profile
viewpoint
Robert Günzler robertgzr @balena-io Berlin, Germany https://gnzler.io

robertgzr/homebrew-tap 11

useful formulae

robertgzr/bootloadHID 6

Fork of bootloadHID from http://www.obdev.at/products/vusb/bootloadhid.html

robertgzr/dotfiles 4

the . stuff

balena-io-playground/balenaos-vagrant 2

balenaOS support for Vagrant

robertgzr/caddygen 1

Generate static file listings from caddy's browse plugin

robertgzr/docker-caddy 1

easy to customize caddyserver container image

robertgzr/joe-telegram-adapter 1

Telegram adapter for the Joe bot library

balena-io/runc 0

CLI tool for spawning and running containers according to the OCI specification

pedroscaff/sensor-platform 0

Platform is an Arduino based tool to acquire, geolocate and save pollutants concentrations in a sd card.

issue commentbalena-os/balena-engine

Catch up with docker 19.03 CE

I'm working on integrating this into meta-balena here: https://github.com/balena-os/meta-balena/pull/1824

robertgzr

comment created time in 9 hours

pull request commentbalena-os/meta-balena

Update balena-engine to 19.03

I was a bit to quick. Let's fix the go 1.12 related build errors before I try to include the release candidates for 19.03.6

robertgzr

comment created time in 5 days

push eventbalena-os/meta-balena

Zubair Lutfullah Kakakhel

commit sha a3c1e0ec992702fbb142891c96734a5011e3e49a

networkmanager: Fix a typo in a plugin path ppp version is 2.4.7. Without defining the right path, the path defaults to v2.4.5 in NM configure scripts. Lets pass it here to keep it correct. Should not have any actual affect. NM plugin was built with reference to the 2.4.7 headers. Just the directoy path would say 2.4.5 misleading some debug effort Change-type: patch Changelog-entry: Fix a typo in a NetworkManager plugin path Signed-off-by: Zubair Lutfullah Kakakhel <zubair@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha 8d4481e1da7b4345726a1fe5ce28897dca97228c

Merge pull request #1834 from balena-os/zlk/fix_nm_path networkmanager: Fix a typo in a plugin path

view details

Robert Günzler

commit sha 914af21c133de0ffdf36fb43a1223974852b844c

Bump go to 1.12.12 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.12 to get recent security patches. Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 71874d42e12c14e1f58e4e04079e7bdefc588f7e

meta-balena-common:layer.conf: Set preferred go version to 1.12.12

view details

Robert Günzler

commit sha e74f9a18f169188705a1485c537fe5e075d1e6f4

balena-engine: Update to 19.03.5 Change-type: minor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 5 days

push eventbalena-os/balena-libnetwork

Petros Angelatos

commit sha 8b00ee5dfc0d102b5319b49a06d1754b7bd655b6

cmd/proxy: export main package as a library Allows it to be used as part of a busybox-like binary Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha ba3128f01545d0d05a5e37588a116b0d1095266b

remove consul,etcd,zookeeper stores Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha d834b224b87ec91977f4007ff3ca62e8ea6fca7c

disable macvlan,overlay,remote drivers Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Yossi Eliaz

commit sha b32ba7fc8d2666dffcbd2bc116b7a6f33c821f8e

Enabled remote to support network create -d docker network create -d needs a remote initializer, which was removed accidentally. this fixes all the DockerNetworkSuite integration tests suite. Signed-off-by: Yossi Eliaz <yossi@resin.io>

view details

Petros Angelatos

commit sha c6ba34d9326276eb7e18134ef944acd0ec67a3c6

rename bridge to balena0 Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Yossi Eliaz

commit sha 398c7e9a063d679a0e0419b54452920e11cc1361

proxy: renamed docker-proxy to balena-proxy Signed-off-by: Yossi Eliaz <yossi@resin.io>

view details

Paulo Castro

commit sha 0c23350743f1c21c0b491bd6dcf6106ce0c61f96

Rename balena to balenaEngine Signed-off-by: Paulo Castro <paulo@resin.io>

view details

push time in 5 days

push eventbalena-os/balena-runc

Petros Angelatos

commit sha a1c6a79d410585c0a0cf68e711352015c1b92f4d

runc: export main package as a library Allows runc to be used as part of a busybox-like binary Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

push time in 5 days

push eventbalena-os/balena-engine

push time in 5 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 47f7539cb2a82736b9da269970ed56e466b0ef64

Bump go to 1.12.16 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.16 to get recent security patches. Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 28b3951be5077034623470bf96bca9377b625b2f

meta-balena-common:layer.conf: Set preferred go version to 1.12.16

view details

Robert Günzler

commit sha 5dc28f9fdb75c5b5f0772ba7d538e8698edae21d

balena-engine: Update to 19.03.6-rc2 Change-type: minor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 6 days

push eventbalena-io/scripts

Giovanni Garufi

commit sha b23b830a764ffd70c96a22a5f185242672336584

Exclude auto-rebase from repo.yml Change-type: patch Signed-off-by: Giovanni Garufi <giovanni@balena.io>

view details

Giovanni Garufi

commit sha f83439641c954c95c359724fa00c8b09aebfff5f

Merge pull request #80 from balena-io/exclude-rebase Exclude auto-rebase from repo.yml

view details

Balena CI

commit sha 9f97580f4ed00e8cacf65f72ddd1e95301557a05

v1.10.12

view details

Giovanni Garufi

commit sha 90dbb94b75550a810b320eb29daaf8bf2f35ee95

Build and push docker images in parallel Change-type: patch Signed-off-by: Giovanni Garufi <giovanni@balena.io>

view details

Giovanni Garufi

commit sha 354fa80f9af6c09c93a8ff5f42b90340d98cac7c

Merge pull request #81 from balena-io/parallel-docker Build and push docker images in parallel

view details

Balena CI

commit sha cef6d7e5e1cb6753845c45a53eb3f8845ae324f7

v1.10.13

view details

Giovanni Garufi

commit sha d42d6cdf9a143a5d005ed61537c60570f8c20525

Add balena-engine build and discriminant Change-type: minor Signed-off-by: Giovanni Garufi <giovanni@balena.io> Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 6 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha ac64c458a5744a3df1af918b10335e7e254d389e

balena-engine: Update to 19.03.6-rc2 Change-type: minor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 6 days

push eventbalena-os/balena-engine

Robert Günzler

commit sha b0838989f0cc17e63431a68c3ab6614b7c51d608

Vendor new runc dependencies Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 6 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha d5424cd02464caaf1763f2c04d831646aca9241a

Bump go to 1.12.16 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.16 to get recent security patches. Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha b113d71d047dde7dc790e88ab71e879f8ec07e48

meta-balena-common:layer.conf: Set preferred go version to 1.12.16

view details

Robert Günzler

commit sha 6bf3afc0317d8a526f5442fd609e47b535b50b33

balena-engine: Update to 19.03.6-rc2 Change-type: minor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 6 days

push eventbalena-os/meta-balena

Matthew McGinn

commit sha 13b5397eb127f8626a45041b84be7aed9b149709

Americanize the README.md Change-type: patch Signed-off-by: Matthew McGinn <matthew@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha e543ef6b41d3309325b801df5a20940a244f21cb

Merge pull request #1806 from balena-os/americanization Americanize the README.md

view details

Vicentiu Galanopulo

commit sha b82982940548da60daa3d7a854316de96ec82e45

README.md: Add supported USB WiFi dongle The RT5572 chipset based Panda PAU09 N600 was added as a supported dongle across all the Balena supported devices Change-type: minor Changelog-entry: Add supported USB WiFi dongle Signed-off-by: Vicentiu Galanopulo <vicentiu@balena.io>

view details

Balena CI

commit sha 6cb5e0b7b12ae2922c85c50652b0a86febf91f54

v2.46.2

view details

Florin Sarbu

commit sha 37b9f59d4c7521805883ef3bf8e0bbc21d26622e

packagegroup-resin-connectivity: Add wifi firmware for wl18xx Since poky thud, the linux-firmware recipe in poky is packaging the wl18xx firmware in its own package rather than add it in the linux-firmware-wl12xx package. Change-type: patch Changelog-entry: Make sure to add in rootfs the wifi firmware for wl18xx Signed-off-by: Florin Sarbu <florin@balena.io>

view details

Florin Sarbu

commit sha 7ec6b796787fc0afb2234e8ddb654f1b4a761708

kernel-resin.bbclass: Add uinput module Add uinput user level driver support directly from meta-balena as this will benefit all our customers. Change-type: patch Changelog-entry: Add uinput kernel module Signed-off-by: Florin Sarbu <florin@balena.io>

view details

Florin Sarbu

commit sha 6e21a37ff7f45b6b577841c2721f31a6444dd892

Merge pull request #1797 from balena-os/make_sure_to_add_wl18xx_fw packagegroup-resin-connectivity: Add wifi firmware for wl18xx

view details

Zubair Lutfullah Kakakhel

commit sha 234f8fe975cb204c156439a342343bf464f402a4

healthdog: Update to v1.0.1 Update healthdog from 0.1.0 to 1.0.1 Fixes #1719 Changelog-entry: Update healthdog to v1.0.1. Allows building with newer rust versions Signed-off-by: Zubair Lutfullah Kakakhel <zubair@balena.io>

view details

Alex Gonzalez

commit sha 20d9e3114dc28683ea2c15cecfcae6ff93d22bec

Enable memory overcommit Move the memory overcommit settings from the Raspberry Pi integration layer to meta-balena so it applies to all device types. Fixes #1791 Change-type: patch Changelog-entry: Enable memory overcommit Signed-off-by: Alex Gonzalez <alexg@balena.io>

view details

Florin Sarbu

commit sha 59d9d0d067219163fdc9d94950c6e857aab2e667

Merge pull request #1802 from balena-os/enable_uinput_kernel_module kernel-resin.bbclass: Add uinput module

view details

Zubair Lutfullah Kakakhel

commit sha 6bbe46404f36ae9b2719750d9bfc9daf5b12c88c

repo.yml: Fix supervisor and add healthdog to changelog Change-type: patch Changelog-entry: Fix supervisor nested changelogs Signed-off-by: Zubair Lutfullah Kakakhel <zubair@balena.io>

view details

Alex Gonzalez

commit sha b4005f8d6f4ca61bac76f565c8eb3a84500399c7

Merge pull request #1798 from balena-os/alexgg/#1791-mem-overcommit Enable memory overcommit

view details

Alex Gonzalez

commit sha b4122eeea971dfc9325885cc7c896c733cf60920

resolv.conf: Increase DNS client's timeout to 15 seconds The DNS clients (applications) resolver libraries use the timeout value in /etc/resolv.conf to set the time between DNS attempts. The default is 5 secs which for slow networks like cellular mean lots of DNS requests on a bandwidth sensitive channel. This change modifies the default to 15 secs. This timeout only applies when DNS servers are unresponsive so it will not affect the normal functionality. Fixes #1800 Change-type: patch Changelog-entry: Increase DNS clients timeout to 15 seconds Signed-off-by: Alex Gonzalez <alexg@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha 0832d1d60d20caed2e45ec68d63779149e88d9a2

Merge pull request #1723 from balena-os/rust-13.7.0 Update healthdog and fix supervisor nested changelog

view details

Gareth Davies

commit sha f294336c3c8d9d8c08075a299b6bb377eb95f922

README.md: Update config.json documentation Changelog-entry: Update config.json documentation Change-type: patch Signed-off-by: Gareth Davies <gareth@balena.io>

view details

Gareth Davies

commit sha 57047830db238a127c09f283870ecf3d0992578b

Addressing review comments Change-type: patch Signed-off-by: Gareth Davies <gareth@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha 0d30115c0fc8482bd17c2931defa62cc211978f5

Merge pull request #1808 from balena-os/alexgg/#1800-dns-timeout resolv.conf: Increase DNS client's timeout to 15 seconds

view details

Alexis Svinartchouk

commit sha 74be7b20bf3a9eb71bf5318a96248e087b7ce441

bluez5: enable sixaxis (playstation 3 controller) support Change-type: patch Changelog-entry: Enable sixaxis support in bluez5 Signed-off-by: Alexis Svinartchouk <alexis@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha b935ccce1afba6d2b9fb5bcc13e74727299f8727

Merge pull request #1804 from balena-os/readme-config-json README.md: Update config.json documentation

view details

Alex Gonzalez

commit sha d53ba3570daf05c8592220b2949a441f6e06e662

Match licenses with license files. Apache 2.0 and MIT, though similar, are not the same license. Change-type: patch Signed-off-by: Alex Gonzalez <alexg@balena.io>

view details

push time in 6 days

push eventbalena-os/meta-balena

Florin Sarbu

commit sha d52f37f7190a9d2eed2dcbe3606b8e6657fb230b

packagegroup-resin-connectivity: Add wifi firmware for wl18xx Since poky thud, the linux-firmware recipe in poky is packaging the wl18xx firmware in its own package rather than add it in the linux-firmware-wl12xx package. Change-type: patch Changelog-entry: Make sure to add in rootfs the wifi firmware for wl18xx Signed-off-by: Florin Sarbu <florin@balena.io>

view details

Florin Sarbu

commit sha 267426261509e389f8fce6b86c117eb8774c4f9b

kernel-resin.bbclass: Add uinput module Add uinput user level driver support directly from meta-balena as this will benefit all our customers. Change-type: patch Changelog-entry: Add uinput kernel module Signed-off-by: Florin Sarbu <florin@balena.io>

view details

Florin Sarbu

commit sha 3233b0e1188851f99b7eca35a257c84a2591a5f9

Merge pull request #1797 from balena-os/make_sure_to_add_wl18xx_fw packagegroup-resin-connectivity: Add wifi firmware for wl18xx

view details

Zubair Lutfullah Kakakhel

commit sha bbb12472b4a2e16d6ad580990df6b5b604b469d8

healthdog: Update to v1.0.1 Update healthdog from 0.1.0 to 1.0.1 Fixes #1719 Changelog-entry: Update healthdog to v1.0.1. Allows building with newer rust versions Signed-off-by: Zubair Lutfullah Kakakhel <zubair@balena.io>

view details

Alex Gonzalez

commit sha dfd921f465eceb1da932bc78fef1a871b10d5c7e

Enable memory overcommit Move the memory overcommit settings from the Raspberry Pi integration layer to meta-balena so it applies to all device types. Fixes #1791 Change-type: patch Changelog-entry: Enable memory overcommit Signed-off-by: Alex Gonzalez <alexg@balena.io>

view details

Florin Sarbu

commit sha 099eb54a1ac9a873342fbffb837b92e9b2d077b8

Merge pull request #1802 from balena-os/enable_uinput_kernel_module kernel-resin.bbclass: Add uinput module

view details

Zubair Lutfullah Kakakhel

commit sha b4c9bc4228ab032ac6b9d3445bb0a2513661c1a7

repo.yml: Fix supervisor and add healthdog to changelog Change-type: patch Changelog-entry: Fix supervisor nested changelogs Signed-off-by: Zubair Lutfullah Kakakhel <zubair@balena.io>

view details

Alex Gonzalez

commit sha 76f45e025ebdef3259073cdc0666dd8c37dcec18

Merge pull request #1798 from balena-os/alexgg/#1791-mem-overcommit Enable memory overcommit

view details

Alex Gonzalez

commit sha 83d1571a622ceef82e99de125d489790f15f179b

resolv.conf: Increase DNS client's timeout to 15 seconds The DNS clients (applications) resolver libraries use the timeout value in /etc/resolv.conf to set the time between DNS attempts. The default is 5 secs which for slow networks like cellular mean lots of DNS requests on a bandwidth sensitive channel. This change modifies the default to 15 secs. This timeout only applies when DNS servers are unresponsive so it will not affect the normal functionality. Fixes #1800 Change-type: patch Changelog-entry: Increase DNS clients timeout to 15 seconds Signed-off-by: Alex Gonzalez <alexg@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha 8aac5d8ffda1013bb28bf3d1c975bbc942fd83a3

Merge pull request #1723 from balena-os/rust-13.7.0 Update healthdog and fix supervisor nested changelog

view details

Zubair Lutfullah Kakakhel

commit sha e48402eefef8d0e3ceee61058fc6f5f1f851d1da

Merge pull request #1808 from balena-os/alexgg/#1800-dns-timeout resolv.conf: Increase DNS client's timeout to 15 seconds

view details

Gareth Davies

commit sha 156c4808663ae111beb568b05bf6bde182465609

README.md: Update config.json documentation Changelog-entry: Update config.json documentation Change-type: patch Signed-off-by: Gareth Davies <gareth@balena.io>

view details

Gareth Davies

commit sha 3dea4a3cb0534643ce345ef55be9ec5f8e8bf035

Addressing review comments Change-type: patch Signed-off-by: Gareth Davies <gareth@balena.io>

view details

Alexis Svinartchouk

commit sha f2dc1d915ed0ba1cc3474f2a4a5b8bedac287315

bluez5: enable sixaxis (playstation 3 controller) support Change-type: patch Changelog-entry: Enable sixaxis support in bluez5 Signed-off-by: Alexis Svinartchouk <alexis@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha 9abbf37aa9359815b74c177285fc1d94f44dccb3

Merge pull request #1804 from balena-os/readme-config-json README.md: Update config.json documentation

view details

Zubair Lutfullah Kakakhel

commit sha ca915c039fefa37173220085147a1444923598a6

Merge pull request #1769 from balena-os/enable-sixaxis-in-bluez Enable sixaxis in bluez

view details

Zubair Lutfullah Kakakhel

commit sha 33558b6b8455f766a98c5c741bedccbc92b419eb

resin-image-initramfs: Increase max size to 32MB Some devices have special tools in the initramfs that bloat it. e.g. Jetson family have tegra-firmware-xusb etc. IMAGE_ROOTFS_MAXSIZE triggers an error if the rootfs goes beyond this limit. This does not force the rootfs to an empty fixed size. We can comfortably increase the max size to 32MB to reduce unnecessary patches in the device integration layers. We'll still be covered by the full resin-rootA size limit. Fixes #1790 Change-type: patch Changelog-entry: No user impact. Increase limit for maximum initramfs size from 12MB to 32MB. This helps reduce unnecessary overrides in integration layers. Signed-off-by: Zubair Lutfullah Kakakhel <zubair@balena.io>

view details

Alex Gonzalez

commit sha f1e95f23e05ae27a96bdf09fe203a890575ad8be

Match licenses with license files. Apache 2.0 and MIT, though similar, are not the same license. Change-type: patch Signed-off-by: Alex Gonzalez <alexg@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha b145361b0322a99ea63522b2010c4ec28aa3e291

Merge pull request #1820 from balena-os/alexgg/fix-licenses Match licenses with license files.

view details

Zubair Lutfullah Kakakhel

commit sha 7e7f0167477ac4a80c256e4c2dd07863c586357b

Merge pull request #1813 from balena-os/zlk/max_initramfs_size Sync resin-image-initramfs size across devices.

view details

push time in 6 days

delete branch balena-os/meta-balena

delete branch : rgz/go112

delete time in 6 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha fa2f7666fa9850cde789bc70d4c427e4cd984fba

Bump go to 1.12.16 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.16 to get recent security patches. Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha b3be84053cf058b1eed27cc7496efab9e02c3408

meta-balena-common:layer.conf: Set preferred go version to 1.12.16

view details

push time in 6 days

push eventbalena-os/balena-engine

Olli Janatuinen

commit sha e1cae011e2d83ab0c0bbcddf0c59ef6d8b6f6e42

Windows: Use system specific parallelism value on containers restart Signed-off-by: Olli Janatuinen <olli.janatuinen@gmail.com> (cherry picked from commit 447a840254410df3b9345c652b601f08447b8467) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Brian Goff

commit sha d699e3de12df8d3b8e497b89c9fea143dd84b596

Windows: Only set VERSION_QUAD if unset When trying to build with some pretty typical version strings this was causing failures trying to generate the windows resource file. The resource file is already gated by an `ifdef` for this var, so instead of blindly setting based on "VERSION", which can contain some characters which are incompatible (e.g. 1.2.3.rc.0 will fail due to the ".rc"). Signed-off-by: Brian Goff <cpuguy83@gmail.com> (cherry picked from commit ce931f28ea8768baa7ca2725d9030fbf8a40d3ba) Signed-off-by: Brian Goff <cpuguy83@gmail.com>

view details

Grant Millar

commit sha d3d724e45aa24448990364ad54958f35b6efdf7c

daemon: Use short libnetwork ID in exec-root & update libnetwork also updates libnetwork to d9a6682a4dbb13b1f0d8216c425fe9ae010a0f23 full diff: https://github.com/docker/libnetwork/compare/3eb39382bfa6a3c42f83674ab080ae13b0e34e5d...d9a6682a4dbb13b1f0d8216c425fe9ae010a0f23 - docker/libnetwork#2482 [19.03 backport] Shorten controller ID in exec-root to not hit UNIX_PATH_MAX - docker/libnetwork#2483 [19.03 backport] Fix panic in drivers/overlay/encryption.go Signed-off-by: Grant Millar <rid@cylo.io> (cherry picked from commit df7b8f458aec29400c76b8dc87b3ce087d3fa76c) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Jonas Heinrich

commit sha 449b60fcd06b3ef6235d7b7f4c220889f02a85b2

logger/gelf: Skip empty lines to comply with spec The [gelf payload specification](http://docs.graylog.org/en/2.4/pages/gelf.html#gelf-payload-specification) demands that the field `short_message` *MUST* be set by the client library. Since docker logging via the gelf driver sends messages line by line, it can happen that messages with an empty `short_message` are passed on. This causes strict downstream processors (like graylog) to raise an exception. The logger now skips messages with an empty line. Resolves: #40232 See also: #37572 Signed-off-by: Jonas Heinrich <Jonas@JonasHeinrich.com> (cherry picked from commit 5c6b913ff1e520cae320913bfee43ec86583b666) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

John Howard

commit sha ba28377919de499e50e1beacf200d4daccb3f6ae

LCOW: Fix FROM scratch Signed-off-by: John Howard <jhoward@microsoft.com> (cherry picked from commit 20b11792e8c58348d3f50756251c98f80e027a35) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha efcd84e47c6bc3f5e52eb2cce518f55501d60ce7

[19.03] Update to runc v1.0.0-rc9 full diff: https://github.com/opencontainers/runc/compare/3e425f80a8c931f88e6d94a8c831b9d5aa481657...v1.0.0-rc9 - opencontainers/runc#1951 Add SCMP_ACT_LOG as a valid Seccomp action - opencontainers/runc#2130 *: verify operations on /proc/... are on procfs This is an additional mitigation for CVE-2019-16884. The primary problem is that Docker can be coerced into bind-mounting a file system on top of /proc (resulting in label-related writes to /proc no longer happening). While we are working on mitigations against permitting the mounts, this helps avoid our code from being tricked into writing to non-procfs files. This is not a perfect solution (after all, there might be a bind-mount of a different procfs file over the target) but in order to exploit that you would need to be able to tweak a config.json pretty specifically (which thankfully Docker doesn't allow). Specifically this stops AppArmor from not labeling a process silently due to /proc/self/attr/... being incorrectly set, and stops any accidental fd leaks because /proc/self/fd/... is not real. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha cfcf25bb5409eb0c3a9c257b225f2b8890142030

[19.03] Update containerd binary to v1.2.11 full diff: https://github.com/containerd/containerd/compare/v1.2.10...v1.2.11 The eleventh patch release for containerd 1.2 includes an updated runc with an additional fix for CVE-2019-16884 and a Golang update. Notable Updates ----------------------- - Update the runc vendor to v1.0.0-rc9 which includes an additional mitigation for CVE-2019-16884. More details on the runc CVE in opencontainers/runc#2128, and the additional mitigations in opencontainers/runc#2130. - Add local-fs.target to service file to fix corrupt image after unexpected host reboot. Reported in containerd/containerd#3671, and fixed by containerd/containerd#3746. - Update Golang runtime to 1.12.13, which includes security fixes to the crypto/dsa package made in Go 1.12.11 (CVE-2019-17596), and fixes to the go command, runtime, syscall and net packages (Go 1.12.12). CRI fixes: ----------------------- - Fix shim delete error code to avoid unnecessary retries in the CRI plugin. Discovered in containerd/cri#1309, and fixed by containerd/containerd#3732 and containerd/containerd#3739. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha fe00613d0686a47519048a190f1138504a2cdedc

bump containerd/cgroups c4b9ac5c7601384c965b9646fc515884e091ebb9 full diff: github.com/containerd/cgroups https://github.com/containerd/cgroups/compare/4994991857f9b0ae8dc439551e8bebdbb4bf66c1...c4b9ac5c7601384c965b9646fc515884e091ebb9 changes included: - containerd/cgroups#81 Add network stats - addresses containerd/cgroups#80 Add network metrics - containerd/cgroups#85 Fix cgroup hugetlb size prefix for kB - addresses kubernetes/kubernetes#77169 Permission denied on hugetlb due to wrong filename - relates to opencontainers/runc#2065 Fix cgroup hugetlb size prefix for kB - containerd/cgroups#88 cgroups: fix MoveTo function fail problem - containerd/cgroups#92 fixed an issue with invalid soft memory limits - containerd/cgroups#93 avoid adding io_serviced and io_service_bytes duplicately - fixes containerd/containerd#3412 collected metric container_blkio_io_serviced_recursive_total: was collected before with the same name and label values Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 0af1099a81861dd0269adad53bdfb387b5c78f39) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 9ab162a73ac9e133a21cffbadd3339cbb5213939

bump containerd/cgroups 5fbad35c2a7e855762d3c60f2e474ffcad0d470a full diff: https://github.com/containerd/cgroups/compare/c4b9ac5c7601384c965b9646fc515884e091ebb9...5fbad35c2a7e855762d3c60f2e474ffcad0d470a - containerd/cgroups#82 Add go module support - containerd/cgroups#96 Move metrics proto package to stats/v1 - containerd/cgroups#97 Allow overriding the default /proc folder in blkioController - containerd/cgroups#98 Allows ignoring memory modules - containerd/cgroups#99 Add Go 1.13 to Travis - containerd/cgroups#100 stats/v1: export per-cgroup stats Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 27552ceb15bca544820229e574427d4c1d6ef585) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 4d190af804f200fd8def0ebbcc011704374d6494

Rename "v1" to "statsV1" follow-up to 27552ceb15bca544820229e574427d4c1d6ef585, where this was left as a review comment, but the PR was already merged. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 9a7e96b5b7e97e034ce7bb0f1e7788d1bd881c7f) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 3fca5878d6bac77aaddb6cfc7267f21861faef04

integration-cli: remove unnescessary conversions (unconvert) Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com> Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 7c40c0a9227089a7e3ee7c23c2bc0685ed133391) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 1f18c73c09baa9b1fb296f7058e97dff32644330

bump Microsoft/hcsshim 2226e083fc390003ae5aa8325c3c92789afa0e7a Adds osversion.Build() utility Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit a5341aaf32d2ea1d7f527fa8f3bd08f4706e4872) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

vikrambirsingh

commit sha 5302429fffd4a1971e11c867e32a6a19b7b66919

TestRunAttachFailedNoLeak: Compare lowercase Fixed failures in TestRunAttachFailedNoLeak caused by case mismatch Signed-off-by: vikrambirsingh <vikrambir.singh@docker.com> (cherry picked from commit c530c9cbb0da177337a90a6651305daa9eb0c42b) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Vikram bir Singh

commit sha e2f226b5b41c958fa518f677eb213eb1462f90a8

Bump hcsshim to b3f49c06ffaeef24d09c6c08ec8ec8425a Among other things, this is required to pull in microsoft/hcsshim#718 Also fixes microsoft/hcsshim#737 which was caught by checks while attempting to bump up hcsshim version. Signed-off-by: Vikram bir Singh <vikrambir.singh@docker.com> (cherry picked from commit a7b6c3f0bf5d10c6227a29bac7dd46b9a7a779bc) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 8dbc7420ed592119af915c2cd4d7a7d90feca3be

[19.03] Bump Golang 1.12.14 go1.12.14 (released 2019/12/04) includes a fix to the runtime. See the Go 1.12.14 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.12.14+label%3ACherryPickApproved Update Golang 1.12.13 ------------------------ go1.12.13 (released 2019/10/31) fixes an issue on macOS 10.15 Catalina where the non-notarized installer and binaries were being rejected by Gatekeeper. Only macOS users who hit this issue need to update. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha b617355190d0ab290bc7236059fc072d83b1cc4d

docker-py: re-enable tests that were fixed in v4.1.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 6bc45b09e7b06cd68e61c26f0630d09279136d75) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Sebastiaan van Stijn

commit sha 8e57214487baedb130950c5c4922df400c27dac3

docker-py: skip broken ImageCollectionTest::test_pull_multiple The ImageCollectionTest.test_pull_multiple test performs a `docker pull` without a `:tag` specified) to pull all tags of the given repository (image). After pulling the image, the image(s) pulled are checked to verify if the list of images contains the `:latest` tag. However, the test assumes that all tags of the image are tags for the same version of the image (same digest), and thus a *single* image is returned, which is not always the case. Currently, the `hello-world:latest` and `hello-world:linux` tags point to a different digest, therefore the `client.images.pull()` returns multiple images: one image for digest, making the test fail: =================================== FAILURES =================================== ____________________ ImageCollectionTest.test_pull_multiple ____________________ tests/integration/models_images_test.py:90: in test_pull_multiple assert len(images) == 1 E AssertionError: assert 2 == 1 E + where 2 = len([<Image: 'hello-world:linux'>, <Image: 'hello-world:latest'>]) This patch temporarily skips the broken test until it is fixed upstream. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit f2b25e498f8ea8bfd30f166717146e11e17e948d) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Dominic

commit sha 16f503c0486fa511ecd4186ea6fb9b3e49c496f6

cast Dev and Rdev of Stat_t to uint64 for mips Signed-off-by: Dominic <yindongchao@inspur.com> Signed-off-by: Dominic Yin <yindongchao@inspur.com> (cherry picked from commit 5f0231bca193320e1a3d785a3ade0e64241fe580) Signed-off-by: Dominic Yin <yindongchao@inspur.com>

view details

Sebastiaan van Stijn

commit sha 96582ab4ba132e574e1ebc52d4645ca58748cd0b

Merge pull request #438 from ydcool/19.03_backport_fix_compiling_errors_on_mips [19.03 backport] cast Dev and Rdev of Stat_t to uint64 for mips

view details

Sebastiaan van Stijn

commit sha 077f0939881ed69e105a4e6bc5daea74e91f3dbc

Merge pull request #437 from thaJeztah/19.03_backport_skip_broken_docker_py_test [19.03 backport] docker-py: skip broken ImageCollectionTest::test_pull_multiple, and re-enable fixed tests

view details

push time in 6 days

created tagbalena-os/balena-engine

tagv19.03.6-rc2

Moby-based Container Engine for Embedded, IoT, and Edge uses

created time in 6 days

created tagbalena-os/balena-engine

tagv19.03.6-rc1

Moby-based Container Engine for Embedded, IoT, and Edge uses

created time in 6 days

push eventbalena-os/balena-libnetwork

Sebastiaan van Stijn

commit sha a7dc784d1794b69cceb020f5dace1781cdd14503

Update Golang 1.12.12 (CVE-2019-17596) Golang 1.12.12 ------------------------------- full diff: https://github.com/golang/go/compare/go1.12.11...go1.12.12 go1.12.12 (released 2019/10/17) includes fixes to the go command, runtime, syscall and net packages. See the Go 1.12.12 milestone on our issue tracker for details. https://github.com/golang/go/issues?q=milestone%3AGo1.12.12 Golang 1.12.11 (CVE-2019-17596) ------------------------------- full diff: https://github.com/golang/go/compare/go1.12.10...go1.12.11 go1.12.11 (released 2019/10/17) includes security fixes to the crypto/dsa package. See the Go 1.12.11 milestone on our issue tracker for details. https://github.com/golang/go/issues?q=milestone%3AGo1.12.11 [security] Go 1.13.2 and Go 1.12.11 are released Hi gophers, We have just released Go 1.13.2 and Go 1.12.11 to address a recently reported security issue. We recommend that all affected users update to one of these releases (if you're not sure which, choose Go 1.13.2). Invalid DSA public keys can cause a panic in dsa.Verify. In particular, using crypto/x509.Verify on a crafted X.509 certificate chain can lead to a panic, even if the certificates don't chain to a trusted root. The chain can be delivered via a crypto/tls connection to a client, or to a server that accepts and verifies client certificates. net/http clients can be made to crash by an HTTPS server, while net/http servers that accept client certificates will recover the panic and are unaffected. Moreover, an application might crash invoking crypto/x509.(*CertificateRequest).CheckSignature on an X.509 certificate request, parsing a golang.org/x/crypto/openpgp Entity, or during a golang.org/x/crypto/otr conversation. Finally, a golang.org/x/crypto/ssh client can panic due to a malformed host key, while a server could panic if either PublicKeyCallback accepts a malformed public key, or if IsUserAuthority accepts a certificate with a malformed public key. The issue is CVE-2019-17596 and Go issue golang.org/issue/34960. Thanks to Daniel Mandragona for discovering and reporting this issue. We'd also like to thank regilero for a previous disclosure of CVE-2019-16276. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit f741dc9c305fea900b96b8a838f959395799cf78) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

elangovan sivanandam

commit sha 510ec3acd06934207683a5c949bc2de77d017925

Merge pull request #2474 from thaJeztah/19.03_backport_bump_golang_1.12.12 [19.03 backport] Update Golang 1.12.12 (CVE-2019-17596)

view details

Grant Millar

commit sha ccf98d616383050466c2f6b43322dcd5e41b5572

Shorten controller ID in exec-root to not hit UNIX_PATH_MAX Signed-off-by: Grant Millar <rid@cylo.io> (cherry picked from commit bdeccb571fd7ace82ba303ef01186f4b48a16622) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

Arko Dasgupta

commit sha 95cf49766bd40007b77f5ad906806102cb191542

Fix panic in drivers/overlay/encryption.go Issue - "index out of range" panic in drivers/overlay/encryption.go:539 due to a mismatch in indices between curKeys and spis due to case where updateKeys might bail out due to an error and not update the spis Fix - Reconfigure keys when there is a key update failure Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com> (cherry picked from commit 4420ee92f5b3b951f98a36b2bc8144a19b560a22) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

elangovan sivanandam

commit sha b0d603659e0babfa140473365f530ddc949a2d50

Merge pull request #2483 from thaJeztah/19.03_backport_fix_key_spi_panic [19.03 backport] Fix panic in drivers/overlay/encryption.go

view details

elangovan sivanandam

commit sha d9a6682a4dbb13b1f0d8216c425fe9ae010a0f23

Merge pull request #2482 from thaJeztah/19.03_backport_short_key_id [19.03 backport] Shorten controller ID in exec-root to not hit UNIX_PATH_MAX

view details

Tomas Janousek

commit sha 92cbfe3f9b7f83b213a8ef70127deec0702050b5

bridge: Fix hwaddr set race between us and udev systemd and udev in their default configuration attempt to set a persistent MAC address for network interfaces that don't have one already [systemd-def-link]. We set the address only after creating the interface, so there is a race between us and udev. There are several outcomes (that actually occur, this race is very much not a theoretical one): * We set the address before udev gets to the networking rules, so udev sees `/sys/devices/virtual/net/docker0/addr_assign_type = 3` (NET_ADDR_SET). This means there's no need to assign a different address and everything is fine. * udev reads `/sys/devices/virtual/net/docker0/addr_assign_type` before we set the address, gets `1` (NET_ADDR_RANDOM), and proceeds to generate and set a persistent address. Old versions of udev (pre-v242, i.e. without [udev-patch]) would then fail to generate an address, spit out "Could not generate persistent MAC address for docker0: No such file or directory" (see [udev-issue], and everything would be probably fine as well. Current version of udev (with [udev-patch]) will generate an address just fine and then race us setting it. As udev does more work than we, the most probable outcome is that udev will overwrite the address we set and possibly cause some trouble later on. On a clean Debian Buster (from Vagrant) VM with systemd/udev 242 from Debian Experimental, `docker network create net1` up to `net7` resulted in 3 bridges having a 02:42: address and 4 bridges having a seemingly random (actually generated from interface name) address. With systemd 241, the result would be all bridges having a 02:42:, but some "Could not generate persistent MAC address for" messages in the log. The fix is to revert the MAC address setting fix from 79b3e7761d249a6f, as it is no longer necessary with current netlink [netlink-addr-add], and set the address atomically when creating the bridge interface, not after that. [systemd-def-link]: https://github.com/systemd/systemd/blob/a166cd3aacdbfd4df196bb4ca9f43cff19cf9fec/network/99-default.link [udev-patch]: https://github.com/systemd/systemd/commit/6d36464065601f79a352367cf099be8907d8f9aa [udev-issue]: https://github.com/systemd/systemd/issues/3374 [netlink-addr-add]: https://github.com/vishvananda/netlink/commit/7d9b424492b5319e5993c5d6e8bef48e583aabd6 ... Do note that a similar race happens when creating veth devices as well. I wasn't able to reproduce getting a wrong (non-02:42:) address, possibly because the address is set by docker later, maybe only after the interface is moved to another network namespace (but I'm just guessing here). Still, different timings result in various error messages being logged ("link_config: could not get ethtool features for vethd9c938e" and the like) depending on when the interface disappears from the primary network namespace. I'm not sure how to fix this and I don't intend to dig deeper into this. Signed-off-by: Tomas Janousek <tomi@nomi.cz> (cherry picked from commit 8710ffea0b06b2eeb66fd231b5a27fbf538377ac) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

view details

elangovan sivanandam

commit sha 9fd385be8302dbe1071a3ce124891893ff27f90f

Merge pull request #2495 from thaJeztah/19.03_backport_bridge_atomic_hwaddr [19.03 backport] bridge: Fix hwaddr set race between us and udev

view details

Petros Angelatos

commit sha 7e3031f8f1a4a52725044190bbff0a0e6b6c144e

cmd/proxy: export main package as a library Allows it to be used as part of a busybox-like binary Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 592bec970015ad2024ddca811ab383cb176b7899

remove consul,etcd,zookeeper stores Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha d64da98f8f11b3467b730d2289f29d8964466d9e

disable macvlan,overlay,remote drivers Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Yossi Eliaz

commit sha c20577aa4d5927c96f1b173f485e6a4f80b3699e

Enabled remote to support network create -d docker network create -d needs a remote initializer, which was removed accidentally. this fixes all the DockerNetworkSuite integration tests suite. Signed-off-by: Yossi Eliaz <yossi@resin.io>

view details

Petros Angelatos

commit sha e79354e4f6d5eab0c823a1d3af49c4bb764630dd

rename bridge to balena0 Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Yossi Eliaz

commit sha 3896bb41039e6c6a0b807cc25e2b3724682d22e4

proxy: renamed docker-proxy to balena-proxy Signed-off-by: Yossi Eliaz <yossi@resin.io>

view details

Paulo Castro

commit sha a6204d38d4d32c81c1db364cb7761bf6920406e2

Rename balena to balenaEngine Signed-off-by: Paulo Castro <paulo@resin.io>

view details

push time in 7 days

push eventbalena-os/balena-runc

Kevin Kelani

commit sha 056909bd3d966ea22ebb243b15fce5060d9850f0

Adds note about user ns for rootless containers Signed-off-by: Kevin Kelani <kkelani@gmail.com>

view details

Kurnia D Win

commit sha 5e0e67d76cc99d76c8228d48f38f37034503f315

fix permission denied when exec as root and config.Cwd is not owned by root, exec will fail because root doesn't have the caps. So, Chdir should be done before setting the caps. Signed-off-by: Kurnia D Win <kurnia.d.win@gmail.com>

view details

blacktop

commit sha 84373aaa560b3f14cfda210b2f34ca14fd4b1fce

Add SCMP_ACT_LOG as a valid Seccomp action (#1951) Signed-off-by: blacktop <blacktop@users.noreply.github.com>

view details

Julia Nedialkova

commit sha e63b797f3827676303c639837957a06c1bbbbac8

Handle ENODEV when accessing the freezer.state file ...when checking if a container is paused Signed-off-by: Julia Nedialkova <julianedialkova@hotmail.com>

view details

tianye15

commit sha 28e58a0f6a81155183bc91529c7bd1dedd8f821c

Support different field counts of cpuaact.stats Signed-off-by: skilxnTL <tylxltt@gmail.com>

view details

Aleksa Sarai

commit sha 9aef50441511f0e9954d31d5ae84429040032e7c

vendor: update github.com/opencontainers/selinux This is a bump to v1.3.0, plus the necessary CVE-2019-16884 mitigation. Signed-off-by: Aleksa Sarai <asarai@suse.de>

view details

Aleksa Sarai

commit sha d463f6485b809b5ea738f84e05ff5b456058a184

*: verify that operations on /proc/... are on procfs This is an additional mitigation for CVE-2019-16884. The primary problem is that Docker can be coerced into bind-mounting a file system on top of /proc (resulting in label-related writes to /proc no longer happening). While we are working on mitigations against permitting the mounts, this helps avoid our code from being tricked into writing to non-procfs files. This is not a perfect solution (after all, there might be a bind-mount of a different procfs file over the target) but in order to exploit that you would need to be able to tweak a config.json pretty specifically (which thankfully Docker doesn't allow). Specifically this stops AppArmor from not labeling a process silently due to /proc/self/attr/... being incorrectly set, and stops any accidental fd leaks because /proc/self/fd/... is not real. Signed-off-by: Aleksa Sarai <asarai@suse.de>

view details

Michael Crosby

commit sha cad42f6e0932db0ce08c3a3d9e89e6063ec283e4

Merge pull request #2130 from cyphar/apparmor-verify-procfs *: verify operations on /proc/... are on procfs

view details

Aleksa Sarai

commit sha d736ef14f0288d6993a1845745d6756cfc9ddd5a

VERSION: update to 1.0.0-rc9 Signed-off-by: Aleksa Sarai <asarai@suse.de>

view details

Aleksa Sarai

commit sha 2111613c1998007cc43ecec585d090475c72e811

VERSION: back to development Signed-off-by: Aleksa Sarai <asarai@suse.de>

view details

Manuel Rüger

commit sha 4be50fe338ac50140eb4550b7eba0be9b878d2fd

SECURITY: Add Security Policy This should make the vuln reporting process more visible on GitHub https://help.github.com/en/articles/adding-a-security-policy-to-your-repository Signed-off-by: Manuel Rüger <manuel@rueg.eu>

view details

Michael Crosby

commit sha ba16a38bc4c609835669c4ef2da0f730f47c691e

Merge pull request #2135 from mrueg/security SECURITY: Add Security Policy

view details

Aleksa Sarai

commit sha 1b8a1eeec3f337ab5d94f289800b30835f2e5453

merge branch 'pr-2132' Support different field counts of cpuaact.stats LGTMs: @crosbymichael @cyphar Closes #2132

view details

Aleksa Sarai

commit sha c1485a1e88f853e9c2cd3d51eac6d410fed24df4

merge branch 'pr-2134' VERSION: back to development VERSION: update to 1.0.0-rc9 Vote: +4 -0 #1 LGTMs: @crosbymichael @hqhq @mrunalp Closes #2134

view details

Radostin Stoyanov

commit sha f017e0f9e16459fdbe93bb24fcd78586fe0ec748

checkpoint: Set descriptors.json file mode to 0600 Prevent unprivileged users from being able to read descriptors.json Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>

view details

Michael Crosby

commit sha b28f58f31b999fdee04c750e9203da522acd3b91

Set unified mountpoint in find mnt func This is needed for the fsv2 cgroups to work when there is a unified mountpoint. Signed-off-by: Michael Crosby <crosbymichael@gmail.com>

view details

Mrunal Patel

commit sha 4e3701702e966b4258fbab5b92efa6418c5ae6c6

Merge pull request #2139 from rst0git/desc-permisions checkpoint: Set descriptors.json file mode to 0600

view details

Radostin Stoyanov

commit sha a610a84821ddf5b16efbf52f9040f686fb80f330

criu: Ensure other users cannot read c/r files No checkpoint files should be readable by anyone else but the user creating it. Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>

view details

Akihiro Suda

commit sha 033936ef767b74e868bbeebb2681d0247e7ce74a

io_v2.go: remove blkio v1 code Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>

view details

Akihiro Suda

commit sha d918e7f40817e4c2e22beade538bab1bd5edcc96

cpuset_v2: skip Apply when no limit is specified Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>

view details

push time in 7 days

created tagbalena-os/balena-runc

tagv1.0.0-rc9

CLI tool for spawning and running containers according to the OCI specification

created time in 7 days

created tagbalena-os/balena-runc

tagv1.0.0-rc10

CLI tool for spawning and running containers according to the OCI specification

created time in 7 days

issue commentbalena-os/balena-engine

The engine fails to clean up unused overlays

I would like to collect a range of affected versions to see if anything has lead to the increase in reports of this.

When attaching support threads here, please comment with the affected OS version and if delta pulls are used on the device.

roman-mazur

comment created time in 7 days

issue commentbalena-os/balena-engine

The engine fails to clean up unused overlays

It looks like what we are hitting here is a manifestation of https://github.com/moby/moby/issues/6354 or something very similar.

Basically the way docker handles it's internal representation of which layers it has and the on-disk layer itself is non-atomic, which means events such as power cuts or watchdog related restarts can lead to an incomplete transaction.

roman-mazur

comment created time in 7 days

push eventbalena-os/balena-engine

Robert Günzler

commit sha 84b25aeb52f5f8fe5c0c036e537e7310b6be33ee

Support Go Modules for balena-engine

view details

Robert Günzler

commit sha bd96e169790414c0612b89198dad6dcd2bbc9a39

Add balena-engine-healthcheck Runs some basic runtime introspection on daemon and containerd, as well as a check for available disk space on the partition that holds the layer store. Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 7 days

create barnchbalena-os/balena-engine

branch : modules

created branch time in 7 days

create barnchbalena-os/balena-raspberrypi

branch : rgz/ovl_regression_fix

created branch time in 11 days

push eventbalena-os/balena-engine

Robert Günzler

commit sha cf88bc231ef5dcae4d9a5fdbeefc3cbbff89c518

Add balena-engine-healthcheck Runs some basic runtime introspection on daemon and containerd, as well as a check for available disk space on the partition that holds the layer store. Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 11 days

create barnchbalena-os/balena-engine

branch : healthcheck

created branch time in 14 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 6d7dbe807aec362fefef78585a09323adf1dd24c

balena-engine: Update to 19.03.5 Change-type: minor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 18 days

PR closed balena-os/meta-balena

Reviewers
Bump go to 1.12.12

Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.12 to get the following fixes:

  • fix for CVE-2019-16276: https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8
  • fix for CVE-2019-17596: https://github.com/golang/go/commit/2017d88dbc096381d4f348d2fb08bfb3c2b7ed73
  • fix for DoS vector: https://github.com/golang/go/commit/f0e940ebc985661f54d31c8d9ba31a553b87041b

Signed-off-by: Robert Günzler robertg@balena.io


Contributor checklist

<!-- For completed items, change [ ] to [x]. -->

  • [ ] Changes have been tested
  • [ ] Change-type present on at least one commit
  • [ ] Signed-off-by is present
  • [ ] The PR complies with the Open Embedded Commit Patch Message Guidelines <!-- optional: Changelog-entry present on at least one commit if you want to set the changelog entry manually-->

Reviewer Guidelines

  • When submitting a review, please pick:
    • 'Approve' if this change would be acceptable in the codebase (even if there are minor or cosmetic tweaks that could be improved).
    • 'Request Changes' if this change would not be acceptable in our codebase (e.g. bugs, changes that will make development harder in future, security/performance issues, etc).
    • 'Comment' if you don't feel you have enough information to decide either way (e.g. if you have major questions, or you don't understand the context of the change sufficiently to fully review yourself, but want to make a comment)
+731 -653

3 comments

50 changed files

robertgzr

pr closed time in 19 days

pull request commentbalena-os/meta-balena

Bump go to 1.12.12

superseded by #1824

robertgzr

comment created time in 19 days

PR opened balena-os/meta-balena

Update balena-engine to 19.03

And update the go recipe to 1.12.12


Contributor checklist

<!-- For completed items, change [ ] to [x]. -->

  • [ ] Changes have been tested
  • [x] Change-type present on at least one commit
  • [x] Signed-off-by is present
  • [ ] The PR complies with the Open Embedded Commit Patch Message Guidelines <!-- optional: Changelog-entry present on at least one commit if you want to set the changelog entry manually-->

Reviewer Guidelines

  • When submitting a review, please pick:
    • 'Approve' if this change would be acceptable in the codebase (even if there are minor or cosmetic tweaks that could be improved).
    • 'Request Changes' if this change would not be acceptable in our codebase (e.g. bugs, changes that will make development harder in future, security/performance issues, etc).
    • 'Comment' if you don't feel you have enough information to decide either way (e.g. if you have major questions, or you don't understand the context of the change sufficiently to fully review yourself, but want to make a comment)
+555 -539

0 comment

32 changed files

pr created time in 19 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha e9e0ef9cebf0d19653c5034ea502fc9de7a04813

golang: Bump to 1.12.12 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.12 to get the following fixes: * fix for CVE-2019-16276: https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8 * fix for CVE-2019-17596: https://github.com/golang/go/commit/2017d88dbc096381d4f348d2fb08bfb3c2b7ed73 * fix for DoS vector: https://github.com/golang/go/commit/f0e940ebc985661f54d31c8d9ba31a553b87041b Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha fa7db17e65be5c621904fc68e1bd0365176c617f

meta-balena-common:layer.conf: Set preferred go version to 1.12.12

view details

Robert Günzler

commit sha 33be1d1b34a7c24e1779551e0bcd3e859da58905

balena-engine: Update to 19.03.5 Change-type: minor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 19 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha b9867ba7de3873826d43d3d98e169ea76a2bd43b

Update balena-engine to 19.03.5 Change-type: minor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 19 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 61bdb6c8d3f5dc8eb7b5780ec1081be531772139

Bump balena-engine to 19.03.5 Change-type: minor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 19 days

push eventbalena-os/meta-balena

Matthew McGinn

commit sha 13b5397eb127f8626a45041b84be7aed9b149709

Americanize the README.md Change-type: patch Signed-off-by: Matthew McGinn <matthew@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha e543ef6b41d3309325b801df5a20940a244f21cb

Merge pull request #1806 from balena-os/americanization Americanize the README.md

view details

Balena CI

commit sha 6cb5e0b7b12ae2922c85c50652b0a86febf91f54

v2.46.2

view details

Florin Sarbu

commit sha 37b9f59d4c7521805883ef3bf8e0bbc21d26622e

packagegroup-resin-connectivity: Add wifi firmware for wl18xx Since poky thud, the linux-firmware recipe in poky is packaging the wl18xx firmware in its own package rather than add it in the linux-firmware-wl12xx package. Change-type: patch Changelog-entry: Make sure to add in rootfs the wifi firmware for wl18xx Signed-off-by: Florin Sarbu <florin@balena.io>

view details

Florin Sarbu

commit sha 7ec6b796787fc0afb2234e8ddb654f1b4a761708

kernel-resin.bbclass: Add uinput module Add uinput user level driver support directly from meta-balena as this will benefit all our customers. Change-type: patch Changelog-entry: Add uinput kernel module Signed-off-by: Florin Sarbu <florin@balena.io>

view details

Florin Sarbu

commit sha 6e21a37ff7f45b6b577841c2721f31a6444dd892

Merge pull request #1797 from balena-os/make_sure_to_add_wl18xx_fw packagegroup-resin-connectivity: Add wifi firmware for wl18xx

view details

Zubair Lutfullah Kakakhel

commit sha 234f8fe975cb204c156439a342343bf464f402a4

healthdog: Update to v1.0.1 Update healthdog from 0.1.0 to 1.0.1 Fixes #1719 Changelog-entry: Update healthdog to v1.0.1. Allows building with newer rust versions Signed-off-by: Zubair Lutfullah Kakakhel <zubair@balena.io>

view details

Alex Gonzalez

commit sha 20d9e3114dc28683ea2c15cecfcae6ff93d22bec

Enable memory overcommit Move the memory overcommit settings from the Raspberry Pi integration layer to meta-balena so it applies to all device types. Fixes #1791 Change-type: patch Changelog-entry: Enable memory overcommit Signed-off-by: Alex Gonzalez <alexg@balena.io>

view details

Florin Sarbu

commit sha 59d9d0d067219163fdc9d94950c6e857aab2e667

Merge pull request #1802 from balena-os/enable_uinput_kernel_module kernel-resin.bbclass: Add uinput module

view details

Zubair Lutfullah Kakakhel

commit sha 6bbe46404f36ae9b2719750d9bfc9daf5b12c88c

repo.yml: Fix supervisor and add healthdog to changelog Change-type: patch Changelog-entry: Fix supervisor nested changelogs Signed-off-by: Zubair Lutfullah Kakakhel <zubair@balena.io>

view details

Alex Gonzalez

commit sha b4005f8d6f4ca61bac76f565c8eb3a84500399c7

Merge pull request #1798 from balena-os/alexgg/#1791-mem-overcommit Enable memory overcommit

view details

Alex Gonzalez

commit sha b4122eeea971dfc9325885cc7c896c733cf60920

resolv.conf: Increase DNS client's timeout to 15 seconds The DNS clients (applications) resolver libraries use the timeout value in /etc/resolv.conf to set the time between DNS attempts. The default is 5 secs which for slow networks like cellular mean lots of DNS requests on a bandwidth sensitive channel. This change modifies the default to 15 secs. This timeout only applies when DNS servers are unresponsive so it will not affect the normal functionality. Fixes #1800 Change-type: patch Changelog-entry: Increase DNS clients timeout to 15 seconds Signed-off-by: Alex Gonzalez <alexg@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha 0832d1d60d20caed2e45ec68d63779149e88d9a2

Merge pull request #1723 from balena-os/rust-13.7.0 Update healthdog and fix supervisor nested changelog

view details

Gareth Davies

commit sha f294336c3c8d9d8c08075a299b6bb377eb95f922

README.md: Update config.json documentation Changelog-entry: Update config.json documentation Change-type: patch Signed-off-by: Gareth Davies <gareth@balena.io>

view details

Gareth Davies

commit sha 57047830db238a127c09f283870ecf3d0992578b

Addressing review comments Change-type: patch Signed-off-by: Gareth Davies <gareth@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha 0d30115c0fc8482bd17c2931defa62cc211978f5

Merge pull request #1808 from balena-os/alexgg/#1800-dns-timeout resolv.conf: Increase DNS client's timeout to 15 seconds

view details

Alexis Svinartchouk

commit sha 74be7b20bf3a9eb71bf5318a96248e087b7ce441

bluez5: enable sixaxis (playstation 3 controller) support Change-type: patch Changelog-entry: Enable sixaxis support in bluez5 Signed-off-by: Alexis Svinartchouk <alexis@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha b935ccce1afba6d2b9fb5bcc13e74727299f8727

Merge pull request #1804 from balena-os/readme-config-json README.md: Update config.json documentation

view details

Alex Gonzalez

commit sha d53ba3570daf05c8592220b2949a441f6e06e662

Match licenses with license files. Apache 2.0 and MIT, though similar, are not the same license. Change-type: patch Signed-off-by: Alex Gonzalez <alexg@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha 25dd14d6eb6340d0c29bc4171bc28fd2db11e285

Merge pull request #1769 from balena-os/enable-sixaxis-in-bluez Enable sixaxis in bluez

view details

push time in 19 days

push eventbalena-os/meta-balena

Alex Gonzalez

commit sha d4d56b6a6d565e8bed4f8401058819eaac76aa80

periodic-vacuum-logs: Periodic vacuuming of log files Daily vacuuming of log files to avoid the partition filling up if corrupted files appear. Fixes #1792 Change-type: patch Changelog-entry: Add periodic vacuuming of journald log files Signed-off-by: Alex Gonzalez <alexg@balena.io>

view details

Alex Gonzalez

commit sha 841bd6f39cf0b3535550fd93ef71b8c449ec275e

Merge pull request #1819 from balena-os/alexgg/#1792-persintent-logs balena-vacuum-logs: Periodic vacuuming of log files

view details

Robert Günzler

commit sha 8f78b477c6b05a1bad6a06363d3885203d01201a

Bump go to 1.12.12 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.12 to get the following fixes: * fix for CVE-2019-16276: https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8 * fix for CVE-2019-17596: https://github.com/golang/go/commit/2017d88dbc096381d4f348d2fb08bfb3c2b7ed73 * fix for DoS vector: https://github.com/golang/go/commit/f0e940ebc985661f54d31c8d9ba31a553b87041b Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 1ed6d90c50c7789b34d0a813d85a0f76e7806117

meta-balena-common:layer.conf: Set preferred go version to 1.12.12

view details

Robert Günzler

commit sha a04a0615429b5f1db6deb9f8d5d4d5c8f905f717

Bump balena-engine to 19.03.5 Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 19 days

push eventbalena-os/meta-balena

Alex Gonzalez

commit sha d4d56b6a6d565e8bed4f8401058819eaac76aa80

periodic-vacuum-logs: Periodic vacuuming of log files Daily vacuuming of log files to avoid the partition filling up if corrupted files appear. Fixes #1792 Change-type: patch Changelog-entry: Add periodic vacuuming of journald log files Signed-off-by: Alex Gonzalez <alexg@balena.io>

view details

Alex Gonzalez

commit sha 841bd6f39cf0b3535550fd93ef71b8c449ec275e

Merge pull request #1819 from balena-os/alexgg/#1792-persintent-logs balena-vacuum-logs: Periodic vacuuming of log files

view details

Robert Günzler

commit sha 8f78b477c6b05a1bad6a06363d3885203d01201a

Bump go to 1.12.12 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.12 to get the following fixes: * fix for CVE-2019-16276: https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8 * fix for CVE-2019-17596: https://github.com/golang/go/commit/2017d88dbc096381d4f348d2fb08bfb3c2b7ed73 * fix for DoS vector: https://github.com/golang/go/commit/f0e940ebc985661f54d31c8d9ba31a553b87041b Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 1ed6d90c50c7789b34d0a813d85a0f76e7806117

meta-balena-common:layer.conf: Set preferred go version to 1.12.12

view details

push time in 19 days

PR opened balena-os/balena-compulab

Reviewers
Bump poky etc. to warrior

I've done mostly the same changes as https://github.com/balena-os/balena-qemu/pull/132

This is motivated by https://github.com/balena-os/meta-balena/pull/1821 which is failing on ci for the imx8

+4 -4

0 comment

4 changed files

pr created time in 19 days

create barnchbalena-os/balena-compulab

branch : rgz/bump_submodule

created branch time in 19 days

pull request commentbalena-os/balena-qemu

Bump poky to warrior

Looks like meta-openembedded needs a bump to warrior too.. https://github.com/openembedded/meta-openembedded/tree/warrior

ZubairLK

comment created time in 21 days

delete branch balena-os/balena-qemu

delete branch : rgz/meta-balena-common

delete time in 21 days

PR closed balena-os/balena-qemu

Reviewers
Reference meta-balena-common

After changes in meta-balena that update our go version, this confuses the build with references to the old meta-resin-common.

Signed-off-by: Robert Günzler robertg@balena.io

+1 -1

2 comments

1 changed file

robertgzr

pr closed time in 21 days

pull request commentbalena-os/balena-qemu

Reference meta-balena-common

superseded by #132

robertgzr

comment created time in 21 days

PR opened balena-os/balena-qemu

Reviewers
Reference meta-balena-common

After changes in meta-balena that update our go version, this confuses the build with references to the old meta-resin-common.

Signed-off-by: Robert Günzler robertg@balena.io

+1 -1

0 comment

1 changed file

pr created time in 21 days

create barnchbalena-os/balena-qemu

branch : rgz/meta-balena-common

created branch time in 21 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 3cdfadd5ee59c1310320bb3ce9a465d1ffd2ab07

Bump go to 1.12.12 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.12 to get the following fixes: * fix for CVE-2019-16276: https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8 * fix for CVE-2019-17596: https://github.com/golang/go/commit/2017d88dbc096381d4f348d2fb08bfb3c2b7ed73 * fix for DoS vector: https://github.com/golang/go/commit/f0e940ebc985661f54d31c8d9ba31a553b87041b Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha e09270e00d519975b7620161d0171e875f073cc2

Bump balena-engine to 19.03.5

view details

push time in 21 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 3cdfadd5ee59c1310320bb3ce9a465d1ffd2ab07

Bump go to 1.12.12 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.12 to get the following fixes: * fix for CVE-2019-16276: https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8 * fix for CVE-2019-17596: https://github.com/golang/go/commit/2017d88dbc096381d4f348d2fb08bfb3c2b7ed73 * fix for DoS vector: https://github.com/golang/go/commit/f0e940ebc985661f54d31c8d9ba31a553b87041b Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 21 days

push eventbalena-os/balena-engine

Robert Günzler

commit sha 2cf4a6bf917791eefaa1a7fe43372e8501d68ea1

v19.03.5

view details

push time in 21 days

pull request commentbalena-os/meta-balena

Bump go to 1.12.12

@resin-jenkins test this please

robertgzr

comment created time in 21 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha a26807b91cd382bd28cce40f82e7ee23449fcb05

Bump go to 1.12.12 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.12 to get the following fixes: * fix for CVE-2019-16276: https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8 * fix for CVE-2019-17596: https://github.com/golang/go/commit/2017d88dbc096381d4f348d2fb08bfb3c2b7ed73 * fix for DoS vector: https://github.com/golang/go/commit/f0e940ebc985661f54d31c8d9ba31a553b87041b Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 2714df1909bd331f06d26dc776c06b097b8c19b3

Bump balena-engine to 19.03.5

view details

push time in 21 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha a26807b91cd382bd28cce40f82e7ee23449fcb05

Bump go to 1.12.12 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.12 to get the following fixes: * fix for CVE-2019-16276: https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8 * fix for CVE-2019-17596: https://github.com/golang/go/commit/2017d88dbc096381d4f348d2fb08bfb3c2b7ed73 * fix for DoS vector: https://github.com/golang/go/commit/f0e940ebc985661f54d31c8d9ba31a553b87041b Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 21 days

PR opened balena-os/meta-balena

Reviewers
Bump go to 1.12.12

Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.12 to get the following fixes:

  • fix for CVE-2019-16276: https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8
  • fix for CVE-2019-17596: https://github.com/golang/go/commit/2017d88dbc096381d4f348d2fb08bfb3c2b7ed73
  • fix for DoS vector: https://github.com/golang/go/commit/f0e940ebc985661f54d31c8d9ba31a553b87041b

Signed-off-by: Robert Günzler robertg@balena.io


Contributor checklist

<!-- For completed items, change [ ] to [x]. -->

  • [ ] Changes have been tested
  • [ ] Change-type present on at least one commit
  • [ ] Signed-off-by is present
  • [ ] The PR complies with the Open Embedded Commit Patch Message Guidelines <!-- optional: Changelog-entry present on at least one commit if you want to set the changelog entry manually-->

Reviewer Guidelines

  • When submitting a review, please pick:
    • 'Approve' if this change would be acceptable in the codebase (even if there are minor or cosmetic tweaks that could be improved).
    • 'Request Changes' if this change would not be acceptable in our codebase (e.g. bugs, changes that will make development harder in future, security/performance issues, etc).
    • 'Comment' if you don't feel you have enough information to decide either way (e.g. if you have major questions, or you don't understand the context of the change sufficiently to fully review yourself, but want to make a comment)
+710 -533

0 comment

30 changed files

pr created time in 21 days

push eventbalena-os/meta-balena

Zubair Lutfullah Kakakhel

commit sha 33558b6b8455f766a98c5c741bedccbc92b419eb

resin-image-initramfs: Increase max size to 32MB Some devices have special tools in the initramfs that bloat it. e.g. Jetson family have tegra-firmware-xusb etc. IMAGE_ROOTFS_MAXSIZE triggers an error if the rootfs goes beyond this limit. This does not force the rootfs to an empty fixed size. We can comfortably increase the max size to 32MB to reduce unnecessary patches in the device integration layers. We'll still be covered by the full resin-rootA size limit. Fixes #1790 Change-type: patch Changelog-entry: No user impact. Increase limit for maximum initramfs size from 12MB to 32MB. This helps reduce unnecessary overrides in integration layers. Signed-off-by: Zubair Lutfullah Kakakhel <zubair@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha 7e7f0167477ac4a80c256e4c2dd07863c586357b

Merge pull request #1813 from balena-os/zlk/max_initramfs_size Sync resin-image-initramfs size across devices.

view details

Robert Günzler

commit sha 0b287fd182b347fccbb97925af57cf449906c236

Bump go to 1.12.12 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.12 to get the following fixes: * fix for CVE-2019-16276: https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8 * fix for CVE-2019-17596: https://github.com/golang/go/commit/2017d88dbc096381d4f348d2fb08bfb3c2b7ed73 * fix for DoS vector: https://github.com/golang/go/commit/f0e940ebc985661f54d31c8d9ba31a553b87041b Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 21 days

push eventbalena-os/meta-balena

Zubair Lutfullah Kakakhel

commit sha 33558b6b8455f766a98c5c741bedccbc92b419eb

resin-image-initramfs: Increase max size to 32MB Some devices have special tools in the initramfs that bloat it. e.g. Jetson family have tegra-firmware-xusb etc. IMAGE_ROOTFS_MAXSIZE triggers an error if the rootfs goes beyond this limit. This does not force the rootfs to an empty fixed size. We can comfortably increase the max size to 32MB to reduce unnecessary patches in the device integration layers. We'll still be covered by the full resin-rootA size limit. Fixes #1790 Change-type: patch Changelog-entry: No user impact. Increase limit for maximum initramfs size from 12MB to 32MB. This helps reduce unnecessary overrides in integration layers. Signed-off-by: Zubair Lutfullah Kakakhel <zubair@balena.io>

view details

Zubair Lutfullah Kakakhel

commit sha 7e7f0167477ac4a80c256e4c2dd07863c586357b

Merge pull request #1813 from balena-os/zlk/max_initramfs_size Sync resin-image-initramfs size across devices.

view details

Robert Günzler

commit sha 93871c4974499139d7bdd389789f7fbb2f1f383b

Bump go to 1.12.12 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.12 to get the following fixes: * fix for CVE-2019-16276: https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8 * fix for CVE-2019-17596: https://github.com/golang/go/commit/2017d88dbc096381d4f348d2fb08bfb3c2b7ed73 * fix for DoS vector: https://github.com/golang/go/commit/f0e940ebc985661f54d31c8d9ba31a553b87041b Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha e16803d7ff3fc7cdf50174dd84ba14e24ffde5d3

Bump balena-engine to 19.03.5

view details

push time in 21 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 1d95883becb5ce6e6b890457830301459b1b6709

Bump go to 1.12.12 Pulls in the changes from yocto zeus and bumps that from 1.12.9 to 1.12.12 to get the following fixes: * fix for CVE-2019-16276: https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8 * fix for CVE-2019-17596: https://github.com/golang/go/commit/2017d88dbc096381d4f348d2fb08bfb3c2b7ed73 * fix for DoS vector: https://github.com/golang/go/commit/f0e940ebc985661f54d31c8d9ba31a553b87041b Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha dc178cc6c397907e4de2079ab999c77630a508f6

Bump balena-engine to 19.03.5

view details

push time in 21 days

create barnchbalena-os/meta-balena

branch : rgz/go112

created branch time in 21 days

push eventbalena-os/meta-balena

Zubair Lutfullah Kakakhel

commit sha 75950277711379d37ed993b4bd4eed5b108e328f

resin-image-initramfs: Increase max size to 32MB Some devices have special tools in the initramfs that bloat it. e.g. Jetson family have tegra-firmware-xusb etc. IMAGE_ROOTFS_MAXSIZE triggers an error if the rootfs goes beyond this limit. This does not force the rootfs to an empty fixed size. We can comfortably increase the max size to 32MB to reduce unnecessary patches in the device integration layers. We'll still be covered by the full resin-rootA size limit. Fixes #1790 Change-type: patch Changelog-entry: No user impact. Increase limit for maximum initramfs size from 12MB to 32MB. This helps reduce unnecessary overrides in integration layers. Signed-off-by: Zubair Lutfullah Kakakhel <zubair@balena.io>

view details

Robert Günzler

commit sha da3343a81a9ffed185c353fcb4ee83cffd7858dd

Bump balena-engine to 19.03.5

view details

push time in 21 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 76107ada5eab66426de1f8ea8aaf6c40a24c5ab8

Bump balena-engine to 19.03.5

view details

push time in 21 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha dc1b846a8b1f89d6591cf1b2d881a12cc72acddf

Bump balena-engine to 19.03.5

view details

push time in 21 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 296af80fea3a7081cc1b420fe64ebc81b3f5710e

Bump balena-engine to 19.03.5

view details

push time in 21 days

create barnchbalena-os/meta-balena

branch : rgz/balena_engine_19_03

created branch time in 21 days

pull request commentrobertgzr/homebrew-tap

fix minor commandline mistake

It looks like you have font-iosevka available from two separate casks...

I'm not sure what the difference between caskroom/fonts and homebrew/cask-fonts is, but that error would be expected in this case.

Note that the iosevka formula is not a cask, it will build the font from it's source code to allow full customizability. It has to be use like this:

$ brew install iosevka
jeff-hykin

comment created time in 22 days

push eventrobertgzr/porcelain

Robert Günzler

commit sha 28d7a76cd2a00eee59dd6582584822541bf33f7d

Update deps (fatih/color fork)

view details

push time in 22 days

push eventrobertgzr/porcelain

Robert Günzler

commit sha e9a1af7c2612f3d9efd4f0707b5357fec43392a3

Update deps (fatih/color fork)

view details

push time in 22 days

push eventrobertgzr/color

Robert Günzler

commit sha c7dad96835855ccb323277fed7c07ad2e7054d74

Remove deprecation notice and add info about patches

view details

Robert Günzler

commit sha 9c6f987504369c5c1948ada9c85fe4f051b68300

Update module identifier

view details

push time in 22 days

push eventrobertgzr/color

Robert Günzler

commit sha 61693535820f631b5b9d0bc80ce77c3d33906de8

Remove deprecation notice and add info about patches

view details

push time in 22 days

push eventrobertgzr/color

Robert G

commit sha b2dfb02578952e714f505364b7c7701628aafa77

Add option to escape color attributes for ZSH/Bash prompt

view details

Robert Günzler

commit sha 9b76cb03bcb97de35e9054448957f01480fbc61c

Add tmux output option and test frame for it

view details

push time in 22 days

push eventrobertgzr/color

Achilleas Koutsou

commit sha fccafd9e876be44d0d7b380a3b03aeb661c1e231

Expose colorable Stderr to use as writer

view details

Fatih Arslan

commit sha 5b77d2a35fb0ede96d138fc9a99f5c9b6aef11b4

Merge pull request #87 from achilleas-k/expose-colorised-stderr Expose colorable Stderr to use as writer

view details

Fatih Arslan

commit sha cfd0f8b335fc9960c13ac60b6798b272d9b613c7

Update go version in Travis

view details

Fatih Arslan

commit sha 2d684516a8861da43017284349b7e303e809ac21

Merge pull request #97 from fatih/update-travis-version Update go version in Travis

view details

Alexey Palazhchenko

commit sha 9840b472b5768bd642eb5a08ad12abb8e43f8c64

Bump Go versions

view details

Fatih Arslan

commit sha 12882eca89da4c99995f5f76dcb2577085788859

Merge pull request #107 from AlekSi/patch-1 Bump Go versions

view details

Fatih Arslan

commit sha 3f9d52f7176a6927daacff70a3e8d1dc2025c53e

Closing a chapter in my life

view details

Fatih Arslan

commit sha d747421dbb3969c9c5637e486a0eae4ec383d64a

Add Go modules update * Remove Gopkg.toml files * Remove .travis.yml file * Update to Go modules * Update `/vendor` folder * Add GitHub Actions workflow

view details

Fatih Arslan

commit sha 2e5e248695e7e4a0f9ff6d548b83b99199326f49

Merge pull request #108 from fatih/support-modules Add Go modules update

view details

Tal Liron

commit sha 245132ba5ab15fce21a3da5e5619efb97da88cb5

Upgrade dependency versions Specifically important is the upgrade of github.com/mattn/go-isatty, because the older v0.0.3 was broken for WASM compilation

view details

Fatih Arslan

commit sha 9ec1dc613e30ab700907228445c869a621153bd2

Merge pull request #109 from tliron/master Upgrade dependency versions

view details

Fatih Arslan

commit sha daf2830f2741ebb735b21709a520c5f37d642d85

workflows: run GitHub actions on pull requests as well

view details

push time in 22 days

push eventrobertgzr/color

Achilleas Koutsou

commit sha fccafd9e876be44d0d7b380a3b03aeb661c1e231

Expose colorable Stderr to use as writer

view details

Fatih Arslan

commit sha 5b77d2a35fb0ede96d138fc9a99f5c9b6aef11b4

Merge pull request #87 from achilleas-k/expose-colorised-stderr Expose colorable Stderr to use as writer

view details

Fatih Arslan

commit sha cfd0f8b335fc9960c13ac60b6798b272d9b613c7

Update go version in Travis

view details

Fatih Arslan

commit sha 2d684516a8861da43017284349b7e303e809ac21

Merge pull request #97 from fatih/update-travis-version Update go version in Travis

view details

Alexey Palazhchenko

commit sha 9840b472b5768bd642eb5a08ad12abb8e43f8c64

Bump Go versions

view details

Fatih Arslan

commit sha 12882eca89da4c99995f5f76dcb2577085788859

Merge pull request #107 from AlekSi/patch-1 Bump Go versions

view details

Fatih Arslan

commit sha 3f9d52f7176a6927daacff70a3e8d1dc2025c53e

Closing a chapter in my life

view details

Fatih Arslan

commit sha d747421dbb3969c9c5637e486a0eae4ec383d64a

Add Go modules update * Remove Gopkg.toml files * Remove .travis.yml file * Update to Go modules * Update `/vendor` folder * Add GitHub Actions workflow

view details

Fatih Arslan

commit sha 2e5e248695e7e4a0f9ff6d548b83b99199326f49

Merge pull request #108 from fatih/support-modules Add Go modules update

view details

Tal Liron

commit sha 245132ba5ab15fce21a3da5e5619efb97da88cb5

Upgrade dependency versions Specifically important is the upgrade of github.com/mattn/go-isatty, because the older v0.0.3 was broken for WASM compilation

view details

Fatih Arslan

commit sha 9ec1dc613e30ab700907228445c869a621153bd2

Merge pull request #109 from tliron/master Upgrade dependency versions

view details

Fatih Arslan

commit sha daf2830f2741ebb735b21709a520c5f37d642d85

workflows: run GitHub actions on pull requests as well

view details

Robert G

commit sha b2dfb02578952e714f505364b7c7701628aafa77

Add option to escape color attributes for ZSH/Bash prompt

view details

Robert Günzler

commit sha 9b76cb03bcb97de35e9054448957f01480fbc61c

Add tmux output option and test frame for it

view details

push time in 22 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha f6aee332f5fb77b54575936b186d5dfb3850cdc4

recipe-containers: Add crun For testing on low-performance devices. Based on https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/tree/recipes-containers/crun with some modifications to allow dropping the libseccomp dependency and bumping to v0.11

view details

push time in 24 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 47d180d4ab4672267f9b61119237aa78bec3d54a

recipe-containers: Add crun For testing on low-performance devices. Based on https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/tree/recipes-containers/crun with some modifications to allow dropping the libseccomp dependency and bumping to v0.11

view details

push time in 24 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha cf77d5c4351ba7c4d6b3c0be79bebab5ff1f8c66

recipe-containers: Add crun For testing on low-performance devices. Based on https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/tree/recipes-containers/crun with some modifications to allow dropping the libseccomp dependency and bumping to v0.11

view details

push time in 24 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 3951a32c92ee23d8f9af65e3c433999e3d701fa8

recipe-containers: Add crun For testing on low-performance devices. Based on https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/tree/recipes-containers/crun with some modifications to allow dropping the libseccomp dependency and bumping to v0.11

view details

push time in 24 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 64ccf4c3dda4ab2cffeab0098629b197ad3049a4

recipe-containers: Add crun For testing on low-performance devices. Based on https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/tree/recipes-containers/crun with some modifications to allow dropping the libseccomp dependency and bumping to v0.11

view details

push time in 24 days

push eventbalena-os/balena-engine

Robert Günzler

commit sha 3f9ebb481e4c38650a9fafec0a482b17357d5690

integration-tests: Don't fail TestImagePullComparePullDuration The previous implemenation lead to failing test where sometimes the recorded times would indicate that `sync_diffs=false` was slower, most likely due to load on the CI environment. This drops taking times and simply tests that the pull works with and without the storage driver option applied. Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha f28db59eda1c2063b77ff0a3a42e989a05524ec7

integration-tests: Don't fail TestImagePullComparePullDuration (#162) integration-tests: Don't fail TestImagePullComparePullDuration

view details

Balena CI

commit sha e69066e8ff8be0c41c2cb050998ccb452aaa1a56

v18.9.11

view details

Robert Günzler

commit sha d16ac4449a61ac45f35923c85ac1014a94303d01

build.sh: Disable btrfs,zfs,devicemapper graphdrivers We don't support these on balenaOS anyway and we are planning to drop support for them once we move to the new balenaCI-based pipeline. Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 739a30a836f4cc8c1cb03852870a0a8235647476

build.sh: Disable btrfs,zfs,devicemapper graphdrivers (#189) build.sh: Disable btrfs,zfs,devicemapper graphdrivers

view details

Balena CI

commit sha edfdcc00a796ff2bb8ac491e17740b488f25051f

v18.9.12

view details

Robert Günzler

commit sha 405be427f85d9361275e77eb1c13262413ca785a

contrib: Add balena-engine version of dind container This modifies https://github.com/docker-library/docker for balena-engine Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 22ebbd426015ea533c2b7f785f62a4a4ee4771e2

Merge pull request #187 from balena-os/beind contrib: Add balena-engine version of dind container

view details

Balena CI

commit sha 5ece181adc4545f414ad485e0e8ff1b73db0779d

v18.9.13

view details

Robert Günzler

commit sha e671e7bb94214722d4d140c1a8e6dd3b5b4337e3

Add migration-tool for aufs to overlay2 Implements storage-driver migration without the need to pull layer data again. To achieve this we translate the on-disk AUFS file tree to the format used by overlayFS. This includes containers that exist at the time of the migration. The major difference between the two implementations of stacking FS is that AUFS makes use of "marker files" to track deleted files in the upper layer, while overlay employs file attributes and character files. The other part of the work is reorganizing the data on disk to adhere to the structure the overlay2 driver expects. To make these changes effective after running a migration the engine has to be reconfigured to use the overlay2 storage-driver and containers have to be restarted. The code in cmd/a2o-migrate can be used stand-alone. For that see the makefile "a2o-migrate" target. Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha e873fcaa7f6c018c9c3ea0a150b0ae7fcf03cb80

a2o-migrate: Vendor code from daemon/graphdriver/overlay2 This keeps our build much simpler than having to deal with all the stuff that the overlay2 pkg imports when all we need is the simple ID generator Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 2b4a2ca1a3d6af270a2f4701f704896dfb9ce682

a2o-migrate: Vendor pkg/archive consts Used instead of keeping our duplicates in the a2o-migrate tree. Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 153b0308f91886e79c102ab7bf89bde1c884c6ed

build.sh: Add link to a2o-migrate Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha c94a921f4283312dd271dbe968bf294a97e39f94

Export GenerateID and IDLength from overlay2 graphdriver We use this from a2o-migrate to get valid layer IDs Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 1edac09ef9a3a6142537aa41503e9e146f550d4e

Update containerd to 868434d9200ce1f89266d486808c4445b2832d74 Connects-to: https://github.com/balena-os/balena-containerd/pull/5 Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha f1f89b35eb4fb4684227c030da855d9c1c81fe3b

a2o-migrate: Add Vagrantfile for integration test This uses my work on balenaos + vagrant [1] to create an easily reproduceable integration test. We need a kernel that supports aufs and overlayfs as storage drivers. A balenaOS image generated with this [2] commit works fine. [1]: https://github.com/balena-io-playground/balenaos-vagrant [2]: https://github.com/balena-os/meta-balena/commit/528494d4f77f4a0b601146d2667a117a55c0c725 Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 2553d74a4419891d34bcfcf91eaa4230ab903de8

wip: shellcheck fixes

view details

Robert Günzler

commit sha 2e4c142c520b661be406c622f502609250534b7e

wip: Add integration tests for rollback

view details

push time in 24 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha bce2696cb7e389d74456091edd34081a3d5b3e71

recipe-containers: Add crun For testing on low-performance devices. Based on https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/tree/recipes-containers/crun with some modifications to allow dropping the libseccomp dependency and bumping to v0.11

view details

push time in 24 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 6cc5f552ab917f72423b946e80db614eecd3d61c

recipe-containers: Add crun For testing on low-performance devices. Based on https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/tree/recipes-containers/crun with some modifications to allow dropping the libseccomp dependency and bumping to v0.11

view details

push time in 24 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 04e257eea9df40d0aabe105a90952a8b57faf35e

recipe-containers: Add crun For testing on low-performance devices. Based on https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/tree/recipes-containers/crun with some modifications to allow dropping the libseccomp dependency and bumping to v0.11

view details

push time in 24 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 1539a050fa8d8642295b438d5402d3b50a312440

recipe-containers: Add crun For testing on low-performance devices. Based on https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/tree/recipes-containers/crun with some modifications to allow dropping the libseccomp dependency and bumping to v0.11

view details

push time in 24 days

push eventbalena-os/meta-balena

Robert Günzler

commit sha 8c7cdab54e61b824af688ac68a114c03f16228a4

recipe-containers: Add crun For testing on low-performance devices. Based on https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/tree/recipes-containers/crun with some modifications to allow dropping the libseccomp dependency and bumping to v0.11

view details

push time in 24 days

create barnchbalena-os/meta-balena

branch : rgz/crun

created branch time in 24 days

issue commentliuchengxu/vista.vim

E716 and E116 on exiting in neovim

Removing the autocmd autocmd VimEnter * call vista#RunForNearestMethodOrFunction() from my config helped

hupfdule

comment created time in 25 days

push eventbalena-os/balena-engine

Robert Günzler

commit sha 7f569a1e2407800e1c5f5d94f715c4313c5c4300

Allow tagging of image deltas on creation Similar to how the build command allows tagging of images this allows specifying a repo:tag indentifier to tag the delta with Requires: https://github.com/balena-os/balena-engine-cli/pull/7 Change-type: minor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 7a9fe94d0726d4ff4838286076bda65a354ec82f

Add delta integration test Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 547a76a4924cf02e104fb31301f548a11c7bc4bb

Add cli for tagging delta images Update vendor.conf and vendor/ to include https://github.com/balena-os/balena-engine-cli/pull/7 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 1f6ab50f0cc20d21a5719e4a00f5407f231ed6f2

travis: Use the minimal machine Since we build in docker anyway we can save the time it usually takes to set up the Go environment. See https://docs.travis-ci.com/user/languages/minimal-and-generic/ Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 7fb5622633ce977cb0db51a188f492b0654a116e

travis: Build for armv7 and aarch64 as well Makes use of build stages to parallelize jobs. The `travis_wait` command is used to prevent timeouts of emulated builds See https://docs.travis-ci.com/user/common-build-problems/#build-times-out-because-no-output-was-received Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha d98a168f3fab5de673b7832adccbcf574abf0bf7

travis: Only run builds for PRs and master/version branches Previously we only filtered out gh-pages and versionist branches. Travis was building PRs from this repo twice since they always create a branch as well. This replaces the branch rule with one that allows builds for anything that is not a push (like PRs), the master branch and branches that fit the naming scheme: 18.09-balena Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha c71ee87f46581eebcd9e4a7e960767e0916dc607

Fixes after update to 18.09 Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha dbeb3fc98a775ced3460995007010e4f305c727a

builder-next: Implement xfer.DownloadDescriptor for layerDescriptor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha ff6fc2c47328018173e2cdd732cdd253ceb7ccc0

delta: Move implementation under ImageService Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha fa51b5b458889c413f2ab82171e0f5fe3b3def5e

Update Dockerfiles used for build to Go 1.10.8 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha ff2ac4d6823dfc30c115499a5d6f908752ea9223

integration-tests: Add test for containers with memory,cpu constraints The only test from integration/ that covers any resource constrained container scenarios is the OomKilled check in integration/container/kill_test.go This adds two addional checks that try to create, startk, stop and inspect a busybox container with: a) a memory constraint like: balena-engine run -m 32m .. b) a memory constraint like: balena-engine run -cpus ".5" .. Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha d0bc0e5326438656f7d41a1f25ae621693777c2f

Fix double locking in the event handling code of OOM events Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 088d3ee4602f0152ac552e13fddc1ca5e39707d5

integration-tests: Skip tests relying on swarm,plugin support 18.09 moved many tests that were previously part of the legacy test suite under the new integration tests. Because of that the filtering that was done at one point in the past did not catch tests that make use of features no supported by balenaEngine. Some previously skipped tests that now get run by default require further investigation, those are marked with "TODO" Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 7f94cbf50e57ae90aa63fc8212689788eaeda79b

dockerfile: Rename docker-init to balena-engine-init Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 4fed10dd3a66e37f0f128b2f9fa227a9a6800da2

aufs,overlay2: Add driver opts for disk sync This patch adds a driver option to enalble/disable the to disk syncing introduced in 684d8ba6109c853b355bf11ca3733c4099f14b92. The default is still to sync all currently mounted filesystems before reporting an ApplyDiff as successful. Connects-to: https://github.com/balena-os/balena-engine/issues/133 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 21dadcb3d8a9a1ac67de78a29ffb254236c14bef

integration-tests: Add image pull tests Download an image on aufs/overlay2 once with syncDiffs enabled and disabled, comparing the speeds and checking that without syncing is faster. Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha feaeb5dd826eeb0a95908dfd91704238a59e8257

Add daemon flags to configure max download/upload attempts during pull/push The defaults remain the same (dl=5, ul=5), but are moved from distribution/xfer to daemon/config. Connects-to: https://github.com/balena-os/balena-engine/issues/160 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha f93ce1f5226a882b0115cf321fc40e7d55f0e583

contrib/install.sh: Fail on error The install script should not print the success message if it didn't actually succeed to install anything Connects-to: #54 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 4d922b5df74978275dab83e7564359c0dfe99797

contrib/install.sh: Rename balena to balenaEngine in ASCII art output Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 876ea49bb8e948c97cd959fcb7413e84e33f7006

contrib/install.sh: Add details to the success message First warn the user that balena-engine-daemon needs to be started. Including instructions on how to make the system ready for that: - service files - balena-engine group - how to allow non-root users to run containers Connects-to: #55 Connects-to: #51 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 25 days

push eventbalena-os/balena-engine

Robert Günzler

commit sha 7f569a1e2407800e1c5f5d94f715c4313c5c4300

Allow tagging of image deltas on creation Similar to how the build command allows tagging of images this allows specifying a repo:tag indentifier to tag the delta with Requires: https://github.com/balena-os/balena-engine-cli/pull/7 Change-type: minor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 7a9fe94d0726d4ff4838286076bda65a354ec82f

Add delta integration test Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 547a76a4924cf02e104fb31301f548a11c7bc4bb

Add cli for tagging delta images Update vendor.conf and vendor/ to include https://github.com/balena-os/balena-engine-cli/pull/7 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 1f6ab50f0cc20d21a5719e4a00f5407f231ed6f2

travis: Use the minimal machine Since we build in docker anyway we can save the time it usually takes to set up the Go environment. See https://docs.travis-ci.com/user/languages/minimal-and-generic/ Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 7fb5622633ce977cb0db51a188f492b0654a116e

travis: Build for armv7 and aarch64 as well Makes use of build stages to parallelize jobs. The `travis_wait` command is used to prevent timeouts of emulated builds See https://docs.travis-ci.com/user/common-build-problems/#build-times-out-because-no-output-was-received Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha d98a168f3fab5de673b7832adccbcf574abf0bf7

travis: Only run builds for PRs and master/version branches Previously we only filtered out gh-pages and versionist branches. Travis was building PRs from this repo twice since they always create a branch as well. This replaces the branch rule with one that allows builds for anything that is not a push (like PRs), the master branch and branches that fit the naming scheme: 18.09-balena Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha c71ee87f46581eebcd9e4a7e960767e0916dc607

Fixes after update to 18.09 Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha dbeb3fc98a775ced3460995007010e4f305c727a

builder-next: Implement xfer.DownloadDescriptor for layerDescriptor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha ff6fc2c47328018173e2cdd732cdd253ceb7ccc0

delta: Move implementation under ImageService Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha fa51b5b458889c413f2ab82171e0f5fe3b3def5e

Update Dockerfiles used for build to Go 1.10.8 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha ff2ac4d6823dfc30c115499a5d6f908752ea9223

integration-tests: Add test for containers with memory,cpu constraints The only test from integration/ that covers any resource constrained container scenarios is the OomKilled check in integration/container/kill_test.go This adds two addional checks that try to create, startk, stop and inspect a busybox container with: a) a memory constraint like: balena-engine run -m 32m .. b) a memory constraint like: balena-engine run -cpus ".5" .. Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha d0bc0e5326438656f7d41a1f25ae621693777c2f

Fix double locking in the event handling code of OOM events Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 088d3ee4602f0152ac552e13fddc1ca5e39707d5

integration-tests: Skip tests relying on swarm,plugin support 18.09 moved many tests that were previously part of the legacy test suite under the new integration tests. Because of that the filtering that was done at one point in the past did not catch tests that make use of features no supported by balenaEngine. Some previously skipped tests that now get run by default require further investigation, those are marked with "TODO" Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 7f94cbf50e57ae90aa63fc8212689788eaeda79b

dockerfile: Rename docker-init to balena-engine-init Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 4fed10dd3a66e37f0f128b2f9fa227a9a6800da2

aufs,overlay2: Add driver opts for disk sync This patch adds a driver option to enalble/disable the to disk syncing introduced in 684d8ba6109c853b355bf11ca3733c4099f14b92. The default is still to sync all currently mounted filesystems before reporting an ApplyDiff as successful. Connects-to: https://github.com/balena-os/balena-engine/issues/133 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 21dadcb3d8a9a1ac67de78a29ffb254236c14bef

integration-tests: Add image pull tests Download an image on aufs/overlay2 once with syncDiffs enabled and disabled, comparing the speeds and checking that without syncing is faster. Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha feaeb5dd826eeb0a95908dfd91704238a59e8257

Add daemon flags to configure max download/upload attempts during pull/push The defaults remain the same (dl=5, ul=5), but are moved from distribution/xfer to daemon/config. Connects-to: https://github.com/balena-os/balena-engine/issues/160 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha f93ce1f5226a882b0115cf321fc40e7d55f0e583

contrib/install.sh: Fail on error The install script should not print the success message if it didn't actually succeed to install anything Connects-to: #54 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 4d922b5df74978275dab83e7564359c0dfe99797

contrib/install.sh: Rename balena to balenaEngine in ASCII art output Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 876ea49bb8e948c97cd959fcb7413e84e33f7006

contrib/install.sh: Add details to the success message First warn the user that balena-engine-daemon needs to be started. Including instructions on how to make the system ready for that: - service files - balena-engine group - how to allow non-root users to run containers Connects-to: #55 Connects-to: #51 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 25 days

push eventbalena-os/balena-engine

Robert Günzler

commit sha 7f569a1e2407800e1c5f5d94f715c4313c5c4300

Allow tagging of image deltas on creation Similar to how the build command allows tagging of images this allows specifying a repo:tag indentifier to tag the delta with Requires: https://github.com/balena-os/balena-engine-cli/pull/7 Change-type: minor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 7a9fe94d0726d4ff4838286076bda65a354ec82f

Add delta integration test Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 547a76a4924cf02e104fb31301f548a11c7bc4bb

Add cli for tagging delta images Update vendor.conf and vendor/ to include https://github.com/balena-os/balena-engine-cli/pull/7 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 1f6ab50f0cc20d21a5719e4a00f5407f231ed6f2

travis: Use the minimal machine Since we build in docker anyway we can save the time it usually takes to set up the Go environment. See https://docs.travis-ci.com/user/languages/minimal-and-generic/ Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 7fb5622633ce977cb0db51a188f492b0654a116e

travis: Build for armv7 and aarch64 as well Makes use of build stages to parallelize jobs. The `travis_wait` command is used to prevent timeouts of emulated builds See https://docs.travis-ci.com/user/common-build-problems/#build-times-out-because-no-output-was-received Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha d98a168f3fab5de673b7832adccbcf574abf0bf7

travis: Only run builds for PRs and master/version branches Previously we only filtered out gh-pages and versionist branches. Travis was building PRs from this repo twice since they always create a branch as well. This replaces the branch rule with one that allows builds for anything that is not a push (like PRs), the master branch and branches that fit the naming scheme: 18.09-balena Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha c71ee87f46581eebcd9e4a7e960767e0916dc607

Fixes after update to 18.09 Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha dbeb3fc98a775ced3460995007010e4f305c727a

builder-next: Implement xfer.DownloadDescriptor for layerDescriptor Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha ff6fc2c47328018173e2cdd732cdd253ceb7ccc0

delta: Move implementation under ImageService Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha fa51b5b458889c413f2ab82171e0f5fe3b3def5e

Update Dockerfiles used for build to Go 1.10.8 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha ff2ac4d6823dfc30c115499a5d6f908752ea9223

integration-tests: Add test for containers with memory,cpu constraints The only test from integration/ that covers any resource constrained container scenarios is the OomKilled check in integration/container/kill_test.go This adds two addional checks that try to create, startk, stop and inspect a busybox container with: a) a memory constraint like: balena-engine run -m 32m .. b) a memory constraint like: balena-engine run -cpus ".5" .. Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha d0bc0e5326438656f7d41a1f25ae621693777c2f

Fix double locking in the event handling code of OOM events Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 088d3ee4602f0152ac552e13fddc1ca5e39707d5

integration-tests: Skip tests relying on swarm,plugin support 18.09 moved many tests that were previously part of the legacy test suite under the new integration tests. Because of that the filtering that was done at one point in the past did not catch tests that make use of features no supported by balenaEngine. Some previously skipped tests that now get run by default require further investigation, those are marked with "TODO" Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 7f94cbf50e57ae90aa63fc8212689788eaeda79b

dockerfile: Rename docker-init to balena-engine-init Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 4fed10dd3a66e37f0f128b2f9fa227a9a6800da2

aufs,overlay2: Add driver opts for disk sync This patch adds a driver option to enalble/disable the to disk syncing introduced in 684d8ba6109c853b355bf11ca3733c4099f14b92. The default is still to sync all currently mounted filesystems before reporting an ApplyDiff as successful. Connects-to: https://github.com/balena-os/balena-engine/issues/133 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 21dadcb3d8a9a1ac67de78a29ffb254236c14bef

integration-tests: Add image pull tests Download an image on aufs/overlay2 once with syncDiffs enabled and disabled, comparing the speeds and checking that without syncing is faster. Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha feaeb5dd826eeb0a95908dfd91704238a59e8257

Add daemon flags to configure max download/upload attempts during pull/push The defaults remain the same (dl=5, ul=5), but are moved from distribution/xfer to daemon/config. Connects-to: https://github.com/balena-os/balena-engine/issues/160 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha f93ce1f5226a882b0115cf321fc40e7d55f0e583

contrib/install.sh: Fail on error The install script should not print the success message if it didn't actually succeed to install anything Connects-to: #54 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 4d922b5df74978275dab83e7564359c0dfe99797

contrib/install.sh: Rename balena to balenaEngine in ASCII art output Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 876ea49bb8e948c97cd959fcb7413e84e33f7006

contrib/install.sh: Add details to the success message First warn the user that balena-engine-daemon needs to be started. Including instructions on how to make the system ready for that: - service files - balena-engine group - how to allow non-root users to run containers Connects-to: #55 Connects-to: #51 Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in 25 days

push eventbalena-os/balena-engine

Robert Günzler

commit sha 30262a6386bb6799695af7d72cd2ea622f626b99

Remove previously used build dockerfiles and scripts Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Giovanni Garufi

commit sha a961af5609e13629a1f1e8581154396377cfd888

Set type in repo.yml Change-type: patch Signed-off-by: Giovanni Garufi <giovanni@balena.io>

view details

Robert Günzler

commit sha 51164c5fc6b419f7f41e53f386f0c2d39b15a0be

Allow dropping all devicemapper support via buildtag We reuse the tag used by containerd to disable dm support Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 88c1de32778de30f5f81a6bcc72e9afdb06e5db5

Create new entries in hack/make/ for our build and tests Change-type: patch Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha c8d58f7d26d70ee525a29dab4c727d7f10a31ce7

wip: fix e2e Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha bf495b40c337ebe969d405d032fa00a06b648cea

graphdriver/quota: Exclude tests as well if the build tag is set Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha 2c20f0030dffe18b3e855d91ad69f4ff43e951dc

Skip daemonRootPropagation check (failing on CI) Signed-off-by: Robert Günzler <robertg@balena.io>

view details

Robert Günzler

commit sha b5de2a15f776520e8db95b1ca671fcb635f4dbb3

Support cross compiling as well Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in a month

push eventbalena-os/balena-engine

Petros Angelatos

commit sha 06e2c1d3b63091c839b9e29b96c7af964d2b82a1

cmd: add mobynit for host app booting Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 2bade2ad518bb746a03ecb3a9d70cef30c219318

daemon: skip initLayer for bare runtime containers Containers that are meant to be booted from do not need the initLayer. The default init layer shadows /etc/resolv.conf and other files from the filesystem but this can cause problems if we're bootstrapping the system. Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 161e2de768fa8d95836473f4decb478f68b6173d

cmd/mobynit: accept a flag for the graph driver Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 3364c5d0732af63b216cb3683f2b9bbc6db6b5bf

aufs,overlay: durably write layer on disk before returning This patch makes sure the layer contents are synced to disk before reporting the ApplyDiff operation as successful. This prevents /var/lib/docker corruption but the method used here is not the most efficient since it will sync all the currently mounted filesystems. Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha f34d992e266b0dfcb02724cef7d6da66c0d5a276

pkg/ioutils: sync parent directory too After renaming the file to the target path the parent directory needs to be synced to make sure the rename hits the disk. Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 3b7572b7a99886c21dc3b1266d39347ed65f7c31

container: make sure config on disk has a valid Config We've seen cases where container config on disk is a valid JSON but misses the Config object. Due to the way docker loads it in memory, it can cause a nul pointer exception. This patch checks for that and doesn't load the container in this case Upstream-Status: Investigating https://github.com/moby/moby/issues/33018 Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 3d2b03484580ae67754055500d1a389978eee4f8

pkg/archive: use fadvise to prevent pagecache thrashing During a docker pull a very large amount of files are touched during unpacking. This causes linux to fill up the page cache with entries that most probably won't be used. There are two issues with this. The first one is that by putting a lot of pressure on the page cache memory fragmentation occurs. This can cause filesystem corruption on some platforms that can't handle memory allocation failures correctly. The second issue is that by not hinting our intentions to the kernel, we might evict useful pages from the cache that could be in use by some running container, and therefore affecting the performance of the application. Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 080e848fd7c04837acec245e7eac3c94f18d6dde

daemon: revert short circuit of volume setup for bare containers Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha ea1e17cad3df2a70494e94a6d0bcbe5d38cfd672

mobynit: read the containerID from /current symlink Make /current be a symlink so that it can be atomically switched from one host app to another. Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha ecec54ef043b1e8e57ffdeaafb221b6de1b4f2f6

cmd/mobynit: propagate initrd mounts to chroot If there was an initrd before mobynit that initialised the filesystem transfer those mounts to the new root. Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha b02edc499ec9ad187decb2bef0c37c8e3e2031c8

router/network: remove swarm dependency Network commands are built to query both the active cluster (if any) and the daemon. This commits makes them only deal with local networks. Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 8fe4f003d6f3f10123831aa1c1bec3ddc361e1d5

router/system: remove swarm dependency Makes the system commands only deal with the local daemon, ignoring swarm clusters. Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 544facb28242c679bf1fe1176e43a142ddf7ec5a

cmd/dockerd: drop support for swarm and checkpoint commands Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 3d4ed8238449cae012342c317285c1a543899226

container_operations: remove swarm functionalities Removes support for docker Secrets, and docker Configs which are only usable within swarm mode Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 17eacc69755bd2e8df033a0363034d7ead1cb71f

daemon/events: remove swarm related events Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha abfd08fa6121666f54444875e8f87aa44e012a06

cmd/dockerd: remove support for docker plugins Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 3303ad562ee4338b7a615437b47ab7c79c77c71a

distribution: check for nil before closing the download

view details

Petros Angelatos

commit sha 7b1ef7ec35c4b31c371347eb4597bddd1f102452

hack: create both dynamic and static flavours of rce Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 9acdb9adf73b6b75013aca34624055902068847e

hack: revert binary stripping by default Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

Petros Angelatos

commit sha 2a2a6ad18b6588b00cf42f9eedb3570c4772302e

ioutils: implement ReadSeekCloser interface and wrapper This is a useful abstraction that exists in a few places in docker's codebase Signed-off-by: Petros Angelatos <petrosagg@gmail.com>

view details

push time in a month

Pull request review commentbalena-io/debugging-masterclass

masterclass: Initial PR for debugging masterclass

-<Name of Topic> Masterclass-===========================+Balena Device Debugging Masterclass+=================================== +**Masterclass Type:** Core+**Maximum Expected Time To Complete: 3 hours** -[Start: Optional Depending on Prerequisites] # Prerequisite Classes  This masterclass builds upon knowledge that has been taught in previous classes.-To gain the most from this masterclass, we reommend that you first undertake+To gain the most from this masterclass, we recommend that you first undertake the following masterclasses: -* [List of hyperlinked masterclasses](https://hyperlinkedmasterclasses)-[End: Optional Depending on Prequisites]--**Masterclass Type:** <Core/Deepdive>-**Maximum Expected Time To Complete:** <Time in minutes>+* [balena CLI Masterclass](https://github.com/balena-io-projects/balena-cli-masterclass)+* [balenaOS Masterclass](https://github.com/balena-io-projects/balenaos-masterclass/)+* [balena Networking Masterclass]() *NOT YET AVAILABLE*  # Introduction -A description of the topics covered in the masterclass and what the reader-will be able to achieve once they have completed it.+At balena, we believe the best way to support a customer is via the engineers+who build the product. They have the depth and breadth of knowledge that can+quickly identify and track down issues that traditional support agents usually+do not. Not only does this help a customer quickly and efficiently solve most+issues, but it also immerses balena engineers in sections of the product they+might not otherwise encounter in their usual working life, which further+improves the support each engineer can offer. This masterclass has been written+as an initial guide for new engineers about to start support duties.++Whilst the majority of devices never see an issue, occasionally a customer will+contact balena support with a query where one of their devices is exhibiting+anomalous behaviour.++Obviously, no guide can cover the range of queries that may occur, but it can+give an insight into how to tackle problems and the most common problems that+a balena support agent sees, as well as some potential solutions to these+problems. In compiling this document, a group of highly seasoned balena+engineers discussed their techniques for discovering and resolving on-device+issues, as well as techniques for determining how best to mitigate an issue+being exhibited.++In this masterclass, you will learn how to:++* Gain access to a customer device, when permission has been granted+* Retrieve initial diagnostics for the device+* Identify and solve common networking problems+* Work with the Supervisor+* Work with balenaEngine+* Examine the Kernel logs+* Understand media-based issues (such as SD card corruption)++**Note:** Whilst this masterclass is intended for new engineers about to start+    support duties at balena, it is also intended to act as an item of interest+    to customers who wish to know more about how we initially go about debugging+    a device (and includes information that customers themselves could use+    to give a support agent more information). We recommend, however, ensuring+    balena support is *always* contacted should you have an issue with a device+    that is not working correctly.  # Hardware and Software Requirements -The hardware and software requirements for the masterclass. This should be a-list of these items, along with hyperlinks to relevant product pages or-installation guides.+It is assumed that the reader has access to the following: -* [Some hardware](https://somehardware)-* [Some software](https://somesoftware)+* A locally cloned copy of this repository+        [Balena Device Debugging Masterclass](https://github.com/balena-io-projects/debugging-masterclass).+        Either:+        * `git clone https://github.com/balena-io-projects/debugging-masterclass.git`+        * Download ZIP file (from 'Clone or download'->'Download ZIP') and then+                unzip it to a suitable directory+* A balena supported device, such as a [balenaFin 1.1](https://store.balena.io/collections/developer-kit/products/balenafin-v1-1-0-developer-kit),+        [Raspberry Pi 3](https://www.raspberrypi.org/products/raspberry-pi-3-model-b/)+        or [Intel NUC](https://www.intel.co.uk/content/www/uk/en/products/boards-kits/nuc.html). If you don't have a device, you can emulate an Intel NUC by+        installing VirtualBox and following [this guide](https://www.balena.io/blog/no-hardware-use-virtualbox/)+* A suitable shell environment for command execution (such as `bash`)+* A [balenaCloud](https://www.balena.io/) account+* A familiarity with [Dockerfiles](https://docs.docker.com/engine/reference/builder/)+* An installed instance of the [balena CLI](https://github.com/balena-io/balena-cli/)  # Exercises -A set of numbered exercises to undertake to lead the reader through the topics-of the masterclass, which lead to a logical conclusion.+The following exercises assume access to a device that has been provisioned.+As per the other masterclasses in this series we're going to assume that's a+balenaFin, however you can simply alter the device type as appropriate in the+following instructions. The balena CLI is going to be used over the WebTerminal+in the balenaCloud Dashboard for accessing the device, but all of the exercises+could be completed via this. -# 1. Topic 1 Heading+First login to your balena account via `balena login`, and then create a new+application:+```+$ balena app create --type fincm3 DebugApp+Application created: DebugApp (fincm3, id 1544229)+``` -This is the main exercise section for a topic.+Now provision a device, either by downloading a *debug* image from the Dashboard,+or by flashing via the command line (note that currently, balenaEtcher must+be running to enable discovery of the balenaFin from balena CLI):+```+$ balena os download fincm3 --version 2.44.0+rev1.dev --output balena-debug.img+Getting device operating system for fincm3+The image was downloaded successfully+```+Carry out any configuration generation required, should you be using a Wifi+AP and inject the configuration into the image (see+[balena CLI Advanced Masterclass](https://github.com/balena-io-projects/balena-cli-advanced-masterclass#32-configuring-a-provisioning-image)+for more details), or quickly use an ethernet configuration:+```+$ balena os configure balena-debug.img --app DebugApp --config-network=ethernet+Configuring operating system image+$ balena util available-drives+DEVICE     SIZE      DESCRIPTION+/dev/disk4 63.6 GB   Compute Module+$ balena os initialize balena-debug.img --type fincm3 --drive /dev/disk4 --yes+Initializing device -## 1.1 Subtopic 1.1 Heading+Note: Initializing the device may ask for administrative permissions+because we need to access the raw devices directly.+Going to erase /dev/disk4.+Admin privileges required: you may be asked for your computer password to continue.+Writing Device OS [========================] 100% eta 0s+Validating Device OS [========================] 100% eta 0s+You can safely remove /dev/disk4 now+```+You should now have a device that will appear as part of the DebugApp fleet:+```+$ balena devices | grep DebugApp+1744728 7db55ce black-mountain    fincm3       DebugApp         Idle   true      10.3.7             balenaOS 2.44.0+rev1 https://dashboard.balena-cloud.com/devices/7db55ce99e9c135dbc69974a7abbe511/summary+```+For convenience, export a variable to point to the root of this masterclass+repository, as we'll use this for the rest of the exercises, eg:+```+$ export BALENA_DEBUGGING_MASTERCLASS=~/debugging-masterclass+```+Finally, push the code in the `multicontainer-app` directory to the application:+```+$ cd $BALENA_DEBUGGING_MASTERCLASS/multicontainer-app+$ balena push DebugApp+``` -This is a subtopic exercise section for a topic.+## 1. Accessing a User Device -## 1.2 Subtopic 1.2 Heading+Any device owned by a customer automatically allows access by that user via+either the WebTerminal (in the device's Dashboard page), or via the balena CLI+via `balena ssh <uuid>`. However, for a support agent to gain access to a device+that isn't owned by them, a user or collaborator that does have access must+grant it explicitly. -This is another subtopic exercise section for a topic.+### 1.1 Granting Support Access to a Support Agent -# 2. Topic 2 Heading+A user can grant access for a device to a support agent by selecting the device+they wish to grant access to from the Dashboard, and then selecting the+'Actions' tab in the left-hand sidepanel. Scrolling down the Actions page will+show a list of actions, with the 'Grant Support Access' option being the one+required here. A user can select this, then detemine the amount of time that+support agents are allowed access for. Once support has been granted, the+Dashboard will look something like this:+![Granted Support Access](resources/black-mountain-granted.png) -This is the second topic exercise section.+**Note:** It's also possible for a user to grant support for an entire+application by selecting the application's Dashboard page and going through+the same process (selecting 'Actions' and then 'Grant Support Access'). Granting+access to an application automatically grants access to all of its associated+devices. -# Conclusion+Once support access has been granted, an agent will be able to use the UUID of+a device to gain access to it, using a URL of the form:+https://dashboard.balena-cloud.com/devices/<deviceUUID>/summary++The Dashboard will function in almost exactly in the same way as it would were+the device owned by the support agent viewing it. They may view logs and+use the WebTerminal to access either the Host balenaOS or any service currently+running.++They may also use balena CLI to SSH into either the balenaOS host or any service+using `balena ssh <uuid> [serviceName]`.++### 1.2 Access Restrictions++There are limits on what a support agent may do with a device they have+been granted access to. This includes the alteration of service and environment+variables and configurations (both application and device).++Whilst this sounds like a limitation, it in fact ensures that a device being+investigated for an issue cannot be unduly altered or modified. Support+investigations are intended as an avenue of exploration and research for+ensuring that issues are categorised to allow improvements to the product+surface such that these issues are eliminated.++## 2. Initial Diagnosis++The balenaCloud Dashboard includes the ability to run a set of diagnostics on+a device, to determine its current condition. This should, in most cases,+be the first step in attempting to diagnose an issue without having to+actually access the device via SSH. Ensuring diagnostics and health checks+are examined first ensures that a support agent has a good idea of the type+of situation a device is in before SSHing into it, as well as ensuring that+the information can be accessed later if required (should a device be in a+catastrophic state). This helps greatly in a support post-mortem should one+be required.++Currently, diagnosis is only available via the Dashboard.++Let's take a look at the device provisioned earlier that is should now be+running the code pushed to the DebugApp. Bring up the balenaCloud Dashboard+page and select 'Diagnostics (Experimental)' from the left-hand panel.++Diagnostics are split into three separate sections: health checks, diagnostics+and Supervisor state.++### 2.1 Device Health Checks++Select the 'Device Health Checks' tab in the Diagnostics page, and then 'Run+checks'. A set of health checks will be quickly carried out on-device, and you+should see the following conditions:++| Check | Status | Notes |+| --- | --- | --- |+| check_balenaOS | Succeededsupported | balenaOS 2.x detected |+| check_under_voltage | Succeeded | No under-voltage events detected |+| check_memory | Succeeded | 75% memory available |+| check_container_engine | Succeeded | Container engine balena is running and has not restarted uncleanly+| check_supervisor | Succeeded | Supervisor is running |+| check_dns | Succeeded | First DNS server is 127.0.0.2 |+| check_diskspace | Succeeded | df reports 99% free |+| check_write_latency | Succeeded | No slow disk writes detected |+| check_service_restarts | Succeeded | No services are restarting unexpectedly |+| check_timesync | Succeeded | Time is synchronized |++This shows a healthy device, where there are no obvious faults. That's no fun,+let's create one!++SSH into your device, via `balena ssh`, using the appropriate UUID. We want to+SSH into the host OS, as that's where we'll wreak havoc:+```+$ balena ssh 7db55ce99e9c135dbc69974a7abbe511+=============================================================+    Welcome to balenaOS+=============================================================+root@7db55ce:~#+```+We're going to do a couple of things that will show up as problems. Something+you'll often check, and that we'll discuss later, is the state of the balena+Supervisor (which is responsible for the download, configuration, initialisation+and startup of applications and their services) and balenaEngine (which is a+highly customised fork of Docker that actually handles the images, containers+and volumes of an application's service).++First of all, we're going to kill the balenaEngine maliciously without letting+it shut down properly by finding its PID:+```+root@7db55ce:~# ps | awk '!/awk/ && /balenad/ {print $1}' | xargs kill -9+```+What this does is list the processes running, looks for the `balenad` executable+(the balenaEngine itself) and then stop the engine with a `SIGKILL` signal,+which won't let it clean up in a tidy fashion but make it immediately terminate.+In fact, we'll do it twice. Once you've waited about 30 seconds, run the command+again.++Now we'll look at the health checks again. Hit 'Run checks' again in the+Dashboard. After a few seconds, you'll now see the 'check_container_engine`+section has changed:+| Check | Status | Notes |+| --- | --- | --- |+| check_container_engine | Failed |Container engine balena is up, but has 2 unclean restarts and may be crashlooping (most recent start time: Thu 2019-11-14 17:38:24 UTC) |++Unclean restarts usually mean that the engine crashed abnormally with an issue.+This usually happens when something catastrophic occurs between the Supervisor+and balenaEngine or corruption occurs in the image/container/volume store.+Let's take a look at the journal for balenaEngine (`balena.service`) on the+device:+```+root@7db55ce:~# journalctl --no-pager -n 400 -u balena.service

SYSLOG_INDENTIFIER=balenad but I learned that this is also accessible via a journalctl flag: https://www.freedesktop.org/software/systemd/man/journalctl.html#-t

journalctl -u balena.service -t balenad would only show logs from the engine

hedss

comment created time in a month

push eventrobertgzr/homebrew-tap

udanpe

commit sha 58a84e3e00807783ae31f3560986efae2262957e

Update README.md (#10)

view details

push time in a month

PR merged robertgzr/homebrew-tap

Update README.md
+1 -1

0 comment

1 changed file

udanpe

pr closed time in a month

pull request commentrobertgzr/homebrew-tap

fix minor commandline mistake

That line refers to the https://github.com/robertgzr/homebrew-tap/blob/master/iosevka.rb which has a bunch of options that one can look at using the info command.

iosevka-font was removed from this tap: https://github.com/robertgzr/homebrew-tap/commit/bd152787b4dfbd5703530bd6a6a43b5719f8db0e

jeff-hykin

comment created time in a month

Pull request review commentrobertgzr/homebrew-tap

Update README.md

 ### How to use this repository?-https://github.com/Homebrew/brew/blob/master/docs/brew-tap.md-+```+brew tap robertgzr/tap+brew install iosevka --with-zero-dotted --with-eszet-traditional+```+Run `brew info iosevka` to see the options.

Can this be moved down under the iosevka heading?

udanpe

comment created time in a month

Pull request review commentrobertgzr/homebrew-tap

Update README.md

 ### How to use this repository?-https://github.com/Homebrew/brew/blob/master/docs/brew-tap.md-+```+brew tap robertgzr/tap

Maybe just replacing the dead link with https://github.com/Homebrew/brew/blob/master/docs/Taps.md would be better?

My reasoning is that anybody that randomly stumbles into this repo can also learn what it is there...

udanpe

comment created time in a month

push eventbalena-os/balena-engine

Robert Günzler

commit sha a8568eecb617a9f2e98542507011bdde1c106054

pkg/chrootarchive: Allow setting ioprio value for untar operations The feature is exposed via an env var MOBY_UNTAR_IONICE that when set should contain a priority value. We won't change the priority class (staying in the default best-effort class). As a result values between 0 (highest) and 7 (lowest) are allowed. See Documentation/block/ioprio.txt in the Linux kernel source tree. Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in a month

CommitCommentEvent

push eventbalena-os/balena-engine

Robert Günzler

commit sha 6b8b764df2c5067883588748af6d595c018d6798

pkg/chrootarchive: Allow setting ioprio value for untar operations The feature is exposed via an env var MOBY_UNTAR_IONICE that when set should contain a priority value. We won't change the priority class (staying in the default best-effort class). As a result values between 0 (highest) and 7 (lowest) are allowed. See Documentation/block/ioprio.txt in the Linux kernel source tree. Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in a month

push eventbalena-os/balena-engine

Robert Günzler

commit sha 0b4b50973102859df44eeef54c2694884d1fdf7b

pkg/chrootarchive: Allow setting ioprio value for untar operations The feature is exposed via an env var MOBY_UNTAR_IONICE that when set should contain a priority value. We won't change the priority class (staying in the default best-effort class). As a result values between 0 (highest) and 7 (lowest) are allowed. See Documentation/block/ioprio.txt in the Linux kernel source tree. Signed-off-by: Robert Günzler <robertg@balena.io>

view details

push time in a month

more