balena-cli/build/utils/config.js

The official balena Command Line Interface

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.generateApplicationConfig = generateApplicationConfig;
exports.generateDeviceConfig = generateDeviceConfig;
exports.populateDeviceConfig = populateDeviceConfig;
exports.readAndValidateConfigJson = readAndValidateConfigJson;
exports.validateDevOptionAndWarn = validateDevOptionAndWarn;
exports.validateSecureBootOptionAndWarn = validateSecureBootOptionAndWarn;
const lazy_1 = require("./lazy");
async function generateApplicationConfig(application, options) {
    var _a, _b, _c;
    options = {
        ...options,
        appUpdatePollInterval: options.appUpdatePollInterval || 10,
    };
    const config = (await (0, lazy_1.getBalenaSdk)().models.os.getConfig(application.slug, options));
    if ((_a = options.os) === null || _a === void 0 ? void 0 : _a.sshKeys) {
        (_b = config.os) !== null && _b !== void 0 ? _b : (config.os = {});
        config.os.sshKeys = config.os.sshKeys
            ? [...config.os.sshKeys, ...options.os.sshKeys]
            : options.os.sshKeys;
    }
    if (options.secureBoot) {
        (_c = config.installer) !== null && _c !== void 0 ? _c : (config.installer = {});
        config.installer.secureboot = options.secureBoot;
    }
    return config;
}
async function generateDeviceConfig(device, deviceApiKey, options) {
    const sdk = (0, lazy_1.getBalenaSdk)();
    const application = await sdk.models.application.get(device.belongs_to__application.__id);
    const baseConfigOpts = {
        ...options,
        deviceType: device.is_of__device_type[0].slug,
    };
    const config = await generateApplicationConfig(application, baseConfigOpts);
    populateDeviceConfig(config, device, typeof deviceApiKey === 'string' && deviceApiKey
        ? deviceApiKey
        : await sdk.models.device.generateDeviceKey(device.uuid));
    return config;
}
function populateDeviceConfig(config, device, deviceApiKey) {
    delete config.apiKey;
    config.deviceApiKey = deviceApiKey;
    config.registered_at = Math.floor(Date.now() / 1000);
    config.deviceId = device.id;
    config.uuid = device.uuid;
}
async function readAndValidateConfigJson(path) {
    var _a;
    const fs = await Promise.resolve().then(() => require('fs/promises'));
    const [rawConfig, { ExpectedError }] = await Promise.all([
        fs.readFile(path, 'utf8'),
        Promise.resolve().then(() => require('../errors')),
    ]);
    const configJson = JSON.parse(rawConfig);
    if (configJson == null || typeof configJson !== 'object') {
        throw new ExpectedError(`Invalid config.json file: ${path}`);
    }
    if (typeof configJson.applicationId !== 'number') {
        throw new ExpectedError('Missing or invalid applicationId in config.json');
    }
    if (typeof configJson.deviceType !== 'string' ||
        configJson.deviceType === '') {
        throw new ExpectedError('Missing or invalid deviceType in config.json');
    }
    const secureboot = (_a = configJson.installer) === null || _a === void 0 ? void 0 : _a.secureboot;
    if (secureboot != null && typeof secureboot !== 'boolean') {
        throw new ExpectedError(`Invalid installer.secureboot in config.json: value must be a boolean, found ${typeof secureboot}: '${secureboot}'`);
    }
    return configJson;
}
async function validateDevOptionAndWarn(dev, version, logger) {
    if (!dev) {
        return;
    }
    if (version && /\bprod\b/.test(version)) {
        const { ExpectedError } = await Promise.resolve().then(() => require('../errors'));
        throw new ExpectedError(`Error: The '--dev' option conflicts with production balenaOS version '${version}'`);
    }
    if (!logger) {
        const Logger = await Promise.resolve().then(() => require('./logger'));
        logger = Logger.getLogger();
    }
    logger.logInfo((0, lazy_1.stripIndent) `
		The '--dev' option is being used to configure a balenaOS image in development mode.
		Please note that development mode allows unauthenticated, passwordless root ssh access
		and exposes network ports such as 2375 that allows unencrypted access to balenaEngine.
		Therefore, development mode should only be used in private, trusted local networks.`);
}
async function validateSecureBootOptionAndWarn(secureBoot, slug, version, logger) {
    var _a;
    if (!secureBoot) {
        return;
    }
    const { ExpectedError } = await Promise.resolve().then(() => require('../errors'));
    if (!version) {
        throw new ExpectedError(`Error: No version provided`);
    }
    if (!slug) {
        throw new ExpectedError(`Error: No device type provided`);
    }
    const sdk = (0, lazy_1.getBalenaSdk)();
    const [osRelease] = await sdk.models.os.getAllOsVersions(slug, {
        $select: 'contract',
        $filter: { raw_version: version },
    });
    if (!osRelease) {
        throw new ExpectedError(`Error: No ${version} release for ${slug}`);
    }
    const contract = osRelease.contract;
    if ((_a = contract === null || contract === void 0 ? void 0 : contract.provides) === null || _a === void 0 ? void 0 : _a.some((entry) => {
        return entry.type === 'sw.feature' && entry.slug === 'secureboot';
    })) {
        if (!logger) {
            const Logger = await Promise.resolve().then(() => require('./logger'));
            logger = Logger.getLogger();
        }
        logger.logInfo((0, lazy_1.stripIndent) `
			The '--secureBoot' option is being used to configure a balenaOS installer image
			into secure boot and full disk encryption.`);
    }
    else {
        throw new ExpectedError(`Error: The '--secureBoot' option is not supported for ${slug} in ${version}`);
    }
}
//# sourceMappingURL=config.js.map