From ff689a47e300e1c26ef56ca2c58ddc6b18536b76 Mon Sep 17 00:00:00 2001 From: "flowzone-app[bot]" <124931076+flowzone-app[bot]@users.noreply.github.com> Date: Tue, 23 Apr 2024 16:52:18 +0000 Subject: [PATCH] v3.8.3 --- .versionbot/CHANGELOG.yml | 491 +++++++++++++++++++++++++------------- CHANGELOG.md | 5 + VERSION | 2 +- 3 files changed, 329 insertions(+), 169 deletions(-) diff --git a/.versionbot/CHANGELOG.yml b/.versionbot/CHANGELOG.yml index 010d0cd..57d608d 100644 --- a/.versionbot/CHANGELOG.yml +++ b/.versionbot/CHANGELOG.yml @@ -1,3 +1,15 @@ +- commits: + - subject: "flowzone.yml: Prevent duplicate workflow executions" + hash: 8224f0826fcf44f5da1729af803de5e138fbcdc2 + body: "" + footer: + Change-type: patch + change-type: patch + author: Kyle Harding + nested: [] + version: 3.8.3 + title: "" + date: 2024-04-23T16:52:00.570Z - commits: - subject: "docs: Fix typo in README" hash: 5114f9615b771ef5b942b2376e859102e4d92e99 @@ -172,12 +184,13 @@ - subject: Extend migrator to support upgrading between versioned data directories hash: a569d60ceba85f65664ac48e165c295f7627dbf0 body: > - The migrator previously would only migrate data stored directly under - PGDATA (as was the case in previous versions of this project - before switching to versioned directories). + The migrator previously would only migrate data stored directly + under PGDATA (as was the case in previous versions of this + project before switching to versioned directories). - This adds support for upgrading between versioned data directories as well. + This adds support for upgrading between versioned data + directories as well. footer: Change-type: minor change-type: minor @@ -430,9 +443,10 @@ - subject: Fix configuration for non-BoB deployments hash: be5d9722d47b65ca511cfb66ab13ed1f3ddff372 body: > - The default value on the BALENA_DEVICE_UUID variable forced all code paths - that used to run optionally depending on whether - deployment was on a balenaOS device to run. + The default value on the BALENA_DEVICE_UUID variable + forced all code paths that used to run optionally + depending on whether deployment was on a balenaOS device + to run. footer: Change-type: patch change-type: patch @@ -458,21 +472,27 @@ - subject: Auto-configure balenaMachine(bob) hash: efb8da155b7bedec44558dfcd55cb6b535099c01 body: > - + allows balenaMachine(s)/BoB(s) to automatically configure itself - (without bob-cli) + + allows balenaMachine(s)/BoB(s) to automatically + configure itself (without bob-cli) - + auto-configuration requires balena-ca and cert-manager to do the heavy lifting prior + + auto-configuration requires balena-ca and cert-manager + to do the heavy lifting prior - + corresponding [balena-on-balena PR](https://github.com/balena-io/balena-on-balena/pull/261) + + corresponding [balena-on-balena + PR](https://github.com/balena-io/balena-on-balena/pull/261) - * refactor confd.service to include both root-ca and host-envvars handling + * refactor confd.service to include both root-ca and + host-envvars handling - * add systemd path watcher to restart confd if keys/certs change during runtime + * add systemd path watcher to restart confd if + keys/certs change during runtime - * store stack configuration available to all services in a persistent/shared volume (/balena) + * store stack configuration available to all services in + a persistent/shared volume (/balena) - * change resolver order to dns => mdns (ipv4) => mdns (ipv6) => return + * change resolver order to dns => mdns (ipv4) => mdns + (ipv6) => return * configure API key and JOSE/JWT key id @@ -729,7 +749,8 @@ body: > * TOKEN_AUTH_REALM => REGISTRY2_TOKEN_AUTH_REALM - * REGISTRY2_TOKEN_AUTH_REALM is the new name for BALENA_TOKEN_AUTH_REALM + * REGISTRY2_TOKEN_AUTH_REALM is the new name for + BALENA_TOKEN_AUTH_REALM footer: Change-type: patch change-type: patch @@ -753,10 +774,12 @@ - subject: Add parallel HOSTs and env vars hash: 7ef7a8e470f195afec8a104e837f901c9f0d1044 body: > - * allows removal of BALENA_ prefixes across all products and services - (aside from reserved within balenaOS/Supervisor) + * allows removal of BALENA_ prefixes across all products + and services (aside from reserved within + balenaOS/Supervisor) - * made balena-root-ca service a dependency of confd.service + * made balena-root-ca service a dependency of + confd.service footer: Change-type: patch change-type: patch @@ -1306,9 +1329,10 @@ - subject: Fix configuration for non-BoB deployments hash: be5d9722d47b65ca511cfb66ab13ed1f3ddff372 body: > - The default value on the BALENA_DEVICE_UUID variable forced all code paths - that used to run optionally depending on whether - deployment was on a balenaOS device to run. + The default value on the BALENA_DEVICE_UUID variable + forced all code paths that used to run optionally + depending on whether deployment was on a balenaOS device + to run. footer: Change-type: patch change-type: patch @@ -1322,7 +1346,8 @@ - subject: Update open-balena-base to 12.1.0 hash: 432ca3b725e69bdb3927ebf2d0524dba19ece143 body: > - * refactor CERT_FILE handling and location to prevent notify collisions + * refactor CERT_FILE handling and location to prevent notify + collisions * add Docker healthcheck @@ -1337,21 +1362,27 @@ - subject: Auto-configure balenaMachine(bob) hash: efb8da155b7bedec44558dfcd55cb6b535099c01 body: > - + allows balenaMachine(s)/BoB(s) to automatically configure itself - (without bob-cli) + + allows balenaMachine(s)/BoB(s) to automatically + configure itself (without bob-cli) - + auto-configuration requires balena-ca and cert-manager to do the heavy lifting prior + + auto-configuration requires balena-ca and cert-manager + to do the heavy lifting prior - + corresponding [balena-on-balena PR](https://github.com/balena-io/balena-on-balena/pull/261) + + corresponding [balena-on-balena + PR](https://github.com/balena-io/balena-on-balena/pull/261) - * refactor confd.service to include both root-ca and host-envvars handling + * refactor confd.service to include both root-ca and + host-envvars handling - * add systemd path watcher to restart confd if keys/certs change during runtime + * add systemd path watcher to restart confd if + keys/certs change during runtime - * store stack configuration available to all services in a persistent/shared volume (/balena) + * store stack configuration available to all services in + a persistent/shared volume (/balena) - * change resolver order to dns => mdns (ipv4) => mdns (ipv6) => return + * change resolver order to dns => mdns (ipv4) => mdns + (ipv6) => return * configure API key and JOSE/JWT key id @@ -1628,7 +1659,8 @@ body: > * TOKEN_AUTH_REALM => REGISTRY2_TOKEN_AUTH_REALM - * REGISTRY2_TOKEN_AUTH_REALM is the new name for BALENA_TOKEN_AUTH_REALM + * REGISTRY2_TOKEN_AUTH_REALM is the new name for + BALENA_TOKEN_AUTH_REALM footer: Change-type: patch change-type: patch @@ -1652,10 +1684,12 @@ - subject: Add parallel HOSTs and env vars hash: 7ef7a8e470f195afec8a104e837f901c9f0d1044 body: > - * allows removal of BALENA_ prefixes across all products and services - (aside from reserved within balenaOS/Supervisor) + * allows removal of BALENA_ prefixes across all products + and services (aside from reserved within + balenaOS/Supervisor) - * made balena-root-ca service a dependency of confd.service + * made balena-root-ca service a dependency of + confd.service footer: Change-type: patch change-type: patch @@ -1822,9 +1856,11 @@ - subject: Manually specify ulimit in haproxy.cfg hash: 501e5e4d31781b3536255e7dd105a3b9aec473f4 body: > - This avoids issues where it's auto-calculated from max connections but + This avoids issues where it's auto-calculated from max + connections but - ends up too small in practice and causes problems with the soft limit + ends up too small in practice and causes problems with the soft + limit even though the hard limit is much higher footer: @@ -2048,9 +2084,10 @@ - subject: Fix configuration for non-BoB deployments hash: be5d9722d47b65ca511cfb66ab13ed1f3ddff372 body: > - The default value on the BALENA_DEVICE_UUID variable forced all code paths - that used to run optionally depending on whether - deployment was on a balenaOS device to run. + The default value on the BALENA_DEVICE_UUID variable + forced all code paths that used to run optionally + depending on whether deployment was on a balenaOS device + to run. footer: Change-type: patch change-type: patch @@ -2079,21 +2116,27 @@ - subject: Auto-configure balenaMachine(bob) hash: efb8da155b7bedec44558dfcd55cb6b535099c01 body: > - + allows balenaMachine(s)/BoB(s) to automatically configure itself - (without bob-cli) + + allows balenaMachine(s)/BoB(s) to automatically + configure itself (without bob-cli) - + auto-configuration requires balena-ca and cert-manager to do the heavy lifting prior + + auto-configuration requires balena-ca and cert-manager + to do the heavy lifting prior - + corresponding [balena-on-balena PR](https://github.com/balena-io/balena-on-balena/pull/261) + + corresponding [balena-on-balena + PR](https://github.com/balena-io/balena-on-balena/pull/261) - * refactor confd.service to include both root-ca and host-envvars handling + * refactor confd.service to include both root-ca and + host-envvars handling - * add systemd path watcher to restart confd if keys/certs change during runtime + * add systemd path watcher to restart confd if + keys/certs change during runtime - * store stack configuration available to all services in a persistent/shared volume (/balena) + * store stack configuration available to all services in + a persistent/shared volume (/balena) - * change resolver order to dns => mdns (ipv4) => mdns (ipv6) => return + * change resolver order to dns => mdns (ipv4) => mdns + (ipv6) => return * configure API key and JOSE/JWT key id @@ -2123,9 +2166,11 @@ - subject: Attempt to load root CA certificate bundle from file hash: 493bb446e99fc7a5b6ecaa4e796942aa65ad03d0 body: > - * allows dynamic certificate generation and loading within the stack + * allows dynamic certificate generation and loading + within the stack - * if a (volume|directory) /certs exists, set up a notification to watch + * if a (volume|directory) /certs exists, set up a + notification to watch for /certs/ca-bundle.pem and update CA certificates/restart confd footer: Change-type: patch @@ -2407,7 +2452,8 @@ body: > * TOKEN_AUTH_REALM => REGISTRY2_TOKEN_AUTH_REALM - * REGISTRY2_TOKEN_AUTH_REALM is the new name for BALENA_TOKEN_AUTH_REALM + * REGISTRY2_TOKEN_AUTH_REALM is the new name for + BALENA_TOKEN_AUTH_REALM footer: Change-type: patch change-type: patch @@ -2431,10 +2477,12 @@ - subject: Add parallel HOSTs and env vars hash: 7ef7a8e470f195afec8a104e837f901c9f0d1044 body: > - * allows removal of BALENA_ prefixes across all products and services - (aside from reserved within balenaOS/Supervisor) + * allows removal of BALENA_ prefixes across all products + and services (aside from reserved within + balenaOS/Supervisor) - * made balena-root-ca service a dependency of confd.service + * made balena-root-ca service a dependency of + confd.service footer: Change-type: patch change-type: patch @@ -2674,7 +2722,8 @@ - subject: add database name env variable hash: 9589ea0fa504995cb456fb27499bb1fcfe3dd7b6 body: > - Makes the database name configurable, with "resin" being the default + Makes the database name configurable, with "resin" being the + default footer: Change-type: minor change-type: minor @@ -2762,7 +2811,8 @@ - subject: Update dependencies hash: 88c9d877e6a0a4edd337f4d33971a5d57789d933 body: > - Update @balena/abstract-sql-compiler from 7.17.0 to 7.17.1 + Update @balena/abstract-sql-compiler from 7.17.0 to + 7.17.1 Update pinejs-client-core from 6.9.6 to 6.10.0 footer: @@ -2774,9 +2824,11 @@ - subject: Avoid the operation type optimization for HAVING clauses hash: 3fcf08bc02c21d9f49b78787ed516fa9a403f021 body: > - Since it's possible for them to behave in a way that violates the + Since it's possible for them to behave in a way + that violates the - safety checks we'll disable them until we can add specific checks + safety checks we'll disable them until we can + add specific checks for the HAVING clause footer: @@ -3565,7 +3617,8 @@ - subject: "patch: Add required_reboot properties to config variables" hash: c8ca80a78986f79f647e4fa8f62ad17821ed040b body: > - 1. Added required_reboot and warning message properties to the schema + 1. Added required_reboot and warning message properties to the + schema 2. Default to false and empty string respectively @@ -3806,7 +3859,8 @@ - subject: Add support for circular `canAccess` permissions using a depth argument hash: fa0164119e212a0e1c0a3d2a4fe23271c3034032 body: > - eg using `resource/canAccess(2)` will allow recursing twice before + eg using `resource/canAccess(2)` will allow recursing + twice before bailing on that branch and considering it falsey @@ -3946,9 +4000,11 @@ - subject: Allow device api keys to query their state as root hash: c43d2a91eec5799c548e9107e45aa06df646cf26 body: > - This omits all the permissions checks and results in a more efficient + This omits all the permissions checks and results in a more + efficient - query but with the downside that it requires us to manually check that + query but with the downside that it requires us to manually + check that this is a safe operation to allow footer: @@ -3970,7 +4026,8 @@ - subject: Add an option to disable cache invalidation based upon version hash: 7b3797f6d4ef371417a9565bce8d7cb1783ae64e body: > - This allows certain caches to handle cache invalidation manually and + This allows certain caches to handle cache invalidation manually + and therefore persist across versions footer: @@ -4316,9 +4373,11 @@ - subject: Remove the cache for device write context as it's no longer beneficial hash: 67612963f5bef3e8a2f99b2c8edba5a40c849098 body: > - Since reducing the query it is now fast enough (from ~130ms to ~1ms) + Since reducing the query it is now fast enough (from ~130ms to + ~1ms) - that the trade off for memory usage for the cache along with argument + that the trade off for memory usage for the cache along with + argument normalization like does not work out in its favor any more footer: @@ -4358,9 +4417,11 @@ - subject: Explicitly remove support for old supervisor log format hash: eae3444f7f664cafccb012bfcb09495fbc4755c3 body: > - It has been broken since August 2018 so this just formalizes that + It has been broken since August 2018 so this just formalizes + that - removed support and removes unnecessary work that was being done in an + removed support and removes unnecessary work that was being done + in an attempt to maintain support footer: @@ -4824,7 +4885,8 @@ - subject: Improve types for device logs, catching an issue reading from loki hash: 615d7a11113923e4fbb65ecd1f8967ce7ba7e949 body: > - Loki used the belongs_to__application as part of it's key but it would + Loki used the belongs_to__application as part of it's key but it + would have been undefined previously footer: @@ -4862,7 +4924,8 @@ body: > Omitting the metrics data is only useful if it avoids the write - altogether, so if we're writing anyway we might as well include it + altogether, so if we're writing anyway we might as well include + it footer: Change-type: patch change-type: patch @@ -4908,9 +4971,11 @@ - subject: Cache resolution of repository path to image id hash: a1b0ca15e092f0197f35b20561e1fa9b6fbbe666 body: > - This is a fairly expensive lookup on a string and allows us to cache + This is a fairly expensive lookup on a string and allows us to + cache - that expensive lookup and use a less expensive id based lookup with + that expensive lookup and use a less expensive id based lookup + with the specific key for each device key that requests access footer: @@ -5117,9 +5182,10 @@ - subject: Fix configuration for non-BoB deployments hash: be5d9722d47b65ca511cfb66ab13ed1f3ddff372 body: > - The default value on the BALENA_DEVICE_UUID variable forced all code paths - that used to run optionally depending on whether - deployment was on a balenaOS device to run. + The default value on the BALENA_DEVICE_UUID variable + forced all code paths that used to run optionally + depending on whether deployment was on a balenaOS device + to run. footer: Change-type: patch change-type: patch @@ -5131,21 +5197,27 @@ - subject: Auto-configure balenaMachine(bob) hash: efb8da155b7bedec44558dfcd55cb6b535099c01 body: > - + allows balenaMachine(s)/BoB(s) to automatically configure itself - (without bob-cli) + + allows balenaMachine(s)/BoB(s) to automatically + configure itself (without bob-cli) - + auto-configuration requires balena-ca and cert-manager to do the heavy lifting prior + + auto-configuration requires balena-ca and cert-manager + to do the heavy lifting prior - + corresponding [balena-on-balena PR](https://github.com/balena-io/balena-on-balena/pull/261) + + corresponding [balena-on-balena + PR](https://github.com/balena-io/balena-on-balena/pull/261) - * refactor confd.service to include both root-ca and host-envvars handling + * refactor confd.service to include both root-ca and + host-envvars handling - * add systemd path watcher to restart confd if keys/certs change during runtime + * add systemd path watcher to restart confd if + keys/certs change during runtime - * store stack configuration available to all services in a persistent/shared volume (/balena) + * store stack configuration available to all services in + a persistent/shared volume (/balena) - * change resolver order to dns => mdns (ipv4) => mdns (ipv6) => return + * change resolver order to dns => mdns (ipv4) => mdns + (ipv6) => return * configure API key and JOSE/JWT key id @@ -5175,9 +5247,11 @@ - subject: Attempt to load root CA certificate bundle from file hash: 493bb446e99fc7a5b6ecaa4e796942aa65ad03d0 body: > - * allows dynamic certificate generation and loading within the stack + * allows dynamic certificate generation and loading + within the stack - * if a (volume|directory) /certs exists, set up a notification to watch + * if a (volume|directory) /certs exists, set up a + notification to watch for /certs/ca-bundle.pem and update CA certificates/restart confd footer: Change-type: patch @@ -5265,7 +5339,8 @@ - subject: Allow passing a function as the cache params to enable custom caching hash: 3e790d9961a0d7f666021248668241264b453743 body: > - This allows using a different cache than the default of memoizee + This allows using a different cache than the default of + memoizee footer: Change-type: minor change-type: minor @@ -5299,7 +5374,8 @@ - subject: Add support for a `PINEJS_DEBUG` env var that is more strictly checked hash: 4b591eefae812a10f43d98e440d11bbfdded69c0 body: > - This means we can warn on/ignore invalid values rather than giving a + This means we can warn on/ignore invalid values rather + than giving a potentially surprising result, eg `'0'` being truthy footer: @@ -5451,7 +5527,8 @@ - subject: Only schedule publishing logs when we have some in the buffer hash: 861483540cc9a5e0223e0d5d43162fcfcd674440 body: > - This avoids idle connections from polling for new logs and instead are + This avoids idle connections from polling for new logs and + instead are scheduled automatically once a log comes in footer: @@ -5757,7 +5834,8 @@ - subject: Revert "Remove now unnecessary hack for casting SERIAL types" hash: 60a56423de9262b5b454ff4cd83c1d1fd39d071e body: > - This reverts commit 187bc075d237a2ced731d0a026ca25aa3e0f5540. + This reverts commit + 187bc075d237a2ced731d0a026ca25aa3e0f5540. footer: Change-type: patch change-type: patch @@ -5769,9 +5847,11 @@ - subject: Remove now unnecessary hack for casting SERIAL types hash: 187bc075d237a2ced731d0a026ca25aa3e0f5540 body: > - This became unnecessary when @balena/sbvr-types added the concept of + This became unnecessary when + @balena/sbvr-types added the concept of - cast types since that now specifies how to cast a SERIAL type + cast types since that now specifies how + to cast a SERIAL type footer: Change-type: patch change-type: patch @@ -5883,7 +5963,8 @@ - subject: Generalize/share the referenced fields code and cover more cases hash: 3e77ac1aed9f3fb596f6a01a08a1800fead1e860 body: > - This now allows detecting deletes that are + This now allows detecting deletes that + are footer: Change-type: minor change-type: minor @@ -5933,11 +6014,14 @@ - subject: Add a `getRuleReferencedFields` which is tailored for rules hash: 256c36de4a1efb7a46eb9833e1c3228d17194015 body: > - This works on the assumption that it is a rule query that should always + This works on the assumption that it is + a rule query that should always - return true and allows ignoring more modification cases where they + return true and allows ignoring more + modification cases where they - cannot change the result from true to false + cannot change the result from true to + false footer: Change-type: minor change-type: minor @@ -6599,7 +6683,8 @@ body: > * TOKEN_AUTH_REALM => REGISTRY2_TOKEN_AUTH_REALM - * REGISTRY2_TOKEN_AUTH_REALM is the new name for BALENA_TOKEN_AUTH_REALM + * REGISTRY2_TOKEN_AUTH_REALM is the new name for + BALENA_TOKEN_AUTH_REALM footer: Change-type: patch change-type: patch @@ -6623,10 +6708,12 @@ - subject: Add parallel HOSTs and env vars hash: 7ef7a8e470f195afec8a104e837f901c9f0d1044 body: > - * allows removal of BALENA_ prefixes across all products and services - (aside from reserved within balenaOS/Supervisor) + * allows removal of BALENA_ prefixes across all products + and services (aside from reserved within + balenaOS/Supervisor) - * made balena-root-ca service a dependency of confd.service + * made balena-root-ca service a dependency of + confd.service footer: Change-type: patch change-type: patch @@ -6980,7 +7067,8 @@ - subject: Avoid concat/_.uniq calls in getReqPermissions hash: 9cd074a5c810ba66130695758ccbf9cc6d7b46d1 body: > - These are relatively expensive considering it is a fairly hot function + These are relatively expensive considering it is a + fairly hot function footer: Change-type: patch change-type: patch @@ -7146,7 +7234,8 @@ - subject: Avoid unnecessary `getAffectedIds` calls when updating devices hash: 69518683f9d479113cceabe2b837ac6984c0e2fc body: > - We only need the call if the device is moving between applications + We only need the call if the device is moving between + applications which is a tiny minority of the cases in which we patch devices footer: @@ -7172,8 +7261,8 @@ - subject: Add Build Stat to Release hash: 7aa26a44848cc825d7202571072d4c7533fc35f7 body: > - This change is part of the larger change to add build statistics from the - Builder to Releases. + This change is part of the larger change to add build statistics + from the Builder to Releases. footer: Signed-off-by: Paul Jonathan Zoulin signed-off-by: Paul Jonathan Zoulin @@ -7504,7 +7593,8 @@ - subject: Revert "Remove now unnecessary hack for casting SERIAL types" hash: 60a56423de9262b5b454ff4cd83c1d1fd39d071e body: > - This reverts commit 187bc075d237a2ced731d0a026ca25aa3e0f5540. + This reverts commit + 187bc075d237a2ced731d0a026ca25aa3e0f5540. footer: Change-type: patch change-type: patch @@ -7516,9 +7606,11 @@ - subject: Remove now unnecessary hack for casting SERIAL types hash: 187bc075d237a2ced731d0a026ca25aa3e0f5540 body: > - This became unnecessary when @balena/sbvr-types added the concept of + This became unnecessary when @balena/sbvr-types + added the concept of - cast types since that now specifies how to cast a SERIAL type + cast types since that now specifies how to cast + a SERIAL type footer: Change-type: patch change-type: patch @@ -7786,7 +7878,8 @@ body: > Need new version to use ACME v2 correctly. - Force using letsencrypt (didn't work otherwise, not totally sure why not) + Force using letsencrypt (didn't work otherwise, not totally sure why + not) Update bundled staging certs, contents are from: @@ -7948,11 +8041,14 @@ - subject: "hostapps: remove rule enforcing valid hostapp releases" hash: b8594fa08de2533b01d3a3f52b6dca001aef6e42 body: > - We already enforce this in the hook itself, and this rule prevents + We already enforce this in the hook itself, and this rule + prevents - devices that have provisioned with an invalidated hostapp release from + devices that have provisioned with an invalidated hostapp + release from - ever PATCHing/updating after the fact. we ideally only want to enforce + ever PATCHing/updating after the fact. we ideally only want to + enforce this rule at upgrade time, rather than always footer: @@ -8012,9 +8108,11 @@ This reverts commit db990479be2611f24b6262e12e1dfa092473cea0. - OpenBalena is not the place to do the config vars change for the private + OpenBalena is not the place to do the config vars change for the + private - device types such as the UniPi Neuron so we revert this commit here. + device types such as the UniPi Neuron so we revert this commit + here. footer: Change-type: minor change-type: minor @@ -8108,7 +8206,8 @@ - subject: "hostapps: basic implementation of target hostapp release" hash: 85f72890c99d3e86f91bbc4d3fc0a1184650f60f body: > - including a hook to set devices to a hostapp release at provision time + including a hook to set devices to a hostapp release at + provision time footer: Change-type: minor change-type: minor @@ -8122,7 +8221,8 @@ - subject: "auth: remove unnecessary brackets" hash: 55bcd667c5ceb77c40c95e4747429107eb34f964 body: > - i missed pulling this change out from the code review of my related PR + i missed pulling this change out from the code review of my + related PR footer: Connects-to: https://github.com/balena-io/open-balena-api/pull/634 connects-to: https://github.com/balena-io/open-balena-api/pull/634 @@ -8167,9 +8267,11 @@ - subject: Stop allowing cache clearing for multi-level cache hash: 091863ebed83d587e08db9889bef647f21326393 body: > - This causes problems with the redis level of the cache because clearing + This causes problems with the redis level of the cache because + clearing - the cache requires clearing the entire redis database which is far more + the cache requires clearing the entire redis database which is + far more aggressive than we want to support footer: @@ -8250,9 +8352,11 @@ - subject: Simplify ignored device types handling hash: e30a4e6db72d325abeeefd751f0ab454e5541706 body: > - By handling ignored device types transparently at the point of fetching + By handling ignored device types transparently at the point of + fetching - it allows us to avoid duplicating that code and guarantees the ignoring + it allows us to avoid duplicating that code and guarantees the + ignoring is always applied footer: @@ -8277,7 +8381,8 @@ - subject: Use primitive memoization mode for build-info-facade hash: 6f6ce395b57258e43df6b49b88194e6920af1f51 body: > - This can give better performance but requires all arguments to generate + This can give better performance but requires all arguments to + generate unique strings when stringified footer: @@ -8479,11 +8584,14 @@ - subject: Block eagerly fetching affected ids in cases it is not possible to do hash: 413257bd23a32d90678cd9b224529a89e328afe9 body: > - This fixes an issue where trying to eagerly fetch affected ids for + This fixes an issue where trying to eagerly fetch + affected ids for - equests that can create entries would return ids for existing entries + equests that can create entries would return ids for + existing entries - that you could have created rather than giving the ids for the entries + that you could have created rather than giving the ids + for the entries that you will create footer: @@ -8546,7 +8654,8 @@ - subject: Emit an error on the request stream for non-200s rather than throwing hash: 9f9d50e2ce82b35553e19bdc6d01a41f92f2cb39 body: > - The throw was in an asynchronous callback and throwing there causes the + The throw was in an asynchronous callback and throwing there + causes the process to exit footer: @@ -8604,13 +8713,17 @@ - subject: Cache device existence check for 5 minutes hash: 72eb4bfbad725d406eb7a0236ada31b0da8e47ca body: > - This will reduce the load for the common case where active devices are + This will reduce the load for the common case where active + devices are - not regularly deleted with the potential to briefly respond with a 401 + not regularly deleted with the potential to briefly respond with + a 401 - when a device is first deleted. There may also be a slight delay for + when a device is first deleted. There may also be a slight delay + for - restored devices to be able to communicate again however again that is + restored devices to be able to communicate again however again + that is a very rare case. footer: @@ -8703,11 +8816,14 @@ - subject: Ensure service installs exist at the point of pinning an application hash: 7ac88e4852436a8876e709f20948d1382174cb12 body: > - This avoids issues where you pin an application to a release for which + This avoids issues where you pin an application to a release for + which - some devices are missing service installs. It also allows simplifying + some devices are missing service installs. It also allows + simplifying - the "should track latest release" implementation as it no longer needs + the "should track latest release" implementation as it no longer + needs to care about creating service installs itself footer: @@ -9005,9 +9121,11 @@ - subject: Add a `boolVar` helper for config to standardize boolean config vars hash: 8041b9696a6b91bc9ef76e8f19c870c8a139f00e body: > - This now requires boolean config vars must be `true` or `false`, or + This now requires boolean config vars must be `true` or `false`, + or - not set if they're optional, previously we compared against just `true` + not set if they're optional, previously we compared against just + `true` so any other values would be treated as `false` which could be @@ -9488,9 +9606,11 @@ - subject: Add a `getRuleReferencedFields` which is tailored for rules hash: 256c36de4a1efb7a46eb9833e1c3228d17194015 body: > - This works on the assumption that it is a rule query that should always + This works on the assumption that it is a rule + query that should always - return true and allows ignoring more modification cases where they + return true and allows ignoring more + modification cases where they cannot change the result from true to false footer: @@ -9615,7 +9735,8 @@ body: > Also the linting on prepush works very poorly on windows due to - complaints around line endings even if the committed line endings are + complaints around line endings even if the committed line + endings are fine footer: @@ -10100,9 +10221,11 @@ - subject: Add a timeout for pg rollbacks after which the connection is terminated hash: e67830dc6f3a9b6c73f20e6c71f14dcbacadca21 body: > - This avoids issues where a postgres connection can hang and the + This avoids issues where a postgres connection can hang + and the - rollback never finishes and the client is never released from the pool + rollback never finishes and the client is never released + from the pool footer: Change-type: minor change-type: minor @@ -10139,9 +10262,11 @@ - subject: Optimize generating constrained abstract sql model hash: b176abf77bf4f550ea7728fee52b5d6746ec7d22 body: > - Instantiating an `OData2AbstractSQL` instance can be relatively costly + Instantiating an `OData2AbstractSQL` instance can be + relatively costly - and as such reusing a memoized instance can provide a reasonable + and as such reusing a memoized instance can provide a + reasonable performance improvement footer: @@ -10172,7 +10297,8 @@ - subject: Separate application delete hook components into individual hooks hash: e1a5ffa9af59f5c67766bfd999b6a3b2632b7506 body: > - This allows them to be isolated from each other and also allows them to + This allows them to be isolated from each other and also allows + them to be executed in parallel footer: @@ -10538,11 +10664,14 @@ - subject: Add support for more input types to abstract-sql-compiler hash: 431f3dbcb2177c602042e01c46eac45b185c555c body: > - We now support support passing an SBVR file or a model specification + We now support support passing an SBVR file or a model + specification - as well as an abstract sql model, and we also accept any file type that + as well as an abstract sql model, and we also accept any + file type that - is acceptable to nodejs `require` rather than just a JSON file + is acceptable to nodejs `require` rather than just a + JSON file footer: Change-type: minor change-type: minor @@ -10775,7 +10904,8 @@ - subject: Add support for table definitions hash: 2939656834c374e35af8867d6337b119b58cd198 body: > - Static definitions will be converted to views and dynamic definitions + Static definitions will be converted to views + and dynamic definitions will be ignored footer: @@ -10821,7 +10951,8 @@ - subject: Add support for table definitions hash: 2939656834c374e35af8867d6337b119b58cd198 body: > - Static definitions will be converted to views and dynamic definitions + Static definitions will be converted to + views and dynamic definitions will be ignored footer: @@ -10857,7 +10988,8 @@ - subject: Add an `optimizeSchema` function hash: 43a3c0eac0ed0c57a79fbc62d025c058ab8dbb1c body: > - Currently this can optimize certain rules into check constraints + Currently this can optimize certain + rules into check constraints footer: Change-type: minor change-type: minor @@ -10982,7 +11114,8 @@ - subject: Add an `optimizeSchema` function hash: 43a3c0eac0ed0c57a79fbc62d025c058ab8dbb1c body: > - Currently this can optimize certain rules into check constraints + Currently this can optimize certain rules into + check constraints footer: Change-type: minor change-type: minor @@ -11154,9 +11287,11 @@ - subject: Add a `castType` property to type functions hash: 409077eb9d6c0315779ddd877220280c251b4eb5 body: > - This allows specifying the correct type to cast to when necessary + This allows specifying the correct type + to cast to when necessary - rather than relying on the fact the currently all type functions happen + rather than relying on the fact the + currently all type functions happen to be integers footer: @@ -11212,9 +11347,11 @@ - subject: Add a `castType` property to type functions hash: 409077eb9d6c0315779ddd877220280c251b4eb5 body: > - This allows specifying the correct type to cast to when necessary + This allows specifying the correct type + to cast to when necessary - rather than relying on the fact the currently all type functions happen + rather than relying on the fact the + currently all type functions happen to be integers footer: @@ -11280,9 +11417,13 @@ - subject: Add a `castType` property to type functions hash: 409077eb9d6c0315779ddd877220280c251b4eb5 body: > - This allows specifying the correct type to cast to when necessary + This allows specifying the + correct type to cast to when + necessary - rather than relying on the fact the currently all type functions happen + rather than relying on the fact + the currently all type functions + happen to be integers footer: @@ -11360,9 +11501,11 @@ - subject: Add a `castType` property to type functions hash: 409077eb9d6c0315779ddd877220280c251b4eb5 body: > - This allows specifying the correct type to cast to when necessary + This allows specifying the correct type to cast + to when necessary - rather than relying on the fact the currently all type functions happen + rather than relying on the fact the currently + all type functions happen to be integers footer: @@ -12148,17 +12291,19 @@ - subject: "cert-provider: Update to support ACMEv2 on staging provider" hash: d67e29223ff314b40fd745ce78301e550c2c9148 body: > - Acquiring a staging certificiate from LetsEncrypt was failing, so acme.sh - was + Acquiring a staging certificiate from LetsEncrypt was failing, so + acme.sh was updated to version 2.8.5, which includes support for using ACMEv2 on the LetsEncrypt servers. - Changes to the state flow to make access retries infinite as it became apparent + Changes to the state flow to make access retries infinite as it became + apparent - that in some scenarios the certificate acquisition could fail to occur due to + that in some scenarios the certificate acquisition could fail to occur + due to containers taking longer to become accessible. footer: @@ -12206,13 +12351,17 @@ - remove some `.gitignore` entries as this is also honoured by `balena push` - - added a step to `scripts/quickstart` to produce a single, flat `docker-compose.yml` after running + - added a step to `scripts/quickstart` to produce a single, flat + `docker-compose.yml` after running - - set the compose file versions to `2.0` to ensure only supported terms are used in the `docker-compose.yml` file output + - set the compose file versions to `2.0` to ensure only supported terms + are used in the `docker-compose.yml` file output - - quoted empty env values as these need to be passed in as blank, and not ommitted + - quoted empty env values as these need to be passed in as blank, and + not ommitted - - include the MDNS publisher service IF the domain being used is a .local one + - include the MDNS publisher service IF the domain being used is a + .local one - corrected spelling of macOS in script messages @@ -12241,7 +12390,8 @@ Update open-balena-registry to 2.7.0 - This allows registry to be configured to use its internal Redis instance for caching. It is still disabled by default though. + This allows registry to be configured to use its internal Redis instance + for caching. It is still disabled by default though. footer: Change-type: minor change-type: minor @@ -12342,7 +12492,8 @@ body: >- * Switch to `export ...` syntax (from `export = ...`) - * Fix invalid export of class inheriting non-exported class + * Fix invalid export of class inheriting non-exported + class footers: change-type: major hash: a6307b8c04d3456ad7d8a6ac19035b5e718c4311 @@ -12697,7 +12848,8 @@ - subject: Expose odata-compiler as a bin script hash: cf86826e0d6653c456057d4de8d849d00ffc023f body: > - This means that it will now match the module dependencies of the + This means that it will now match the module + dependencies of the installed pinejs footer: @@ -12710,7 +12862,8 @@ - subject: Expose sbvr-compiler as a bin script hash: e6718ffe901b4d711f47493ff907ee1fe2f947e0 body: > - This means that it will now match the module dependencies of the + This means that it will now match the module + dependencies of the installed pinejs footer: @@ -12894,7 +13047,8 @@ - commits: - author: Will Boyce body: >- - Allowing the server to dictate when keys are renegotiated allows us to + Allowing the server to dictate when keys are renegotiated allows + us to control load spikes more effectively. footers: @@ -12979,7 +13133,8 @@ Added to the supervisor in https://github.com/balena-io/balena-supervisor/pull/934 - We add this variable to the whitelist and add the information so that the UI can show it and allow changing it. + We add this variable to the whitelist and add the information so + that the UI can show it and allow changing it. footers: change-type: minor signed-off-by: Pablo Carranza Velez diff --git a/CHANGELOG.md b/CHANGELOG.md index 5b36e9c..371f5b0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file automatically by Versionist. DO NOT EDIT THIS FILE MANUALLY! This project adheres to [Semantic Versioning](http://semver.org/). +# v3.8.3 +## (2024-04-23) + +* flowzone.yml: Prevent duplicate workflow executions [Kyle Harding] + # v3.8.2 ## (2023-02-16) diff --git a/VERSION b/VERSION index 00e897b..dcd32c1 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.8.2 \ No newline at end of file +3.8.3 \ No newline at end of file