* Add job group execution limit option
* Fix pylint issues
* Assign variable before usage
* Cleanup jobs when done
* Remove isinstance check for performance
* Explicitly raise from None
* Add some more documentation info
* Reduce executor code for docker
* Fix pylint errors and move import/export image
* Fix test and a couple other risky executor calls
* Fix dataclass and return
* Fix test case and add one for corrupt docker
* Add some coverage
* Undo changes to docker manager startup
* Addon startup waits for healthy
* fix import for pylint
* wait_for to 5 in tests
* Adjust tests to simplify async tasks
* Remove wait_boot time from addons.boot tests
* Eliminate async task race conditions in tests
* Fix propagation mode of mounts to allow Ha-Core to start
Change the mount propagation mode from SLAVE to RSLAVE in case of /media and /share
* Check /share and /media to use RSLAVE as a propagation mode of mount
* Fix mount propagation mode of /share and /media
* Check /share and /media for rslave propagation mode
* Add host UTS namespace support for Add-Ons
Using the UTS host namespace is useful when running a mDNS responder
which learns the hostname from the gethostname syscall. This way the
add-on can use the system's hostname without further doing.
* Check host_uts default
* Adjust Security rating if host UTS mode and CAP_ADMIN is set
* Don't add hostname to DNS server if UTS namespace is disabled
* Simplify hostname logic
* Update supervisor/docker/addon.py
Co-authored-by: Mike Degatano <michael.degatano@gmail.com>
---------
Co-authored-by: Mike Degatano <michael.degatano@gmail.com>
* Add enhanced logging REST endpoints using systemd-journal-gatewayd
Add /host/logs/entries and /host/logs/{identifier}/entries to expose log
entries from systemd-journald running on the host. Use
systemd-journal-gatewayd which exposes the logs to the Supervisor via
Unix socket.
Current two query string parameters are allowed: "boot" and "follow".
The first will only return logs since last boot. The second will keep
the HTTP request open and send new log entries as they get added to the
systemd-journal.
* Allow Range header
Forward the Range header to systemd-journal-gatewayd. This allows to
select only a certain amount of log data. The Range header is a standard
header to select only partial amount of data. However, the "entries="
prefix is custom for systemd-journal-gatewayd, denoting that the numbers
following represent log entries (as opposed to bytes or other metrics).
* Avoid connecting if systemd-journal-gatewayd is not available
* Use path for all options
* Add pytests
* Address pylint issues
* Boot ID offsets and slug to identifier
* Fix tests
* API refactor from feedback
* fix tests and add identifiers
* stop isort and pylint fighting
* fix tests
* Update default log identifiers
* Only modify /host/logs endpoints
* Fix bad import
* Load log caches asynchronously at startup
* Allow task to complete in fixture
* Boot IDs and identifiers loaded on demand
* Add suggested identifiers
* Fix tests around boot ids
Co-authored-by: Mike Degatano <michael.degatano@gmail.com>
* Improve system behavior on low memory situation
Adjust OOM killer score to prevent crucial services from getting
selected.
* Adjust OOM score of DNS plug-in as well
* Docker events based watchdog
* Separate monitor from DockerAPI since it needs coresys
* Move monitor into dockerAPI
* Fix properties on coresys
* Add watchdog tests
* Added tests
* pylint issue
* Current state failures test
* Thread-safe event processing
* Use labels property
* Cleanup API / old rebranding
* cleanup p2
* next round
* better comments
* cleanup import
* support only installed add-ons
* legacy migration
* test fixes
* add old env back
* revert for Core
* fix issues with old core
* fix
* using installed short cat
* revert
* extend legacy
* cleanup
* fix path
* Fix missing
* add stop
* readd old token
* Add minimal
* extend attributes
* Add repo back
* add more repo info
* Make it working
* Bump frontend to e7848262 (#3680)
* Add icon
Co-authored-by: Joakim Sørensen <joasoe@gmail.com>
The CLI plug-in stays up even without command. This saves a few
kilobytes of RAM.
It also allows s6-overlay's stage2 to complete. The stage2 execlineb
process has an enormously long cmdline, with strings like "init-stage2
failed" in it. This has previously led people to belive that there is a
problem (while there isn't). So as a side effect, getting stage2 to
complete side steps such confusion and makes the list of processes
cleaner.
* Using CAS for content-trust
* v2
* Fix linting errors
* Adjust field checked for status in CAS response
* CI workflow needs CAS not VCN now
* Use cwd in test as code won't be in /usr/src
* Pre-cache CAS pub key for supervisor
* Cas doesn't actually need key file executable
Co-authored-by: Mike Degatano <michael.degatano@gmail.com>
Make sure to not reference version attribute from the DockerAddon
instance since it is not yet populated in case this instance hadn't
installed that Add-on previously.
Use the higher level Images.load() API which returns a list of images
instead of loading with the lower level API and then search for the
image we just imported.
