src/updater.js

'use strict';

exports = module.exports = {
    updateToLatest: updateToLatest,
    update: update
};

var apps = require('./apps.js'),
    assert = require('assert'),
    async = require('async'),
    BoxError = require('./boxerror.js'),
    child_process = require('child_process'),
    backups = require('./backups.js'),
    constants = require('./constants.js'),
    crypto = require('crypto'),
    debug = require('debug')('box:updater'),
    df = require('@sindresorhus/df'),
    eventlog = require('./eventlog.js'),
    locker = require('./locker.js'),
    mkdirp = require('mkdirp'),
    os = require('os'),
    path = require('path'),
    paths = require('./paths.js'),
    safe = require('safetydance'),
    semver = require('semver'),
    shell = require('./shell.js'),
    tasks = require('./tasks.js'),
    updateChecker = require('./updatechecker.js');

const RELEASES_PUBLIC_KEY = path.join(__dirname, 'releases.gpg');
const UPDATE_CMD = path.join(__dirname, 'scripts/update.sh');

function downloadUrl(url, file, callback) {
    assert.strictEqual(typeof file, 'string');
    assert.strictEqual(typeof callback, 'function');

    // do not assert since it comes from the appstore
    if (typeof url !== 'string')  return callback(new BoxError(BoxError.EXTERNAL_ERROR, `url cannot be download to ${file} as it is not a string`));

    let retryCount = 0;

    safe.fs.unlinkSync(file);

    async.retry({ times: 10, interval: 5000 }, function (retryCallback) {
        debug(`Downloading ${url} to ${file}. Try ${++retryCount}`);

        const args = `-s --fail ${url} -o ${file}`;

        debug(`downloadUrl: curl ${args}`);

        shell.spawn('downloadUrl', '/usr/bin/curl', args.split(' '), {}, function (error) {
            if (error) return retryCallback(new BoxError(BoxError.NETWORK_ERROR, `Failed to download ${url}: ${error.message}`));

            debug(`downloadUrl: downloadUrl ${url} to ${file}`);

            retryCallback();
        });
    }, callback);
}

function gpgVerify(file, sig, callback) {
    const cmd = `/usr/bin/gpg --status-fd 1 --no-default-keyring --keyring ${RELEASES_PUBLIC_KEY} --verify ${sig} ${file}`;

    debug(`gpgVerify: ${cmd}`);

    child_process.exec(cmd, { encoding: 'utf8' }, function (error, stdout, stderr) {
        if (error) return callback(new BoxError(BoxError.NOT_SIGNED, `The signature in ${path.basename(sig)} could not verified`));

        if (stdout.indexOf('[GNUPG:] VALIDSIG 0EADB19CDDA23CD0FE71E3470A372F8703C493CC')) return callback();

        debug(`gpgVerify: verification of ${sig} failed: ${stdout}\n${stderr}`);

        return callback(new BoxError(BoxError.NOT_SIGNED, `The signature in ${path.basename(sig)} could not verified`));
    });
}

function extractTarball(tarball, dir, callback) {
    const args = `-zxf ${tarball} -C ${dir}`;

    debug(`extractTarball: tar ${args}`);

    shell.spawn('extractTarball', '/bin/tar', args.split(' '), {}, function (error) {
        if (error) return callback(new BoxError(BoxError.FS_ERROR, `Failed to extract release package: ${error.message}`));

        safe.fs.unlinkSync(tarball);

        debug(`extractTarball: extracted ${tarball} to ${dir}`);

        callback();
    });
}

function verifyUpdateInfo(versionsFile, updateInfo, callback) {
    assert.strictEqual(typeof versionsFile, 'string');
    assert.strictEqual(typeof updateInfo, 'object');
    assert.strictEqual(typeof callback, 'function');

    var releases = safe.JSON.parse(safe.fs.readFileSync(versionsFile, 'utf8')) || { };
    if (!releases[constants.VERSION] || !releases[constants.VERSION].next) return callback(new BoxError(BoxError.EXTERNAL_ERROR, 'No version info'));
    var nextVersion = releases[constants.VERSION].next;
    if (typeof releases[nextVersion] !== 'object' || !releases[nextVersion]) return callback(new BoxError(BoxError.EXTERNAL_ERROR, 'No next version info'));
    if (releases[nextVersion].sourceTarballUrl !== updateInfo.sourceTarballUrl) return callback(new BoxError(BoxError.EXTERNAL_ERROR, 'Version info mismatch'));

    callback();
}

function downloadAndVerifyRelease(updateInfo, callback) {
    assert.strictEqual(typeof updateInfo, 'object');
    assert.strictEqual(typeof callback, 'function');

    let newBoxSource = path.join(os.tmpdir(), 'box-' + crypto.randomBytes(4).readUInt32LE(0));

    async.series([
        downloadUrl.bind(null, updateInfo.boxVersionsUrl, `${paths.UPDATE_DIR}/versions.json`),
        downloadUrl.bind(null, updateInfo.boxVersionsSigUrl, `${paths.UPDATE_DIR}/versions.json.sig`),
        gpgVerify.bind(null, `${paths.UPDATE_DIR}/versions.json`, `${paths.UPDATE_DIR}/versions.json.sig`),
        verifyUpdateInfo.bind(null, `${paths.UPDATE_DIR}/versions.json`, updateInfo),
        downloadUrl.bind(null, updateInfo.sourceTarballUrl, `${paths.UPDATE_DIR}/box.tar.gz`),
        downloadUrl.bind(null, updateInfo.sourceTarballSigUrl, `${paths.UPDATE_DIR}/box.tar.gz.sig`),
        gpgVerify.bind(null, `${paths.UPDATE_DIR}/box.tar.gz`, `${paths.UPDATE_DIR}/box.tar.gz.sig`),
        mkdirp.bind(null, newBoxSource),
        extractTarball.bind(null, `${paths.UPDATE_DIR}/box.tar.gz`, newBoxSource)
    ], function (error) {
        if (error) return callback(error);

        callback(null, { file: newBoxSource });
    });
}

function checkFreeDiskSpace(neededSpace, callback) {
    assert.strictEqual(typeof neededSpace, 'number');
    assert.strictEqual(typeof callback, 'function');

    // can probably be a bit more aggressive here since a new update can bring in new docker images
    df.file('/').then(function (diskUsage) {
        if (diskUsage.available < neededSpace) return callback(new BoxError(BoxError.FS_ERROR, 'Not enough disk space'));

        callback(null);
    }).catch(function (error) {
        callback(new BoxError(BoxError.FS_ERROR, error));
    });
}

function update(boxUpdateInfo, options, progressCallback, callback) {
    assert(boxUpdateInfo && typeof boxUpdateInfo === 'object');
    assert(options && typeof options === 'object');
    assert.strictEqual(typeof progressCallback, 'function');
    assert.strictEqual(typeof callback, 'function');

    progressCallback({ percent: 1, message: 'Checking disk space' });

    checkFreeDiskSpace(1024*1024*1024, function (error) {
        if (error) return callback(error);

        progressCallback({ percent: 5, message: 'Downloading and verifying release' });

        downloadAndVerifyRelease(boxUpdateInfo, function (error, packageInfo) {
            if (error) return callback(error);

            function maybeBackup(next) {
                if (options.skipBackup) return next();

                progressCallback({ percent: 10, message: 'Backing up' });

                backups.backupBoxAndApps((progress) => progressCallback({ percent: 10+progress.percent*70/100, message: progress.message }), next);
            }

            maybeBackup(function (error) {
                if (error) return callback(error);

                debug('updating box %s', boxUpdateInfo.sourceTarballUrl);

                progressCallback({ percent: 70, message: 'Installing update' });

                // run installer.sh from new box code as a separate service
                shell.sudo('update', [ UPDATE_CMD, packageInfo.file ], {}, function (error) {
                    if (error) return callback(error);

                    // Do not add any code here. The installer script will stop the box code any instant
                });
            });
        });
    });
}

function canUpdate(boxUpdateInfo, callback) {
    assert.strictEqual(typeof boxUpdateInfo, 'object');
    assert.strictEqual(typeof callback, 'function');

    apps.getAll(function (error, result) {
        if (error) return callback(error);

        for (let app of result) {
            const maxBoxVersion = app.manifest.maxBoxVersion;
            if (semver.valid(maxBoxVersion) && semver.gt(boxUpdateInfo.version, maxBoxVersion)) {
                return callback(new BoxError(BoxError.BAD_STATE, `Cannot update to v${boxUpdateInfo.version} because ${app.fqdn} has a maxBoxVersion of ${maxBoxVersion}`));
            }
        }

        callback();
    });
}

function updateToLatest(options, auditSource, callback) {
    assert.strictEqual(typeof options, 'object');
    assert.strictEqual(typeof auditSource, 'object');
    assert.strictEqual(typeof callback, 'function');

    var boxUpdateInfo = updateChecker.getUpdateInfo().box;
    if (!boxUpdateInfo) return callback(new BoxError(BoxError.NOT_FOUND, 'No update available'));
    if (!boxUpdateInfo.sourceTarballUrl) return callback(new BoxError(BoxError.BAD_STATE, 'No automatic update available'));

    canUpdate(boxUpdateInfo, function (error) {
        if (error) return callback(error);

        error = locker.lock(locker.OP_BOX_UPDATE);
        if (error) return callback(new BoxError(BoxError.BAD_STATE, `Cannot update now: ${error.message}`));

        tasks.add(tasks.TASK_UPDATE, [ boxUpdateInfo, options ], function (error, taskId) {
            if (error) return callback(error);

            eventlog.add(eventlog.ACTION_UPDATE, auditSource, { taskId, boxUpdateInfo });

            tasks.startTask(taskId, { timeout: 20 * 60 * 60 * 1000 /* 20 hours */ }, (error) => {
                locker.unlock(locker.OP_BOX_UPDATE);

                debug('Update failed with error', error);

                const timedOut = error.code === tasks.ETIMEOUT;
                eventlog.add(eventlog.ACTION_UPDATE_FINISH, auditSource, { taskId, errorMessage: error.message, timedOut });
            });

            callback(null, taskId);
        });
    });
}
refactor updater logic into updater.js 2018-07-31 11:35:23 -07:00			`'use strict';`

			`exports = module.exports = {`
			`updateToLatest: updateToLatest,`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			`update: update`
refactor updater logic into updater.js 2018-07-31 11:35:23 -07:00			`};`

block updates if app has a maxBoxVersion less than incoming version 2019-02-25 10:03:46 -08:00			`var apps = require('./apps.js'),`
			`assert = require('assert'),`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00			`async = require('async'),`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			`BoxError = require('./boxerror.js'),`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00			`child_process = require('child_process'),`
refactor updater logic into updater.js 2018-07-31 11:35:23 -07:00			`backups = require('./backups.js'),`
Use constants.version instead of config.version 2019-07-25 14:40:52 -07:00			`constants = require('./constants.js'),`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00			`crypto = require('crypto'),`
refactor updater logic into updater.js 2018-07-31 11:35:23 -07:00			`debug = require('debug')('box:updater'),`
Check available disk space before update Part of #642 2019-08-12 21:09:22 -07:00			`df = require('@sindresorhus/df'),`
Add taskworker that runs funcs out of process 2018-12-09 03:20:00 -08:00			`eventlog = require('./eventlog.js'),`
			`locker = require('./locker.js'),`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00			`mkdirp = require('mkdirp'),`
			`os = require('os'),`
refactor updater logic into updater.js 2018-07-31 11:35:23 -07:00			`path = require('path'),`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00			`paths = require('./paths.js'),`
			`safe = require('safetydance'),`
block updates if app has a maxBoxVersion less than incoming version 2019-02-25 10:03:46 -08:00			`semver = require('semver'),`
refactor updater logic into updater.js 2018-07-31 11:35:23 -07:00			`shell = require('./shell.js'),`
Rework the progress API to use the task progress 2018-11-19 20:01:02 -08:00			`tasks = require('./tasks.js'),`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			`updateChecker = require('./updatechecker.js');`
refactor updater logic into updater.js 2018-07-31 11:35:23 -07:00
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00			`const RELEASES_PUBLIC_KEY = path.join(__dirname, 'releases.gpg');`
refactor updater logic into updater.js 2018-07-31 11:35:23 -07:00			`const UPDATE_CMD = path.join(__dirname, 'scripts/update.sh');`

GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00			`function downloadUrl(url, file, callback) {`
			`assert.strictEqual(typeof file, 'string');`
			`assert.strictEqual(typeof callback, 'function');`

			`// do not assert since it comes from the appstore`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			if (typeof url !== 'string') return callback(new BoxError(BoxError.EXTERNAL_ERROR, `url cannot be download to ${file} as it is not a string`));
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00
			`let retryCount = 0;`

			`safe.fs.unlinkSync(file);`

			`async.retry({ times: 10, interval: 5000 }, function (retryCallback) {`
			debug(`Downloading ${url} to ${file}. Try ${++retryCount}`);

			const args = `-s --fail ${url} -o ${file}`;

			debug(`downloadUrl: curl ${args}`);

Fix args to shell.sudo 2018-11-25 14:57:17 -08:00			`shell.spawn('downloadUrl', '/usr/bin/curl', args.split(' '), {}, function (error) {`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			if (error) return retryCallback(new BoxError(BoxError.NETWORK_ERROR, `Failed to download ${url}: ${error.message}`));
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00
			debug(`downloadUrl: downloadUrl ${url} to ${file}`);

			`retryCallback();`
			`});`
			`}, callback);`
			`}`

			`function gpgVerify(file, sig, callback) {`
			const cmd = `/usr/bin/gpg --status-fd 1 --no-default-keyring --keyring ${RELEASES_PUBLIC_KEY} --verify ${sig} ${file}`;

			debug(`gpgVerify: ${cmd}`);

			`child_process.exec(cmd, { encoding: 'utf8' }, function (error, stdout, stderr) {`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			if (error) return callback(new BoxError(BoxError.NOT_SIGNED, `The signature in ${path.basename(sig)} could not verified`));
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00
			`if (stdout.indexOf('[GNUPG:] VALIDSIG 0EADB19CDDA23CD0FE71E3470A372F8703C493CC')) return callback();`

			debug(`gpgVerify: verification of ${sig} failed: ${stdout}\n${stderr}`);

Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			return callback(new BoxError(BoxError.NOT_SIGNED, `The signature in ${path.basename(sig)} could not verified`));
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00			`});`
			`}`

			`function extractTarball(tarball, dir, callback) {`
			const args = `-zxf ${tarball} -C ${dir}`;

			debug(`extractTarball: tar ${args}`);

Fix args to shell.sudo 2018-11-25 14:57:17 -08:00			`shell.spawn('extractTarball', '/bin/tar', args.split(' '), {}, function (error) {`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			if (error) return callback(new BoxError(BoxError.FS_ERROR, `Failed to extract release package: ${error.message}`));
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00
			`safe.fs.unlinkSync(tarball);`

			debug(`extractTarball: extracted ${tarball} to ${dir}`);

			`callback();`
			`});`
			`}`

			`function verifyUpdateInfo(versionsFile, updateInfo, callback) {`
			`assert.strictEqual(typeof versionsFile, 'string');`
			`assert.strictEqual(typeof updateInfo, 'object');`
			`assert.strictEqual(typeof callback, 'function');`

			`var releases = safe.JSON.parse(safe.fs.readFileSync(versionsFile, 'utf8')) \|\| { };`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			`if (!releases[constants.VERSION] \|\| !releases[constants.VERSION].next) return callback(new BoxError(BoxError.EXTERNAL_ERROR, 'No version info'));`
Use constants.version instead of config.version 2019-07-25 14:40:52 -07:00			`var nextVersion = releases[constants.VERSION].next;`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			`if (typeof releases[nextVersion] !== 'object' \|\| !releases[nextVersion]) return callback(new BoxError(BoxError.EXTERNAL_ERROR, 'No next version info'));`
			`if (releases[nextVersion].sourceTarballUrl !== updateInfo.sourceTarballUrl) return callback(new BoxError(BoxError.EXTERNAL_ERROR, 'Version info mismatch'));`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00
			`callback();`
			`}`

			`function downloadAndVerifyRelease(updateInfo, callback) {`
			`assert.strictEqual(typeof updateInfo, 'object');`
			`assert.strictEqual(typeof callback, 'function');`

			`let newBoxSource = path.join(os.tmpdir(), 'box-' + crypto.randomBytes(4).readUInt32LE(0));`

			`async.series([`
			downloadUrl.bind(null, updateInfo.boxVersionsUrl, `${paths.UPDATE_DIR}/versions.json`),
			downloadUrl.bind(null, updateInfo.boxVersionsSigUrl, `${paths.UPDATE_DIR}/versions.json.sig`),
			gpgVerify.bind(null, `${paths.UPDATE_DIR}/versions.json`, `${paths.UPDATE_DIR}/versions.json.sig`),
			verifyUpdateInfo.bind(null, `${paths.UPDATE_DIR}/versions.json`, updateInfo),
			downloadUrl.bind(null, updateInfo.sourceTarballUrl, `${paths.UPDATE_DIR}/box.tar.gz`),
			downloadUrl.bind(null, updateInfo.sourceTarballSigUrl, `${paths.UPDATE_DIR}/box.tar.gz.sig`),
			gpgVerify.bind(null, `${paths.UPDATE_DIR}/box.tar.gz`, `${paths.UPDATE_DIR}/box.tar.gz.sig`),
			`mkdirp.bind(null, newBoxSource),`
			extractTarball.bind(null, `${paths.UPDATE_DIR}/box.tar.gz`, newBoxSource)
			`], function (error) {`
			`if (error) return callback(error);`

			`callback(null, { file: newBoxSource });`
			`});`
			`}`

Check available disk space before update Part of #642 2019-08-12 21:09:22 -07:00			`function checkFreeDiskSpace(neededSpace, callback) {`
			`assert.strictEqual(typeof neededSpace, 'number');`
			`assert.strictEqual(typeof callback, 'function');`

			`// can probably be a bit more aggressive here since a new update can bring in new docker images`
			`df.file('/').then(function (diskUsage) {`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			`if (diskUsage.available < neededSpace) return callback(new BoxError(BoxError.FS_ERROR, 'Not enough disk space'));`
typo 2019-08-12 21:47:22 -07:00
			`callback(null);`
Check available disk space before update Part of #642 2019-08-12 21:09:22 -07:00			`}).catch(function (error) {`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			`callback(new BoxError(BoxError.FS_ERROR, error));`
Check available disk space before update Part of #642 2019-08-12 21:09:22 -07:00			`});`
			`}`

Add option to skip backup before update 2019-05-12 13:28:53 -07:00			`function update(boxUpdateInfo, options, progressCallback, callback) {`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00			`assert(boxUpdateInfo && typeof boxUpdateInfo === 'object');`
Add option to skip backup before update 2019-05-12 13:28:53 -07:00			`assert(options && typeof options === 'object');`
run update as a task, so it is cancelable 2018-11-30 16:00:47 -08:00			`assert.strictEqual(typeof progressCallback, 'function');`
			`assert.strictEqual(typeof callback, 'function');`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00
Check available disk space before update Part of #642 2019-08-12 21:09:22 -07:00			`progressCallback({ percent: 1, message: 'Checking disk space' });`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00
Check available disk space before update Part of #642 2019-08-12 21:09:22 -07:00			`checkFreeDiskSpace(102410241024, function (error) {`
run update as a task, so it is cancelable 2018-11-30 16:00:47 -08:00			`if (error) return callback(error);`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00
Check available disk space before update Part of #642 2019-08-12 21:09:22 -07:00			`progressCallback({ percent: 5, message: 'Downloading and verifying release' });`
Add option to skip backup before update 2019-05-12 13:28:53 -07:00
Check available disk space before update Part of #642 2019-08-12 21:09:22 -07:00			`downloadAndVerifyRelease(boxUpdateInfo, function (error, packageInfo) {`
run update as a task, so it is cancelable 2018-11-30 16:00:47 -08:00			`if (error) return callback(error);`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00
Check available disk space before update Part of #642 2019-08-12 21:09:22 -07:00			`function maybeBackup(next) {`
			`if (options.skipBackup) return next();`

			`progressCallback({ percent: 10, message: 'Backing up' });`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00
Check available disk space before update Part of #642 2019-08-12 21:09:22 -07:00			`backups.backupBoxAndApps((progress) => progressCallback({ percent: 10+progress.percent*70/100, message: progress.message }), next);`
			`}`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00
Check available disk space before update Part of #642 2019-08-12 21:09:22 -07:00			`maybeBackup(function (error) {`
run update as a task, so it is cancelable 2018-11-30 16:00:47 -08:00			`if (error) return callback(error);`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00
Check available disk space before update Part of #642 2019-08-12 21:09:22 -07:00			`debug('updating box %s', boxUpdateInfo.sourceTarballUrl);`

			`progressCallback({ percent: 70, message: 'Installing update' });`

			`// run installer.sh from new box code as a separate service`
			`shell.sudo('update', [ UPDATE_CMD, packageInfo.file ], {}, function (error) {`
			`if (error) return callback(error);`

			`// Do not add any code here. The installer script will stop the box code any instant`
			`});`
GPG verify releases Part of #189 2018-08-01 15:38:40 -07:00			`});`
			`});`
			`});`
			`}`
refactor updater logic into updater.js 2018-07-31 11:35:23 -07:00
block updates if app has a maxBoxVersion less than incoming version 2019-02-25 10:03:46 -08:00			`function canUpdate(boxUpdateInfo, callback) {`
			`assert.strictEqual(typeof boxUpdateInfo, 'object');`
			`assert.strictEqual(typeof callback, 'function');`

			`apps.getAll(function (error, result) {`
do not re-generate DATABASE_ERROR 2019-10-24 20:31:45 -07:00			`if (error) return callback(error);`
block updates if app has a maxBoxVersion less than incoming version 2019-02-25 10:03:46 -08:00
			`for (let app of result) {`
			`const maxBoxVersion = app.manifest.maxBoxVersion;`
			`if (semver.valid(maxBoxVersion) && semver.gt(boxUpdateInfo.version, maxBoxVersion)) {`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			return callback(new BoxError(BoxError.BAD_STATE, `Cannot update to v${boxUpdateInfo.version} because ${app.fqdn} has a maxBoxVersion of ${maxBoxVersion}`));
block updates if app has a maxBoxVersion less than incoming version 2019-02-25 10:03:46 -08:00			`}`
			`}`

			`callback();`
			`});`
			`}`

Add option to skip backup before update 2019-05-12 13:28:53 -07:00			`function updateToLatest(options, auditSource, callback) {`
			`assert.strictEqual(typeof options, 'object');`
refactor updater logic into updater.js 2018-07-31 11:35:23 -07:00			`assert.strictEqual(typeof auditSource, 'object');`
			`assert.strictEqual(typeof callback, 'function');`

			`var boxUpdateInfo = updateChecker.getUpdateInfo().box;`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			`if (!boxUpdateInfo) return callback(new BoxError(BoxError.NOT_FOUND, 'No update available'));`
			`if (!boxUpdateInfo.sourceTarballUrl) return callback(new BoxError(BoxError.BAD_STATE, 'No automatic update available'));`
refactor updater logic into updater.js 2018-07-31 11:35:23 -07:00
block updates if app has a maxBoxVersion less than incoming version 2019-02-25 10:03:46 -08:00			`canUpdate(boxUpdateInfo, function (error) {`
			`if (error) return callback(error);`
translate TaskError to UpdateError 2018-12-04 14:04:43 -08:00
block updates if app has a maxBoxVersion less than incoming version 2019-02-25 10:03:46 -08:00			`error = locker.lock(locker.OP_BOX_UPDATE);`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			if (error) return callback(new BoxError(BoxError.BAD_STATE, `Cannot update now: ${error.message}`));
Add taskworker that runs funcs out of process 2018-12-09 03:20:00 -08:00
rework task API to be two-phase this lets us avoid this EE based API. we now add and then start explicitly. 2019-08-27 22:39:59 -07:00			`tasks.add(tasks.TASK_UPDATE, [ boxUpdateInfo, options ], function (error, taskId) {`
Move UpdaterError to BoxError 2019-10-23 09:39:26 -07:00			`if (error) return callback(error);`
rework task API to be two-phase this lets us avoid this EE based API. we now add and then start explicitly. 2019-08-27 22:39:59 -07:00
block updates if app has a maxBoxVersion less than incoming version 2019-02-25 10:03:46 -08:00			`eventlog.add(eventlog.ACTION_UPDATE, auditSource, { taskId, boxUpdateInfo });`

Add a timeout for update as well this will send a notification if an update gets stuck 2019-10-14 09:30:20 -07:00			`tasks.startTask(taskId, { timeout: 20 * 60 * 60 * 1000 /* 20 hours */ }, (error) => {`
rework task API to be two-phase this lets us avoid this EE based API. we now add and then start explicitly. 2019-08-27 22:39:59 -07:00			`locker.unlock(locker.OP_BOX_UPDATE);`

			`debug('Update failed with error', error);`
Add a timeout for update as well this will send a notification if an update gets stuck 2019-10-14 09:30:20 -07:00
			`const timedOut = error.code === tasks.ETIMEOUT;`
			`eventlog.add(eventlog.ACTION_UPDATE_FINISH, auditSource, { taskId, errorMessage: error.message, timedOut });`
rework task API to be two-phase this lets us avoid this EE based API. we now add and then start explicitly. 2019-08-27 22:39:59 -07:00			`});`

			`callback(null, taskId);`
block updates if app has a maxBoxVersion less than incoming version 2019-02-25 10:03:46 -08:00			`});`
Add taskworker that runs funcs out of process 2018-12-09 03:20:00 -08:00			`});`
refactor updater logic into updater.js 2018-07-31 11:35:23 -07:00			`}`