SSH (client) verbosity config

* help debug random failures during test execution change-type: patch
2025-06-24 18:25:16 +00:00 · 2024-07-09 10:38:41 -07:00
11 changed files with 24 additions and 1566 deletions
--- a/.github/workflows/flowzone.yml
+++ b/.github/workflows/flowzone.yml
@ -25,6 +25,15 @@ jobs:
    with:
      jobs_timeout_minutes: 60
      cloudflare_website: open-balena
+      custom_runs_on: |
+        [
+          [
+            "self-hosted",
+            "Linux",
+            "X64"
+          ]
+        ]
+
      balena_slugs: |
        balena/open-balena

--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@ -73,13 +73,13 @@ jobs:
      name: ${{ matrix.target }}

    steps:
-    - uses: actions/checkout@6d193bf28034eafb982f37bd894289fe649468fc
+    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332

    # https://github.com/unfor19/install-aws-cli-action
    - name: Setup awscli
      uses: unfor19/install-aws-cli-action@e8b481e524a99f37fbd39fdc1dcb3341ab091367 # v1

-    - uses: aws-actions/configure-aws-credentials@e26e19042832fb823bebedbd411b82b685244c69
+    - uses: aws-actions/configure-aws-credentials@febab93d024649c3429d6b4609fe0a64bd9803f3
      with:
        aws-region: ${{ vars.AWS_REGION || 'us-east-1' }}
        role-session-name: github-${{ github.job }}-${{ github.run_id }}-${{ github.run_attempt }}
@ -798,14 +798,6 @@ jobs:
                && rm -f "\${tmphosts}" \
                && getent hosts api.${{ matrix.subdomain }}.${{ matrix.dns_tld }} | grep 127.0.1.1

-              sshd -T
-              service ssh restart
-
-          # https://forums.docker.com/t/docker-compose-through-ssh-failing-and-referring-to-docker-example-com/115165/18
-          - path: /etc/ssh/sshd_config.d/00-cloud-init
-            content: |
-              MaxStartups 100:0:100
-
        # cloud-init runs as root
        # (e.g.) https://cloudinit.readthedocs.io/en/latest/reference/merging.html#example-cloud-config
        runcmd:
@ -847,10 +839,6 @@ jobs:
        aws ec2 wait instance-running --instance-ids "${instance_id}"
        with_backoff aws ec2 wait instance-status-ok --instance-ids "${instance_id}"

-        private_ip="$(aws ec2 describe-instances --instance-id "${instance_id}" \
-          | jq -r .Reservations[].Instances[].PrivateIpAddress)"
-        echo "private_ip=${private_ip}" >>"${GITHUB_OUTPUT}"
-
      env:
        ATTEMPTS: 2
        AWS_DEFAULT_REGION: ${{ vars.AWS_REGION || 'us-east-1' }}
@ -888,21 +876,13 @@ jobs:
        trap 'log_output' EXIT

        # https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-getting-started-enable-ssh-connections.html
-        mkdir -p "${HOME}/.ssh/controlmasters"
        cat << EOF > "${HOME}/.ssh/config"
-        host *
-            StrictHostKeyChecking no
-            UserKnownHostsFile /dev/null
-
        host i-*
            StrictHostKeyChecking no
            UserKnownHostsFile /dev/null
-            TCPKeepAlive yes
-            ServerAliveInterval 5
-            ControlPath "${HOME}/.ssh/controlmasters/%r@%h:%p"
-            ControlMaster auto
-            ControlPersist 5m
            ProxyCommand sh -c "aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p'"
+            # QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3
+            LogLevel ${{ vars.SSH_VERBOSE || 'ERROR' }}     
        EOF

        # docs/getting-started.md
@ -1020,16 +1000,6 @@ jobs:
        with_backoff balena keys | grep ${{ steps.provision-ssh-key.outputs.key_id }} \
          | awk '{print $1}' | xargs --no-run-if-empty balena key rm --yes

-    - name: remove AWS/EC2 key-pair
-      if: always() && matrix.target == 'compose-private-pki'
-      continue-on-error: true
-      run: |
-        set -ue
-
-        [[ '${{ vars.VERBOSE }}' =~ on|On|Yes|yes|true|True ]] && set -x
-
-        aws ec2 delete-key-pair --key-name ${{ steps.generate-key-pair.outputs.key_name }}
-
    - name: delete balenaOS test device
      if: always() && matrix.target == 'balena-public-pki'
      continue-on-error: true
--- a/.versionbot/CHANGELOG.yml
+++ b/.versionbot/CHANGELOG.yml
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,417 +4,6 @@ All notable changes to this project will be documented in this file
 automatically by Versionist. DO NOT EDIT THIS FILE MANUALLY!
 This project adheres to [Semantic Versioning](http://semver.org/).

-# v4.1.107
-## (2024-09-10)
-
-* Update balena/open-balena-api Docker tag to v27.1.4 [Self-hosted Renovate Bot]
-
-# v4.1.106
-## (2024-09-09)
-
-* Update balena/open-balena-vpn Docker tag to v11.30.38 [Self-hosted Renovate Bot]
-
-# v4.1.105
-## (2024-09-09)
-
-* Update balena/open-balena-api Docker tag to v27.1.2 [Self-hosted Renovate Bot]
-
-# v4.1.104
-## (2024-09-09)
-
-* Update balena/open-balena-api Docker tag to v27.1.1 [Self-hosted Renovate Bot]
-
-# v4.1.103
-## (2024-09-06)
-
-* Update balena/open-balena-vpn Docker tag to v11.30.37 [Self-hosted Renovate Bot]
-
-# v4.1.102
-## (2024-09-06)
-
-* Update balena/open-balena-api Docker tag to v27.1.0 [Self-hosted Renovate Bot]
-
-# v4.1.101
-## (2024-09-05)
-
-* Update qemux/qemu-docker Docker tag to v6 [Self-hosted Renovate Bot]
-
-# v4.1.100
-## (2024-09-05)
-
-* Update actions/checkout digest to 6d193bf [Self-hosted Renovate Bot]
-
-# v4.1.99
-## (2024-09-05)
-
-* Update actions/checkout digest to b684943 [Self-hosted Renovate Bot]
-
-# v4.1.98
-## (2024-09-05)
-
-* Update balena/open-balena-api Docker tag to v27 [Self-hosted Renovate Bot]
-
-# v4.1.97
-## (2024-09-05)
-
-* Update dependency balena-io/balena-cli to v19.0.3 [Self-hosted Renovate Bot]
-
-# v4.1.96
-## (2024-09-05)
-
-* Update balena/open-balena-vpn Docker tag to v11.30.36 [Self-hosted Renovate Bot]
-
-# v4.1.95
-## (2024-09-04)
-
-* Update balena/open-balena-vpn Docker tag to v11.30.35 [Self-hosted Renovate Bot]
-
-# v4.1.94
-## (2024-09-04)
-
-* Update balena/open-balena-vpn Docker tag to v11.30.34 [Self-hosted Renovate Bot]
-
-# v4.1.93
-## (2024-09-03)
-
-* Update dependency balena-io/balena-cli to v19.0.2 [Self-hosted Renovate Bot]
-
-# v4.1.92
-## (2024-09-03)
-
-* Update balena/open-balena-vpn Docker tag to v11.30.33 [Self-hosted Renovate Bot]
-
-# v4.1.91
-## (2024-09-03)
-
-* Update balena/open-balena-registry Docker tag to v2.41.6 [Self-hosted Renovate Bot]
-
-# v4.1.90
-## (2024-09-03)
-
-* Update balena/open-balena-s3 Docker tag to v2.28.55 [Self-hosted Renovate Bot]
-
-# v4.1.89
-## (2024-09-03)
-
-* Update balena/open-balena-api Docker tag to v26.4.8 [Self-hosted Renovate Bot]
-
-# v4.1.88
-## (2024-09-03)
-
-* Update aws-actions/configure-aws-credentials digest to e26e190 [Self-hosted Renovate Bot]
-
-# v4.1.87
-## (2024-09-03)
-
-* Update balena/open-balena-api Docker tag to v26.4.7 [Self-hosted Renovate Bot]
-
-# v4.1.86
-## (2024-09-03)
-
-* Update balena/open-balena-api Docker tag to v26.4.6 [Self-hosted Renovate Bot]
-
-# v4.1.85
-## (2024-09-02)
-
-* Update dependency balena-io/balena-cli to v19.0.1 [Self-hosted Renovate Bot]
-
-# v4.1.84
-## (2024-09-02)
-
-* Update balena/open-balena-api Docker tag to v26.4.5 [Self-hosted Renovate Bot]
-
-# v4.1.83
-## (2024-09-02)
-
-* Update actions/checkout digest to 2d7d9f7 [Self-hosted Renovate Bot]
-
-# v4.1.82
-## (2024-08-30)
-
-* Update balena/open-balena-api Docker tag to v26.4.3 [Self-hosted Renovate Bot]
-
-# v4.1.81
-## (2024-08-30)
-
-* Update balena/open-balena-api Docker tag to v26.4.2 [Self-hosted Renovate Bot]
-
-# v4.1.80
-## (2024-08-29)
-
-* Update balena/open-balena-registry Docker tag to v2.41.4 [Self-hosted Renovate Bot]
-
-# v4.1.79
-## (2024-08-28)
-
-* Update balena/open-balena-s3 Docker tag to v2.28.54 [Self-hosted Renovate Bot]
-
-# v4.1.78
-## (2024-08-27)
-
-* Update balena/open-balena-api Docker tag to v26.4.0 [Self-hosted Renovate Bot]
-
-# v4.1.77
-## (2024-08-27)
-
-* Update aws-actions/configure-aws-credentials digest to 0fc95ed [Self-hosted Renovate Bot]
-
-# v4.1.76
-## (2024-08-26)
-
-* Update balena/open-balena-api Docker tag to v26.3.5 [Self-hosted Renovate Bot]
-
-# v4.1.75
-## (2024-08-23)
-
-* Update balena/open-balena-api Docker tag to v26.3.3 [Self-hosted Renovate Bot]
-
-# v4.1.74
-## (2024-08-22)
-
-* Update dependency balena-io/balena-cli to v19 [Self-hosted Renovate Bot]
-
-# v4.1.73
-## (2024-08-22)
-
-* Update balena/open-balena-registry Docker tag to v2.41.3 [Self-hosted Renovate Bot]
-
-# v4.1.72
-## (2024-08-22)
-
-* Update balena/open-balena-s3 Docker tag to v2.28.53 [Self-hosted Renovate Bot]
-
-# v4.1.71
-## (2024-08-22)
-
-* Update balena/open-balena-registry Docker tag to v2.41.2 [Self-hosted Renovate Bot]
-
-# v4.1.70
-## (2024-08-21)
-
-* Update balena/open-balena-api Docker tag to v26.3.1 [Self-hosted Renovate Bot]
-
-# v4.1.69
-## (2024-08-20)
-
-* Update aws-actions/configure-aws-credentials digest to ead1e6a [Self-hosted Renovate Bot]
-
-# v4.1.68
-## (2024-08-19)
-
-* Update balena/open-balena-api Docker tag to v26.3.0 [Self-hosted Renovate Bot]
-
-# v4.1.67
-## (2024-08-19)
-
-* Update qemux/qemu-docker Docker tag to v5.18 [Self-hosted Renovate Bot]
-
-# v4.1.66
-## (2024-08-19)
-
-* SSH reliability settings [Anton Belodedenko]
-* SSH reliability settings [Anton Belodedenko]
-
-# v4.1.65
-## (2024-08-15)
-
-* patch: Add Table of Contents [Vipul Gupta (@vipulgupta2048)]
-
-# v4.1.64
-## (2024-08-13)
-
-* Update aws-actions/configure-aws-credentials digest to 55f725f [Self-hosted Renovate Bot]
-
-# v4.1.63
-## (2024-08-12)
-
-* Cleanup AWS/EC2 key pairs [Anton Belodedenko]
-
-# v4.1.62
-## (2024-08-12)
-
-* Update balena/open-balena-registry Docker tag to v2.41.1 [Self-hosted Renovate Bot]
-
-# v4.1.61
-## (2024-08-12)
-
-* Update balena/open-balena-api Docker tag to v26.2.2 [Self-hosted Renovate Bot]
-
-# v4.1.60
-## (2024-08-10)
-
-* Update redis Docker tag to v7.4 [Self-hosted Renovate Bot]
-
-# v4.1.59
-## (2024-08-10)
-
-* Update balena/open-balena-s3 Docker tag to v2.28.52 [Self-hosted Renovate Bot]
-
-# v4.1.58
-## (2024-08-10)
-
-* Update dependency balena-io/balena-cli to v18.2.34 [Self-hosted Renovate Bot]
-
-# v4.1.57
-## (2024-08-10)
-
-* Update balena/open-balena-api Docker tag to v26.1.6 [Self-hosted Renovate Bot]
-
-# v4.1.56
-## (2024-08-10)
-
-* Update aws-actions/configure-aws-credentials digest to 39228ca [Self-hosted Renovate Bot]
-
-# v4.1.55
-## (2024-08-06)
-
-* Update balena/open-balena-vpn Docker tag to v11.30.31 [Self-hosted Renovate Bot]
-
-# v4.1.54
-## (2024-08-05)
-
-* Update balena/open-balena-api Docker tag to v26.1.5 [Self-hosted Renovate Bot]
-
-# v4.1.53
-## (2024-08-05)
-
-* Update actions/checkout digest to 9a9194f [Self-hosted Renovate Bot]
-
-# v4.1.52
-## (2024-08-01)
-
-* Update balena/open-balena-registry Docker tag to v2.39.65 [Self-hosted Renovate Bot]
-
-# v4.1.51
-## (2024-07-23)
-
-* Update balena/open-balena-api Docker tag to v26.1.3 [Self-hosted Renovate Bot]
-
-# v4.1.50
-## (2024-07-23)
-
-* Update aws-actions/configure-aws-credentials digest to 12e3392 [Self-hosted Renovate Bot]
-
-# v4.1.49
-## (2024-07-22)
-
-* Update balena/open-balena-api Docker tag to v26 [Self-hosted Renovate Bot]
-
-# v4.1.48
-## (2024-07-19)
-
-* Update balena/open-balena-registry Docker tag to v2.39.63 [Self-hosted Renovate Bot]
-
-# v4.1.47
-## (2024-07-19)
-
-* Update balena/open-balena-s3 Docker tag to v2.28.50 [Self-hosted Renovate Bot]
-
-# v4.1.46
-## (2024-07-17)
-
-* Update balena/open-balena-vpn Docker tag to v11.30.27 [Self-hosted Renovate Bot]
-
-# v4.1.45
-## (2024-07-17)
-
-* Update aws-actions/configure-aws-credentials digest to 6116f2b [Self-hosted Renovate Bot]
-
-# v4.1.44
-## (2024-07-17)
-
-* Update dependency balena-io/balena-cli to v18.2.33 [Self-hosted Renovate Bot]
-
-# v4.1.43
-## (2024-07-16)
-
-* Remove custom_runs_on instruction from flowzone.yml [Kyle Harding]
-
-# v4.1.42
-## (2024-07-16)
-
-* Update dependency balena-io/balena-cli to v18.2.32 [Self-hosted Renovate Bot]
-
-# v4.1.41
-## (2024-07-16)
-
-* Update balena/open-balena-api Docker tag to v25.2.8 [Self-hosted Renovate Bot]
-
-# v4.1.40
-## (2024-07-15)
-
-* Update dependency balena-io/balena-cli to v18.2.31 [Self-hosted Renovate Bot]
-
-# v4.1.39
-## (2024-07-15)
-
-* Update dependency balena-io/balena-cli to v18.2.30 [Self-hosted Renovate Bot]
-
-# v4.1.38
-## (2024-07-15)
-
-* Update balena/open-balena-api Docker tag to v25.2.7 [Self-hosted Renovate Bot]
-
-# v4.1.37
-## (2024-07-12)
-
-* Update dependency balena-io/balena-cli to v18.2.29 [Self-hosted Renovate Bot]
-
-# v4.1.36
-## (2024-07-12)
-
-* Update dependency balena-io/balena-cli to v18.2.28 [Self-hosted Renovate Bot]
-
-# v4.1.35
-## (2024-07-12)
-
-* Update balena/open-balena-vpn Docker tag to v11.30.26 [Self-hosted Renovate Bot]
-
-# v4.1.34
-## (2024-07-11)
-
-* Update balena/open-balena-registry Docker tag to v2.39.62 [Self-hosted Renovate Bot]
-
-# v4.1.33
-## (2024-07-11)
-
-* Update aws-actions/configure-aws-credentials digest to 96589f5 [Self-hosted Renovate Bot]
-
-# v4.1.32
-## (2024-07-11)
-
-* Update balena/open-balena-s3 Docker tag to v2.28.49 [Self-hosted Renovate Bot]
-
-# v4.1.31
-## (2024-07-11)
-
-* Update balena/open-balena-api Docker tag to v25.2.5 [Self-hosted Renovate Bot]
-
-# v4.1.30
-## (2024-07-11)
-
-* Update dependency balena-io/balena-cli to v18.2.25 [Self-hosted Renovate Bot]
-
-# v4.1.29
-## (2024-07-10)
-
-* Update dependency balena-io/balena-cli to v18.2.22 [Self-hosted Renovate Bot]
-
-# v4.1.28
-## (2024-07-09)
-
-* Update balena/open-balena-registry Docker tag to v2.39.61 [Self-hosted Renovate Bot]
-
-# v4.1.27
-## (2024-07-09)
-
-* Update balena/open-balena-api Docker tag to v25.2.0 [Self-hosted Renovate Bot]
-
-# v4.1.26
-## (2024-07-09)
-
-* Relax regex to match all Let's Encrypt CNs [Anton Belodedenko]
-
 # v4.1.25
 ## (2024-07-09)

--- a/2
+++ b/2
@ -145,7 +145,7 @@ auto-pki: config # Start all services using LetsEncrypt and ACME
 	@docker compose up -d
 	@$(MAKE) waitlog SERVICE=cert-manager LOG_STRING="/certs/export/chain.pem Certificate will not expire in [0-9] days"
 	@$(MAKE) waitlog SERVICE=cert-manager LOG_STRING="subject=CN = ${DNS_TLD}"
-	@$(MAKE) waitlog SERVICE=cert-manager LOG_STRING="issuer=C = US, O = Let's Encrypt, CN = .*"
+	@$(MAKE) waitlog SERVICE=cert-manager LOG_STRING="issuer=C = US, O = Let's Encrypt, CN = R3"
 	@$(MAKE) wait SERVICE=haproxy
 	@$(MAKE) showenv
 	@$(MAKE) showpass
--- a/README.md
+++ b/README.md
@ -16,23 +16,6 @@ images to your devices.

 To learn more about openBalena, visit [balena.io/open][open-balena-website].

- [Features](#features)
- [Getting Started](#getting-started)
- [Compatibility](#compatibility)
- [Documentation](#documentation)
- [Getting Help](#getting-help)
- [Contributing](#contributing)
- [Roadmap](#roadmap)
- [Differences between openBalena and balenaCloud](#differences-between-openbalena-and-balenacloud)
- [License](#license)
- [FAQ](#faq)
-  - [How do you ensure continuity of openBalena? Are there security patches on openBalena?](#how-do-you-ensure-continuity-of-openbalena-are-there-security-patches-on-openbalena)
-  - [How do you ensure the "Join" command actually works between openBalena and](#how-do-you-ensure-the-join-command-actually-works-between-openbalena-and)
-  - [Is it "production ready"?](#is-it-production-ready)
-  - [Can a new device type be added to openBalena?](#can-a-new-device-type-be-added-to-openbalena)
-  - [Are there open-source UI dashboards from the community for openBalena?](#are-there-open-source-ui-dashboards-from-the-community-for-openbalena)
-
-

 ## Features

@ -176,7 +159,7 @@ While we actually have some rather large fleets using openBalena, we consider it
 perpetually in "beta". This means potentially introducing breaking changes between
 releases.

-### Can a new device type be added to openBalena?
+### Can new device type be added to openBalena?
 openBalena imports the following public [device-types] "out of the box". You can specify
 your own contracts repository by overriding `CONTRACTS_PUBLIC_REPO_NAME`,
 `CONTRACTS_PUBLIC_REPO_OWNER` and `IMAGE_STORAGE_BUCKET` environment variables on the API
--- a/2
+++ b/2
@ -1 +1 @@
-4.1.107
+4.1.25
--- a/balena.yml
+++ b/balena.yml
@ -23,4 +23,4 @@ data:
    - generic-amd64
    - genericx86-64-ext
    - intel-nuc
-version: 4.1.107
+version: 4.1.25
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -79,7 +79,7 @@ services:
      *with-default-privileges,
      *with-default-volumes,
    ]
-    image: balena/open-balena-api:v27.1.4
+    image: balena/open-balena-api:v25.1.29
    depends_on:
      - db
      - redis
@ -119,7 +119,7 @@ services:
      *with-default-healthcheck,
      *with-default-privileges,
    ]
-    image: balena/open-balena-registry:v2.41.6
+    image: balena/open-balena-registry:v2.39.60
    volumes:
      - certs-data:/certs
      - resin-data:/balena
@ -146,7 +146,7 @@ services:
      *with-network-privileges,
      *with-default-privileges,
    ]
-    image: balena/open-balena-vpn:v11.30.38
+    image: balena/open-balena-vpn:v11.30.23
    depends_on:
      - api
    environment:
@ -175,7 +175,7 @@ services:
      *with-default-healthcheck,
      *with-default-privileges,
    ]
-    image: balena/open-balena-s3:v2.28.55
+    image: balena/open-balena-s3:v2.28.48
    volumes:
      - s3-data:/export
      - certs-data:/certs
@ -189,7 +189,7 @@ services:
  redis:
    <<: *base-service
    # https://redis.io/blog/what-redis-license-change-means-for-our-managed-service-providers/
-    image: redis:7.4-alpine
+    image: redis:7.2-alpine
    volumes:
      - redis-data:/data
    healthcheck:
--- a/src/balena-tests/Dockerfile
+++ b/src/balena-tests/Dockerfile
@ -1,7 +1,7 @@
 FROM ubuntu:24.04

 # renovate: datasource=github-releases depName=balena-io/balena-cli
-ARG BALENA_CLI_VERSION=v19.0.3
+ARG BALENA_CLI_VERSION=v18.2.20

 RUN apt-get update && apt-get install -y --no-install-recommends \
 	bash \
--- a/src/test-device/Dockerfile
+++ b/src/test-device/Dockerfile
@ -1,6 +1,6 @@
 # https://hub.docker.com/r/qemux/qemu-docker
 # https://github.com/qemus/qemu-docker
-FROM qemux/qemu-docker:6.00
+FROM qemux/qemu-docker:5.16

 RUN apt-get update && apt-get install -y --no-install-recommends \
 	minicom \
 @ -1 +1 @@
 .1.107
 .1.25