Wang
a7a0821a3e Read hostname from config.json with container /etc/hostname as backup
We don't need to read the host's hostname through /mnt/root/etc/hostname,
because the hostname is written to config.json on a change. When the hostname
has never changed, it won't be found in config.json, so we can default to
the Supervisor container's /etc/hostname as it will match the host's
/etc/hostname, the network mode being `host`.

Closes: #1968
Change-type: patch
Signed-off-by: Christina Wang <christina@balena.io>
2022-06-15 11:31:36 -07:00
Christina Wang
dfb6bcf0e6 Add custom DTB support for Variscite Dart DT family
Closes: #1963
Relates-to: https://github.com/balena-os/balena-variscite-mx8/pull/134
Relates-to: https://github.com/balena-io/open-balena-api/issues/1033
Change-type: patch
Signed-off-by: Christina Wang <christina@balena.io>
2022-06-14 11:26:45 -07:00
Christina Wang
ffa1c73418 Better document mocked-dbus, add missing dbus interface methods
Change-type: patch
Signed-off-by: Christina Wang <christina@balena.io>
2022-06-09 11:41:50 -07:00
Christina Wang
be1c01039a Don't use config.get for appId when checking locks in host config PATCH
Change-type: patch
Signed-off-by: Christina Wang <christina@balena.io>
2022-06-06 12:15:23 -07:00
20k-ultra
aad5a9efc5 Use locks before shutdown/reboot instead of stopping containers
Closes: #1940
Change-type: patch
Signed-off-by: 20k-ultra <3946250+20k-ultra@users.noreply.github.com>
2022-06-02 00:31:42 -04:00
20k-ultra
471f0f0615 Refactor update-lock.lock to accept an array of applications to lock
Change-type: patch
Signed-off-by: 20k-ultra <3946250+20k-ultra@users.noreply.github.com>
2022-06-02 00:31:42 -04:00
Christina Wang
6ccd2178c1 Use Mounts API for engine socket feature label
When upgrading to this Supervisor version, containers using the
engine feature label will be restarted.

Relates-to: https://github.com/balena-os/balena-supervisor/pull/1780
Closes: https://github.com/balena-os/balena-engine/issues/220
Closes: #1933
Change-type: major
Signed-off-by: Christina Wang <christina@balena.io>
2022-05-17 23:57:28 +00:00
Christina Wang
2896444988 Log anonymous volumes
Signed-off-by: Christina Wang <christina@balena.io>
2022-05-17 11:08:23 -07:00
Christina Wang
0a9c7282e8 Add compose support for volumes defined with long syntax
balena-compose already supports this, and with this PR, Supervisor can
have the option of using HostConfig.Mounts for internal bind mounts such as
ones added by feature labels. This will be handled in a future PR.

The only blocker to having users use long syntax is adding this feature
to target state. This PR does not add that feature.

Relates-to: https://github.com/balena-os/balena-supervisor/pull/1780
Relates-to: https://github.com/balena-os/balena-engine/issues/220
Relates-to: #1933
Change-type: patch
Signed-off-by: Christina Wang <christina@balena.io>
2022-05-17 11:08:23 -07:00
Felipe Lalanne
c04955354a Use write + sync when writing configs to /mnt/boot
This commit updates all backends that write to /mnt/boot to do it
through a new `lib/host-utils` module. Writes are now done using write +
sync as rename is not an atomic operation in vfat.

The change also applies for writes through the `/v1/host-config`
endpoint.

Finally this change includes some improvements on tests.

Change-type: patch
2022-05-03 11:23:00 -04:00
20k-ultra
5437aea786 Remove in memory storage of started/stopped containers
Change-type: patch
Signed-off-by: 20k-ultra <3946250+20k-ultra@users.noreply.github.com>
2022-04-19 22:27:15 -04:00
20k-ultra
ca9945bdfb Only start a container once in its lifetime
This will ensure the restart policy specified is not violated

Change-type: patch
Closes: #1668
Signed-off-by: 20k-ultra <3946250+20k-ultra@users.noreply.github.com>
2022-04-19 22:27:15 -04:00
Christina Wang
babe10e2a7 Move Supervisor-specific from lockfile.ts to update-lock.ts to
make lockfile module more generic

BASE_LOCK_DIR, LOCKFILE_UID moved to update-lock.ts

Signed-off-by: Christina Wang <christina@balena.io>
2022-04-12 12:02:57 -07:00
Christina Wang
cfd3f03e4a Make lockfile cleanup multi-app aware
When disposing of resources which include Supervisor-created lockfiles,
only dispose of lockfiles for the specified user application.

Signed-off-by: Christina Wang <christina@balena.io>
2022-04-12 12:02:28 -07:00
Christina Wang
e9738b5f78 Modify update lock module to use new lockfile binary and library
Also uninstall lockfile NPM package as we're no longer using it

Signed-off-by: Christina Wang <christina@balena.io>
2022-04-12 12:02:28 -07:00
Christina Wang
51e63ea22b Add lockfile binary and internal lib for interfacing with it
The linked issue describes the Supervisor not cleaning up locks it creates due
to crashing at just the wrong time. After internal discussion we decided to
differentiate Supervisor-created lockfiles from user-created lockfiles by using
the `nobody` UID (65534) for Supervisor-created lockfiles.

As the existing NPM lockfile lib does not allow creating lockfiles atomically
with different UIDs, we move to using the lockfile binary, which is part of the
procmail package. To allow nonroot users to write to lock directories, permissions
are changed to allow write access by nonroot users.

See: https://www.flowdock.com/app/rulemotion/r-resinos/threads/gWMgK5hmR26TzWGHux62NpgJtVl
Change-type: minor
Closes: #1758
Signed-off-by: Christina Wang <christina@balena.io>
2022-04-12 12:02:26 -07:00
20k-ultra
c1b5e58ebd Correctly evaluate downloadProgress when computing current state
Change-type: patch
Closes: #1918
Signed-off-by: 20k-ultra <3946250+20k-ultra@users.noreply.github.com>
2022-04-07 21:21:44 -04:00
Felipe Lalanne
8e40f1c2f5 Ignore unknown image classes on the target state
Starting with v3 state endpoint, the supervisor can receive
service configuration for services that are meant to be installed as
overlays or filesets on the host, as well as configuration for services
that are meant to be installed on the root partition. This commit just
ignores those services from the target state until support is added
2022-03-22 19:28:43 -03:00
Felipe Lalanne
8bf8792583 Only uninstall 'fleet' apps when localMode is set
Local mode is still a device level config. Eventually it will become a
property of an app, but for now, we don't want the supervisor trying to
uninstall supervisor or host app when local mode is set
2022-03-22 19:28:43 -03:00
Felipe Lalanne
f1cd3d367c Cleanup unused methods and dependencies on db ids 2022-03-22 19:28:43 -03:00
Felipe Lalanne
381abeadb9 Refactor current state report to patch v3 state
This change makes the `api-binder/report` module more agnostic
to internal device state implementation details, moving necessary
healthchecks and data filtering to getCurrentForReport in device-state.

This also adds generic functions to perform comparison between current
state reports.
2022-03-22 19:28:36 -03:00
Felipe Lalanne
25e9ab4786 Refactor api-binder as a directory
The role of the api-binder module is to be the intermediary
between the cloud API and the device-state. For this reason it makes sense to
isolate target state retrieval and current state reporting into this
module. This change just moves current state reporting to the directory.
2022-03-22 19:08:03 -03:00
Felipe Lalanne
97f3b2a51e Update types and create methods for reporting v3 state 2022-03-22 19:08:03 -03:00
Felipe Lalanne
5c5483dd3d Rename networks to <appUuid>_<networkName>
This is required as we are phasing out app ids and we need to be able to
get app uuid from the current state of the network. The app-id now
exists as a container in new networks

This commit will restart containers as it needs to recreate the network.
2022-03-22 19:08:03 -03:00
Felipe Lalanne
0835b29874 Add app uuid as metadata to new volumes
We cannot modify older volumes but newly created volumes will contain
app uuid as metadata so they can be migrated at some point in the
future.
2022-03-22 19:08:03 -03:00
Felipe Lalanne
063bd400a4 Convert target state in local endpoints
Convert target state from to v3 in `/v2/local/target-state`. Add tests
for target state conversion
2022-03-22 19:08:03 -03:00
Felipe Lalanne
7425d1110b Add support for GET v3 target state
This change updates types and database format in order to allow
receiving the new format of the target state from the cloud and allow
applications to keep working.

This change also updates metadata in the containers, meaning services
will need to be restarted on supervisor update

Change-type: major
2022-03-22 19:08:02 -03:00
Felipe Lalanne
ccae1f7cb8 Rename aplication manager getStatus as getLegacyState
With the move to v3 target state and the move forward to remove
database ids from the supervisor, we want to ensure the ids are only
used for legacy support (such as within the API). This change renames
the method and sets it as deprecated
2022-03-22 19:08:02 -03:00
20k-ultra
b068c209b0 Moved test setup into file included for all tests
Change-type: patch
Signed-off-by: 20k-ultra <3946250+20k-ultra@users.noreply.github.com>
2022-03-18 18:19:21 -04:00
20k-ultra
2fdb83839c Move report throttle out of reporting logic
Change-type: patch
Signed-off-by: 20k-ultra <3946250+20k-ultra@users.noreply.github.com>
2022-03-15 22:53:34 -04:00
Felipe Lalanne
1b54ce8bfd Ignore selinux security opts when comparing services
The moby engine v20.x.y adds some selinux [security configurations](https://docs.docker.com/engine/reference/run/#security-configuration)
depending on the [container configuration](https://github.com/moby/moby/blob/master/daemon/create.go#L214).
This would cause the supervisor to enter a service restart loop as the
current and target service configurations will never match. The
supervisor now ignores selinux specific security options since those are
not supported by balenaOS.

Closes: #1890
Change-type: patch
2022-02-23 18:12:27 -03:00
Felipe Lalanne
e7ec42fadc Use a breadcrumb to mark that a reboot is required
As changes to config.json may restart the supervisor before it can
trigger the reboot (or something can kill the supervisor before it can run that step),
the supervisor needs a persistent signal that a reboot is required
(instead of the current transient signal).

With this commit, the supervisor will now create a breadcrumb in the
host `/tmp` folder, that will be checked as the last step of the
configuration changes.
2022-02-15 12:52:48 -03:00
Felipe Lalanne
a2d6db1e1d Update signature of fsUtils.getPathOnHost
The function now returns either a string array if it receives multiple
arguments or a single string if it receives a single argument.
2022-02-15 12:52:46 -03:00
Felipe Lalanne
2917f03452 Perform config.json sequentially to other config changes
As config.json changes may restart the engine (and hence the supervisor)
in newer OS versions, this ensures that the supervisor does not get
interrupted while writing to backends.
2022-02-15 12:49:03 -03:00
Felipe Lalanne
118875e12e Fix apiUpdatePollInterval default to line up with API 2022-02-15 12:49:03 -03:00
Felipe Lalanne
a4d91d381a Create touch and getBootTime utility functions
Change-type: patch
2022-02-15 12:49:03 -03:00
Christina Wang
5f1a77da25 Add update lock check to PATCH /v1/device/host-config
This is necessary with the changes as of balenaOS 2.82.6, which watches config.json
and will restart balena-hostname and some other services automatically on file change.

Change-type: patch
Relates-to: #1876
Signed-off-by: Christina Wang <christina@balena.io>
2022-02-14 22:22:00 +00:00
Felipe Lalanne
72f6cbe4c7 Add support for local ipv6 reporting
With more and more devices in ipv6 only networks, this ensures the
local addresses are reported to the cloud as part of the state patch.

Change-type: patch
2022-02-08 19:06:13 -03:00
Felipe Lalanne
f471ad736c Throw if target states gets a 304 without an ETAG
The API uses 304 as a mechanism for load management on target state
requests. This may cause that the supervisor receives a 304 response
without having received a copy of the target state first, leading to
issues. This change checks for an etag when receiving a 304, throwing an
exception otherwise.

Change-type: patch
2022-01-26 11:27:15 -03:00
Felipe Lalanne
d06b8e053e Use dmidecode to read cpuid in non ARM devices
Cpu id is set to null so far for non ARM devices (e.g. Intel NUC). This
parses the output of dmidecode to get the cpu id and system model.

Change-type: patch
2022-01-13 22:49:42 +00:00
Felipe Lalanne
c7fc7aacf8 Use dmidecode to read cpuid in non ARM devices
Cpu id is set to null so far for non ARM devices (e.g. Intel NUC). This
parses the output of dmidecode to get the cpu id and system model.

Change-type: patch
2022-01-06 21:01:53 +00:00
Pagan Gazzard
157fd95196 Increase delta request timeout to 59s to better align with our backends
Change-type: patch
2022-01-18 10:02:13 +00:00
Felipe Lalanne
9c6e5ee11f Remove apps.json after initial preload
This avoids the supervisor trying to get back to the preloaded target
state if the database is deleted by any reason. It does this by moving the
used apps.json to a backup location.

Change-type: patch
Depends-on: #1841
2021-12-13 20:11:42 +00:00
Felipe Lalanne
f6692ab918 Convert target state types to io-ts for better validation
This simplifies target state validation and improves validation
messages.

Change-type: patch
2021-12-02 15:29:37 -03:00
Alexandru Costache
1d1b1aa1bf test: Update extra_uEnv test slugs list
Do so to include the Nano 2GB Devkit device

Signed-off-by: Alexandru Costache <alexandru@balena.io>
2021-11-17 13:48:19 +01:00
Felipe Lalanne
394377e0a1 Fix delete-then-download strategy
The strategy has been broken for a while but it was not clear how to
fix it before the changes to image management. This PR fixes application
manager to remove images before downloading the new image. This will
only have an effect on changing images.

Closes: #1233
Change-type: patch
2021-11-16 16:40:15 -03:00
Felipe Lalanne
7aedc97ee1 Wait for images to be ready before moving between releases
For download-then-kill strategy, this waits for all changing images on the target
release to be available on device before killing the old services. This
will prevent that multicontainer applications get to a state where some
services of the new release start runnning much before others have been
downloaded.

When adding new services to a multicontainer app, the supervisor will
now wait for other changing services to be downloaded before starting
the new service.

Closes: #1812
Change-type: patch
2021-11-11 14:08:36 -03:00
Felipe Lalanne
969f4225e5 Check config for networks and volumes inside Service
This removes the need for the app module to know about the naming
conventions for networks and volumes since those exist now within the
service itself. This also fixes a small bug where the volume would be
removed before the service itself had been successfully stopped.

Change-type: patch
2021-10-28 10:20:53 -03:00
Alexandru Costache
7693f490b4 test: Update extra_uEnv test slugs list
We do this since we added for TX2 NX and
derived device types.

Signed-off-by: Alexandru Costache <alexandru@balena.io>
2021-08-24 07:25:20 +00:00
Felipe Lalanne
298f7f523e Simplify splash test to verify just correct outcomes
Splash tests are a bit flaky. Simplify to reduce chance of false
positives
2021-09-28 14:53:26 -04:00
Felipe Lalanne
aab000209b Add backoff to state reporting when 503 is received
Current state reporting had a backoff when network or inconsistency
errors were found, but not on API errors. This change adds a backoff
using RetryAfter header if present to reduce load on API

Change-type: patch
2021-09-28 14:53:26 -04:00
Alex Gonzalez
1abd10a129 os-release: Use developmentMode to ascertain OS variant in new releases
Newer BalenaOS releases have replaced OS variants for a developmentMode
configuration setting. This commit uses this variable to set the OS
variant in the absence of `VARIANT_ID` from the os-release file.

Change-type: patch
Signed-off-by: Alex Gonzalez <alexg@balena.io>
2021-08-05 09:30:35 +00:00
Kyle Harding
669866b4c2
Skip restarting services if they are part of conf targets
Some recent changes to the OS allowed some services to restart
automatically when the associated config files are changed.

In these cases we want to avoid restarting the same services
manually from the supervisor.

Change-type: patch
Signed-off-by: Kyle Harding <kyle@balena.io>
2021-08-24 14:03:55 -04:00
Felipe Lalanne
104a8006fb Update apiSecret table to id services by name
It adds a migration replacing the serviceId column by serviceName and
populates serviceNames from services in the target state.
2021-07-28 09:57:38 -04:00
Felipe Lalanne
50aab3ba78 Update tests removing dependency on db ids 2021-07-28 09:57:38 -04:00
Felipe Lalanne
f1bd4b8d9b Use tags to track supervised images in docker
The image manager module now uses tags instead of docker IDs as the main
way to identify docker images on the engine. That is, if the target
state image has a name `imageName:tag@digest`, the supervisor will always use
the given `imageName` and `tag` (which may be empty) to tag the image on
the engine after fetching. This PR also adds checkups to ensure
consistency is maintained between the database and the engine.

Using tags allows to simplify query and removal operations, since now
removing the image now means removing tags matching the image name.

Before this change the supervisor relied only on information in the
supervisor database, and used that to remove images by docker ID. However, the docker
id is not a reliable identifier, since images retain the same id between
releases or between services in the same release.

List of squashed commits
- Remove custom type NormalizedImageInfo
- Remove dependency on docker-toolbelt
- Use tags to traack supervised images in docker
- Ensure tag removal occurs in sequence
- Only save database image after download confirmed

Relates-to: #1616 #1579
Change-type: patch
2021-07-26 09:52:25 -04:00
Felipe Lalanne
357d1baf61 Fix db-helper module for tests
The previous module was using `rewire` to get the knex instance from the
db module but that was leading to issues when running tests using `test:fast`.
This provides a fix for the test module that just removes the destroy
call entirely (it turns out it is not necessary).

Change-type: patch
2021-07-08 14:43:13 -04:00
Christina Wang
17e740a4ba
Allow users to override HUP lock if device is stuck in invalid state
This functionality is needed when breadcrumbs aren't deleted after a HUP
rollback for whatever reason. Also rename HUP lock function.

Change-type: patch
Connects-to: #1459
Signed-off-by: Christina Wang <christina@balena.io>
2021-07-08 12:43:32 +09:00
Felipe Lalanne
e04e64763f Improve testing for supervisor composition modules
This PR cleans up testing for supervisor compose modules. It also fixes broken
tests for application manager and removes a lot of dependencies for those tests
on DB and other unnecessary mocks. There are probably a lot of cases that tests
are missing but this should make writing new tests a lot easier.

This PR also creates a new mock dockerode (mockerode) module that should make it
easier to test operations that interact with the engine. All references
to the old mock-dockerode have not yet been removed but that should come
soon in another PR

List of squashed commits:
- Add tests for network create/remove
- Move compose service tests to test/src/compose and reorganize test descriptions
- Add support for image creation to mockerode
- Add additional tests for compose volumes
- Update mockerode so unimplemented fake methods throw. This is to ensure
  tests using mockerode fail if an unimplemented method is used
- Update tests for volume-manager with mockerode
- Update tests for compose/images
- Simplify tests using mockerode
- Clean up compose/app tests
- Create application manager tests

Change-type: minor
2021-07-05 17:50:52 -04:00
Christina Wang
a9028e58ec
Prevent updates/reboots with locks when HUP breadcrumbs present
On HUP, some healthceck services need to complete before
it's safe for the Supervisor to reboot the device when
applying state changes. rollback-{health|altboot}-breadcrumb
are the two files that Supervisor looks for and locks the device
on when present in this patch.

Not closing issue 1459 because there is a possible case where,
on altboot rollback, the breadcrumbs are not present. 1459
may be closed when this edge case is investigated.

Change-type: patch
Connects-to: #1459
See: https://www.flowdock.com/app/rulemotion/r-supervisor/threads/cL7YfNOLSfTPfw05h59GEW0kfOt
Signed-off-by: Christina Wang <christina@balena.io>
2021-06-30 13:27:03 +09:00
Pagan Gazzard
ee4d919fca Improve target state typings
Change-type: patch
2021-06-08 13:45:44 +01:00
Miguel Casqueira
ab4fb454e0 Refactor debug log when unmanaged volume is found
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2021-06-02 13:07:24 -04:00
Miguel Casqueira
55a344dceb Prevent a recursive loop when reporting current state
Closes: #1673
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2021-05-28 16:20:27 -04:00
Christina Wang
5004cc5fd2
Add SUPERVISOR_HARDWARE_METRICS to config documentation
Signed-off-by: Christina Wang <christina@balena.io>
2021-05-13 14:47:15 +09:00
Christina Wang
dcd863eed8
Add toggleable SUPERVISOR_HARDWARE_METRICS config
On devices with bandwidth sensitivity, this config var
disables sending system information such as memory
usage or cpu temp as current state.

Closes: #1645
Change-type: minor
Signed-off-by: Christina Wang <christina@balena.io>
2021-05-13 13:59:07 +09:00
Christina Wang
ea3e50e96e
Create & unify src/device-state/current-state tests
Signed-off-by: Christina Wang <christina@balena.io>
2021-05-12 18:33:01 +09:00
Christina Wang
39601473c0
Fix undervoltage regex, add undervoltage tests, move sysinfo suite to test/src
Signed-off-by: Christina Wang <christina@balena.io>
2021-05-12 18:33:01 +09:00
Christina Wang
62375c907f
Upgrade mocha to v8, use mocha fixtures for chai plugins
Remove chai-events and add explicit chai devDependency

Change-type: patch
Signed-off-by: Christina Wang <christina@balena.io>
2021-05-12 17:10:57 +09:00
Pagan Gazzard
74ae31fcfd Simplify/optimize filtering non-significant sys info changes
Change-type: patch
2021-05-06 10:59:49 +00:00
Kyle Harding
5faf9d7686 Rename resin-supervisor to balena-supervisor
Change-type: minor
Signed-off-by: Kyle Harding <kyle@balena.io>
2021-05-06 17:05:25 +00:00
Felipe Lalanne
5197a1330d Show warning instead of exception for invalid network config
A previous PR (#1656) fixed validation for network ipam config,
checking that both network and subnet are defined for each ipam config entry
(as described in the docker documentation).

After that PR, the validations throws an exception if the network target state is incorrect,
but this turns out to be the wrong approach, because that exception is also triggered
when querying target state.

This isn't a problem in normal operation, but it is in local mode, because local
mode queries the old target state before sending a new one. Since the query fails,
the CLI can never push the new target state.

This PR replaces the exception with a warning on the logs, since a
misconfigured network won't cause any engine failures, it will just
prevent containers to communicate through the provided network.

A future improvement should move this validation to an earlier point in the process,
so the target state can get rejected before it even gets to a point it
can be used.

Relates-to: #1693
Change-type: patch
2021-05-06 16:27:40 -04:00
quentinGllmt
1408fd7bcb Fix parsing driver_opts from compose to docker network creation
Change-type: patch
Signed-off-by: quentinGllmt <quentin@quentingllmt.fr>
2021-05-06 16:50:11 +02:00
Pagan Gazzard
9e52bb33ac Update balena-register-device and send extra info at provision time
This extra info will mean the API is able to immediately set default
config vars based on the os/supervisor version so that they are
available on the first target state fetch rather than having a delay
whilst waiting for the supervisor to report them as part of a state
patch

Update balena-register-device from 6.1.6 to 7.2.0

Change-type: patch
2021-04-29 13:44:30 +00:00
Christina Wang
4a2ac557ef
Remove mz, mkdirp, body-parser dependencies
'mz' can be safely replaced with fs.promises
and util.promisify for faster native methods.
'mkdirp' after Node v8 uses native fs.mkdir, thus
is redundant. 'body-parser' is deprecated and
contained within express v4.x.

Closes: #1567
Change-type: patch
Signed-off-by: Christina Wang <christina@balena.io>
2021-04-28 07:20:15 +09:00
Felipe Lalanne
95fb568aae Bump dockerode types to 2.5.34
This commit updates dockerode types to the latest 2.x version, removing the need
for custom composer types for network.

This commit also modifies network tests to use the new types

Change-type: minor
2021-04-27 13:00:56 -04:00
Felipe Lalanne
c70aedf044 Fix mock dockerode module
Tests using the mock `testWithData` method were not restoring the dockerode
prototype to the default values, making some tests behave differently
when run individually that when run with the suite.

This commit fixes the `testWithData` method and some malfunctioning v1
API tests because of the change. It doesn't fix all the tests
2021-04-27 13:00:56 -04:00
Miguel Casqueira
e6eda0fca7 Refactor extra_uEnv to not match with intel nuc
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2021-04-14 01:20:26 -04:00
Vipul Gupta (@vipulgupta2048)
50a2f3d313 patch: Fix the sysInfo.getCpuId() test
Signed-off-by: Vipul Gupta (@vipulgupta2048) <vipul@balena.io>
2021-04-13 03:19:46 +05:30
Felipe Lalanne
fdb37191e7 Fix broken IPAM network validation
Network validaton was failing to identify a bad IPAM network
configuration leading to supervisor failures (see #1618)

Change-type: patch
Closes: #1618
2021-04-09 17:49:09 -04:00
Felipe Lalanne
d0762298a5 Update mocha options for recursive test lookup
Mocha will now recursively lookup *.spec.ts files under the `test/` folder
2021-04-09 13:02:29 -04:00
Miguel Casqueira
6860c50646 Skip localmode test suite
These tests have been failing and prevent new tests from passing

Signed-off-by: Miguel Casqueira <miguel@balena.io>
2021-04-08 17:34:27 -04:00
Miguel Casqueira
204475d3dc Improved mutable (/data) file system detection
Change-type: patch
Closes: #1609
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2021-04-08 17:34:27 -04:00
Christina Wang
31effed426 Prevent unintended image removal when calling purge endpoints to remove volumes
Using safeStateClone within doPurge to applyIntermediateTarget after
successful volume purge has led to various type deficiencies being revealed
in common.js. Add several inline types in common.js to satisfy
the type checker (credit: Page <page@balena.io>). Delete common.d.ts
since it's not required and might mistakenly mask true I/O types of
functions in common.js.

Closes: #1611
Change-type: patch
Signed-off-by: Christina Wang <christina@balena.io>
2021-04-05 12:10:09 +00:00
Miguel Casqueira
ecbe9ee9f9 Patch list volumes to always return an array
Change-type: patch
Closes: #1636
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2021-04-01 20:31:09 -04:00
Matthew McGinn
f9a157c9ec typos: seperate -> separate
mainly to get the docs one, but figured i could hit them all

Change-type: patch
Signed-off-by: Matthew McGinn <matthew@balena.io>
2021-03-17 14:27:53 -04:00
Miguel Casqueira
183ea88a2a Infer legacy Volumes that do not have the supervised label
Change-type: patch
Closes: #1604
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2021-03-15 19:46:53 -04:00
Christina Wang
8948bde02a
Merge branch 'master' into v1-healthcheck-stub-fix 2021-02-19 11:07:33 +09:00
Miguel Casqueira
ec23d1d371 Refactor checkTruthy to return more predictable values
Change-type: patch
Closes: #1595
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2021-02-18 12:36:42 -05:00
Christina Wang
2953f313e6
Call restore for each healthcheck stub in v1 tests
Signed-off-by: Christina Wang <christina@balena.io>
Change-type: patch
2021-02-18 20:22:41 +09:00
Christina Wang
4e206e9c1a
Complete POST /v1/purge unit tests
Connects-to: #1327
Signed-off-by: Christina Wang <christina@balena.io>
2021-02-18 12:25:44 +09:00
Christina Wang
b3b1d47b34
Complete /v1/device/host-config unit tests, modify PATCH route
Change-type: minor
Signed-off-by: Christina Wang <christina@balena.io>
2021-02-18 12:25:44 +09:00
Christina Wang
f748c1a8e7
Add POST /v1/regenerate-api-key unit tests
Signed-off-by: Christina Wang <christina@balena.io>
2021-02-18 12:25:44 +09:00
Christina Wang
6e5c553c3f
Write POST /v1/blink unit test
Signed-off-by: Christina Wang <christina@balena.io>
2021-02-18 12:25:43 +09:00
Robert Günzler
f009d3a3e9
Fix gpu label support
The device request object was created with untouched fields left unset. When
comparing state to determine if a transition is required this would
result in a mismatch between:

    {
      Driver: '',
      Count: 1,
      DeviceIDs: null,
      Capabilities: [Array],
      Options: null
    }

and

    {
      Count: 1,
      Capabilities: [Array],
    }

Which in turn resulted in the target service being continously restarted.
The fix is to instantiate the object in full.

Connects-to: https://github.com/balena-io/balena-supervisor/issues/1449
Connects-to: ae646a07ec
Change-type: patch
Signed-off-by: Robert Günzler <robertg@balena.io>
2021-02-09 11:27:03 +01:00
Miguel Casqueira
ba1c857c4f Cancel pending apply target after /v1/update request
Closes: #1530
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2021-01-20 22:21:14 -05:00
Felipe Lalanne
4aa8090a56 Add support for BALENA_HOST_SPLASH_IMAGE config
Setting this this variable to a base64 encoded string will replace the splash
image on the device by rewriting `/mnt/boot/splash/balena-logo.png`.
This will also make a copy of the default balena logo so the splash can
be restored if the variable is removed.

Change-type: minor
Signed-off-by: Felipe Lalanne <felipe@balena.io>
2021-01-06 15:11:31 -03:00
Felipe Lalanne
e66a775c15 Move required configuration check to Backend
The `ensureRequiredOverlay` function is currently ran for any backend,
at this moment this causes no issue, since most configuration backends
are defined per single device type. However, with the option to modify splash
images, which is available for all device types, the function would add
unwanted configuration vars to the splash image configuration. Moving it
to the config txt backend solves this issue.
2021-01-05 18:30:07 -03:00
Felipe Lalanne
4cdf26f82f Improve supervisor API behavior when locks are set
This PR adds the following

* Supervisor v1 API application actions now return HTTP status code 423 when locks
  are preventing the action to be performed. Previously this resulted in a
  503 error
* Supervisor API v2 service actions now returns HTTP status code 423 when locks are
  preventing the action to be performed. Previously, this resulted in an
  exception logged by the supervisor and the API query timing out
* Supervisor API `/v2/applications/:appId/start-service` now does not
  check for a lock. Lock handling in v2 actions is now performed by each
  step executor
* `/v1/apps/:appId/start` now queries the target state and uses that
  information to execute the start step (as v2 does). Previously start
  resulted in `cannot get appId from undefined`
* Extra tests for API methods

Change-type: patch
Connects-to: #1523
Signed-off-by: Felipe Lalanne <felipe@balena.io>
2020-12-14 10:43:41 -03:00
Miguel Casqueira
8b37df492b Patched /v1/restart exception
Change-type: patch
Closes: #1509
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-11-30 15:42:49 -05:00
Miguel Casqueira
7a4473f65b Added test case for /v1/restart API
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-11-30 15:42:49 -05:00
Miguel Casqueira
733a2c5dc0 Consolidated Supervisor API tests into clearer files
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-11-30 15:42:49 -05:00
Rich Bayliss
02aeb4fc1c fix: Scoped keys breaking livepush with existing cloud images on the device
Closes: #1512
Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
2020-11-16 12:55:40 -05:00
Felipe Lalanne
e4e895630f Ensure the first target state request is applied
During first time run of the supervisor, the target state is queried
by `reportInitialEnv`. Since this happens early on the initialization
process, this target state report is missed by any listeners and this
can lead to the initial target state not beeing applied (see #1455).

This PR ensures that target state is re-emitted if there were no
listeners setup on call to update.

Change-type: patch
Signed-off-by: Felipe Lalanne <felipe@balena.io>
Connects-to: #1455
2020-11-13 10:19:27 -03:00
Rich Bayliss
591598e102
fix: Scoped keys not working in LocalMode
Some endpoints filter data based on the scope of the API key
used to make the request. When in LocalMode the check was not
being made correctly and all apps were considered out of scope.

Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
2020-11-11 10:58:58 +00:00
Cameron Diver
f08316dc57 Allow storing commits against their appIds
This paves the way for running multiple applications and storing
information related to the application against the application itself. A
couple of hacks have been added to v1 and v2 endpoints to maintain
compatability but these should eventually be removed with the addition
of a v3 api.

Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-11-10 10:50:08 +00:00
Miguel Casqueira
cd0d53c39d Add more test coverage for compose/images
Closes: #1492
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-11-03 13:08:41 -05:00
Felipe Lalanne
01477e41b8 Mount docker socket under /host/run for services
Currently, when the label `io.balena.features.balena-socket` is set,
the balena engine socket is mounted under `/run/balena-engine.sock`.

This causes a problem when using systemd inside the container, since
this service remounts `/run` and `/run/lock` as tmpfs, causing the
socket to become unavailable.

Making a mount of the socket into `/host/run` solves this issue. This is
the same approach taken with DBUS.

Change-type: patch
Signed-off-by: Felipe Lalanne <felipe@balena.io>
Connects-to: #1494
2020-10-29 15:54:31 -03:00
Cameron Diver
9d19a45701 Use root mount point to find device-type.json
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-10-28 13:03:40 +00:00
Felipe Lalanne
f5183df356 Change source of deviceType to device-type.json
The source of truth for the device-type should be
device-type.json instead of config.json

Change-type: patch
Signed-off-by: Felipe Lalanne <felipe@balena.io>
Connects-to: #1472
2020-10-27 09:40:18 -03:00
Miguel Casqueira
77333f1e11 Fixed evaluating if updates are needed to reach target state
Closes: #1476
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-10-26 14:54:04 -04:00
Felipe Lalanne
dd5f62227a Improve calculation for used system memory
The memory information reported by the supervisor currently
estimates the value of used memory as `MemTotal - MemFree`.
However, linux systems will try to cache and buffer as much
memory as possible, which will affect the output of `MemFree`
(from /proc/meminfo) and in consequence the memory usage seen
by the user on the dashboard, which will appear much greater than
it is.

The correct calculation should be `MemTotal - MemFree - Buffers - Cached`,
which the calculation performed by `htop` and the `free` commands.

Change-type: patch
Signed-off-by: Felipe Lalanne <felipe@balena.io>
Connects-to: #1471
2020-10-14 13:15:17 -03:00
Cameron Diver
a2ceb5c931 Refactor system information filtering
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-10-12 15:44:07 +01:00
Cameron Diver
9e0c99e797 tests: Clean up and consistify naming scheme
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-10-12 14:41:21 +01:00
Cameron Diver
975129188a Remove superfluous current state reporting code from api-binder
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-10-12 11:53:19 +01:00
Matthew McGinn
8e65466f2d version: drop SUPERVISOR_VERSION env var
In order to make supervisor upgrades more transparent, lets move away
from this env var since it requires a container restart any time the supervisor
is upgraded. We should ultimately move towards providing the supervisors
set of capabilities, but that can come later

Connects-to: #1447
Change-type: major
Signed-off-by: Matthew McGinn <matthew@balena.io>
2020-09-29 11:22:30 -04:00
Felipe Lalanne
a5f3002e70 Fix config checks for ConfigFS backend
When trying to apply SSDT overlays in Up Board, the supervisor currently
gets stuck in a loop trying to apply target state. See #1465

This was due to a bug in parsing the configuration, which lead to
the method bootConfigChangeRequired returning true when no change was
needed.

Change-type: patch
Signed-off-by: Felipe Lalanne <felipe@balena.io>
Connects-to: #1465
2020-09-24 16:45:57 -03:00
Rich Bayliss
c08de8701e api: Implement scoped Supervisor API keys
Each service, when requesting access to the Supervisor API, will
now get an individual key which can be scoped to specific resources.
In this iteration the default scope will be to the application that
the service belongs to.

We also have a `global` scope which is used by the cloud API when in
managed mode.

Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
2020-09-17 11:25:56 +00:00
Miguel Casqueira
07e644d0b6 Refactor extra_uEnv backend to match with more devices
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-09-15 14:19:59 -04:00
Rich Bayliss
96c68166a1
application-manager: Convert to a singleton
Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-09-14 11:23:36 +01:00
Rich Bayliss
e3864915bc
device-state: Convert to a singleton
Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-09-14 09:31:12 +01:00
Rich Bayliss
d50f7791e1
api-binder: Convert to a singleton
Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-09-14 09:31:12 +01:00
Miguel Casqueira
662826d349 added support for configuring ODMDATA
Closes: 1206
Change-type: minor
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-08-29 09:05:27 -04:00
Miguel Casqueira
7ea49bf4fb Preventing removing all configurations if device has no backends
Closes: #1437
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-08-24 13:41:17 -04:00
Cameron Diver
de4c1b2538 Don't enforce the vc4-fkms-v3d dtoverlay on rpi4
Change-type: patch
Closes: #1404
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-08-20 10:21:02 +01:00
Pagan Gazzard
379730a9e1 Update typed-error to 3.x
Update typed-error from 2.0.0 to 3.2.1

Change-type: patch
2020-08-19 10:07:54 +01:00
Miguel Casqueira
1d62209505 Refactor device-config to support configuring multiple backends
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-08-12 15:05:03 -04:00
Miguel Casqueira
ff404456b3 Refactor configurable backend class names
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-08-12 14:29:58 -04:00
Rich Bayliss
5aecd94e24
bug: Firewall not blocking supervisor access from outside the device
Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
2020-08-12 13:43:33 +01:00
Rich Bayliss
e9b536a889
bug: Allow DNS through firewall for local containers
We provide a local DNS server for containers to use and this
was not allowed through the firewall when enabled.

Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
2020-08-11 15:17:06 +01:00
Pagan Gazzard
511cbbe74e Update pinejs-client-request and make use of a named key
Update pinejs-client-request from 7.0.0 to 7.1.0

Change-type: patch
2020-08-03 09:27:11 +00:00
Nitish Agarwal
11cac2dd69 Fixes #1299 v1 start/stop endpoint issue with service access.
Change-Type: patch
Signed-off-by: Nitish Agarwal <1592163+nitishagar@users.noreply.github.com>
2020-07-31 23:08:50 +05:30
Miguel Casqueira
0999f57fa8 fix duplicate test file index
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-07-30 14:07:00 -04:00
Miguel Casqueira
9b37ce96f9 fix matching extra_uEnv backend with unsupported devices
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-07-30 14:04:37 -04:00
Matthew McGinn
15c57a86b4
fix up "atleast" -> "at least"
Change-type: patch
Signed-off-by: Matthew McGinn <matthew@balena.io>
2020-07-29 11:55:22 -04:00
Miguel Casqueira
cac2e3612c Support setting device/fleet configuration in extra_uEnv.txt
Closes: #1385
Change-Type: minor
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-07-28 16:36:16 -04:00
Pagan Gazzard
eeda7e3ab1 Extract current state reporting to its own module
Change-type: minor
2020-07-24 17:35:17 +01:00
dt-rush
41987d8e76 log detection of changes to VPN status
Change-type: patch
Signed-off-by: dt-rush <nickp@balena.io>
2020-07-23 19:20:59 -04:00
Rich Bayliss
6ef3bd2362
docker-utils: Test network gateway determination logic
Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
2020-07-22 13:17:16 +01:00
Rich Bayliss
898c7e71da
bug: Fix unhandled promise rejection
When invoking iptables-restore it can fail. This wasn't handled
and this makes sure that it fails gracefully.

Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
2020-07-13 13:05:12 +01:00
Cameron Diver
5337c0102c Convert deviceConfig module to a singleton
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-07-08 12:05:09 +01:00
Cameron Diver
03ca0ee9ad
avahi: Control with HOST_DISCOVERABILITY
The host config variable HOST_DISCOVERABILITY can be set to
true or false, controlling the state of the avahi service. This
determines if the device advertises it's presence over mDNS.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
Signed-off-by: Rich Bayliss <rich@balena.io>
2020-07-06 13:02:29 +01:00
Rich Bayliss
28c5a44e71
firewall: Add Host Firewall functionality
Controlled by BALENA_HOST_FIREWALL_MODE, the firewall can
either be 'on' or 'off'.

- In the 'off' state, all traffic is allowed.
- In the 'on' state, only traffic for the core services provided
  by Balena is allowed.

Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
2020-07-01 18:43:08 +01:00
Miguel Casqueira
59fc589eb2 Added support for configuring FDT directive in extlinux.conf
Change-type: minor
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-06-23 15:56:10 -04:00
Miguel Casqueira
3098abeca5 Refactor backends into seperate files and added tests for extlinux
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-06-23 15:56:10 -04:00
Miguel Casqueira
7a27b6c671 Refactor device-config tests styling
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-06-23 15:56:10 -04:00
Rich Bayliss
1b91ef3405
state: Report device MAC address to the API
When reporting device information, send the MAC address of any
interfaces on the system. Also expose in the Supervisor API at
the route GET /v1/device.

Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
2020-06-22 10:41:06 +01:00
Cameron Diver
0e8d92e08a Make service-manager module a singleton
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-06-17 14:56:57 +00:00
Cameron Diver
adaad786af Make volume-manager module a singleton
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-06-17 14:56:57 +00:00
Cameron Diver
8fc97b9de8 Make network-manager module a singleton
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-06-17 14:56:57 +00:00
Akis Kesoglou
1dccbaecd8 Use API v6
See: https://github.com/balena-io/open-balena/issues/80
Change-type: minor
2020-06-15 13:57:32 +03:00
Robert Günzler
ae646a07ec Add label to expose gpu to container
In the absence of an upstream implementation of the DeviceRequest API introduced
as part of Docker API v1.40 we roll our own using a feature label.

As per my comment in the code, we fall back to the default behavior of
docker cli's `--gpu` and request single device with the `gpu` capabilty.
The only implementation at the moment is the NVIDIA driver; here:
https://github.com/balena-os/balena-engine/blob/master/daemon/nvidia_linux.go

Background on the composefile implementation:
https://github.com/compose-spec/compose-spec/issues/74
https://github.com/docker/compose/issues/6691

Change-type: patch
Connects-to: https://github.com/balena-os/balena-jetson/pull/75
Signed-off-by: Robert Günzler <robertg@balena.io>
2020-06-11 14:06:16 +02:00
Cameron Diver
b31d5007fb Move database app processing out to its own module
This is part of the work to make the application-manager module much
less monolithic, in preperation for system apps and more generally
multi-app.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-06-11 11:55:11 +01:00
Cameron Diver
2b3dc2fbce Make images module a singleton
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-06-10 11:29:28 +01:00
Miguel Casqueira
ffe814e447 Refactored @ts-ignore to @ts-expect-error in test file
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-06-08 13:24:19 -04:00
Cameron Diver
651e48b1bd Make logger module a singleton
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-06-08 17:19:20 +01:00
Cameron Diver
389e14ec6b Make the event-tracker module a singleton
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-06-08 10:13:33 +01:00
Miguel Casqueira
9fc2e86322 Convert all test files to TS and add .spec to all filenames
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-06-05 18:34:24 -04:00
Pagan Gazzard
17a5d8dd49 Isolate target state fetching to its own module which emits on update
Change-type: minor
2020-06-03 17:37:38 -04:00
Cameron Diver
aad20e2c2f Make docker module a singleton
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-06-02 17:57:18 +01:00
Cameron Diver
ff4a31a0e6 Make the config module a singleton
Change-type: patch
Co-authored-by: Pagan Gazzard <page@balena.io>
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-06-02 14:29:05 +01:00
Miguel Casqueira
5550a3a330 Refactor device-state healthchecks to log reason for failure
Closes: #1292
Change-type: minor
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-29 16:24:01 -04:00
Miguel Casqueira
ef83acdaeb Refactor api-binder healthchecks to log reason for failure
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-29 16:14:58 -04:00
Miguel Casqueira
f494178b2b Added test coverage for GET /v1/healthy
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-29 16:14:15 -04:00
Cameron Diver
1d7381327e Make the db module a singleton
We were treating the database class as a singleton, but still having to pass
around the db instance. Now we can simply require the db module and have
access to the database handle.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-05-29 15:02:38 +01:00
Cameron Diver
eaaa9c257e check for 409 status code, rather than string matching uuid conflicts
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-05-21 14:57:26 -04:00
Miguel Casqueira
db7c27037c Improved handling of invalid appId in V2 state endpoint
Closes: #1294
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-19 10:53:19 -04:00
Miguel Casqueira
466c7999db Remove CoffeeScript tests and all CoffeeScript tools
Closes: #1318
Change-Type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-15 13:01:51 -04:00
Pagan Gazzard
758f3caa48 Update to @balena/lint 5.x
Change-type: patch
2020-05-15 12:08:42 +01:00
Miguel Casqueira
838c1ebba4 Correctly check if value is a valid Integer
Closes: #1180
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-12 12:42:14 -04:00
Miguel Casqueira
8295858b32 Added endpoint to check if VPN is connected
Change-type: minor
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-11 21:21:44 -04:00
Miguel Casqueira
f6aa4dd015 Fixed stubs for test suite
Closes: #1280
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-11 18:16:22 -04:00
Pagan Gazzard
913418bb37 Remove unnecessary config.json keys
Change-type: patch
2020-05-08 12:56:42 +01:00
Miguel Casqueira
60c07fc2fc Move SupervisorAPI state change logs to appropriate functions
Closes: #1277
Change-type: patch
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-07 13:48:12 -04:00
Cameron Diver
31957566e5 Remove legacy fallback to DROP rule in iptables
This has not been necessary for a long time, and wwe can now remove it.

Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-05-05 12:15:19 +01:00
Cameron Diver
7b1f03ced5 Add an ESTABLISHED flag to API iptables rules
This allows a response to an input with dport=`supevisor api port` and
is required when the host OS is doing stateful firewalling.

This should not affect things when stateful firewalling is not in
effect, as the standard OUTPUT chain policy is ACCEPT, so we're just
being explicit about it.

Change-type: patch
Backport-to: next, current, sunset
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-05-05 12:15:12 +01:00
Miguel Casqueira
2007a98940 Added Bearer Authorization spec
Closes: #1249
Change-type: minor
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-04 13:22:58 -04:00
Miguel Casqueira
698435a5c8 Added spec for current auth implementation
Signed-off-by: Miguel Casqueira <miguel@balena.io>
2020-05-04 10:49:09 -04:00
Cameron Diver
a43d71d1ac 📄 Upgrade knex to avoid CVE-2019-10757
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-04-15 13:37:50 +01:00
Cameron Diver
37feb7e325 Move from dbus-native to dbus
Closes: #1049
Change-type: patch
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-04-13 10:07:14 +01:00
Cameron Diver
c9c0e650cb Support matching on device type within contracts
Closes: #1191
Change-type: minor
Signed-off-by: Cameron Diver <cameron@balena.io>
2020-04-09 10:45:07 +01:00
Pagan Gazzard
a59af6abe8 Workaround a circular dependency
Change-type: patch
2020-04-08 17:40:39 +01:00