[8.x](backport #5864) Feature/4890 detect fail early upgrade #5978
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![mergify[bot]](https://avatars.githubusercontent.com/in/10562?s=60&v=4){kind=small}
* feature(4890): added shouldUpgrade function in the upgrade cli file * feature(4890): added shouldUpgrade check into the upgrade command * feature(4890): ran gofmt * feature(4890): added a "force" flag, marked it as hidden * feature(4890): removed dpkg, rpm and container logic * feature(4890): ran gofmt * feature(4890): updated the function signature of the upgrade command, updated tests, added new tests * feature(4890): update comments * feature(4890): added changelog fragment * feature(4890): added fatal log in case there is an error while marking force flag as hidden * feature(4890): added error checks in tests * feature(4890): updated the summary in the changelog fragment * feature(4890): removed the shorthand flag for the force flag * feature(4890): updated synchronization in the tests * Update internal/pkg/agent/cmd/upgrade_test.go Co-authored-by: Paolo Chilà <paolo.chila@elastic.co> * feature(4890): using streams err output instead of defaulting to stderr * feature(4890): use EXPECT instead of On * feature(4890): moved unconfirmed upgrade error to a package var * feature(4890): removed confirmation from upgrade check for when force flag is set * Update internal/pkg/agent/cmd/upgrade.go Co-authored-by: Paolo Chilà <paolo.chila@elastic.co> * Update internal/pkg/agent/cmd/upgrade.go Co-authored-by: Paolo Chilà <paolo.chila@elastic.co> * feature(4890): fix errors * Update internal/pkg/agent/cmd/upgrade.go Co-authored-by: Craig MacKenzie <craig.mackenzie@elastic.co> * feature(4890): update test * fearure(4890): replace ageninfo with state call - updated agentinfo proto - updated relevant generated code - implemented state call in the upgrade cmd * feature(4890): updated proto, client and server implementation * feature(4890): fix struct tag * feature(4890): added skip-verify checks * feature(4890): ran addLicenseHeaders * feature(4890): ran mage clean * feature(4890): fix typo * feature(4890): added timeout to connection * feature(4890): changed condition check order * feature(4890): fix unit tests * feature(4890): refactored tests, using mock client * Update internal/pkg/agent/cmd/upgrade.go Co-authored-by: Andrzej Stencel <andrzej.stencel@elastic.co> * feature(4890): use lower case "f" in error messages to be more consistent * feature(4890): remove duplicate line * feature(4890): ran mage controlProto with correct protoc version --------- Co-authored-by: Paolo Chilà <paolo.chila@elastic.co> Co-authored-by: Craig MacKenzie <craig.mackenzie@elastic.co> Co-authored-by: Andrzej Stencel <andrzej.stencel@elastic.co> (cherry picked from commit 8579474)
mergify
bot
requested review from
pkoutsovasilis and
swiatekm
and removed request for
a team
michalpristas
added
the
Team:Elastic-Agent-Control-Plane
|
Pinging @elastic/elastic-agent-control-plane (Team:Elastic-Agent-Control-Plane) |
michalpristas
approved these changes
Nov 8, 2024
|
|
This pull request has not been merged yet. Could you please review and merge it @kaanyalti? 🙏 |
swiatekm
approved these changes
Nov 12, 2024
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
This PR restricts using the cli to upgrade fleet managed elastic agents. With this implementation, the only way to upgrade a fleet managed agent using the cli is only if the agent is running in privileged mode and the user provides a
forceflag.Checklist
[ ] I have made corresponding changes to the documentation[ ] I have made corresponding change to the default configuration files./changelog/fragmentsusing the changelog tool[ ] I have added an integration test or an E2E testDisruptive User Impact
If users are upgrading fleet-managed agents using the cli for some reason, they should be aware that the upgrade command will stop working for agents running in unprivileged mode. For any fleet managed agents running in privileged mode, users will need to go through an interactive step and use the
--forceflag to be able to upgrade an agent.How to test this PR locally
Setup
DEV=true SNAPSHOT=true mage build--developflag to your installation commandTest cases
Unprivileged
--unprivilegedflag to your installation commandsudo -u elastic-agent-user elastic-development-agent upgrade <VERSION>. The command should not execute.--forceflag does not change the behaviorPrivileged
sudo elastic-development-agent upgrade <VERSION>. The command should not execute--forceflagsudo elastcit-development-agent upgrade <VERSION> --force.Related issues
This is an automatic backport of pull request #5864 done by [Mergify](https://mergify.com).