[v16] Fix major version check for stateless environment#54640
Closed
vapopov wants to merge 1 commit intobranch/v16from
Closed
[v16] Fix major version check for stateless environment#54640vapopov wants to merge 1 commit intobranch/v16from
vapopov wants to merge 1 commit intobranch/v16from
Conversation
* Added auth information resource with persisting teleport version * Check the set of the auth info to compare with min/max versions in cluster * Store only one entity for the cluster version * Add CRUD endpoints Change to use conditional update and retry Fix spelling * Add validation for version, sub kind, kind, name * Rename to authinfo.go * Assigning error after creating new resource * Move retry logic to version check helper * Call create/update depends on if resource is created already Read local database once without retry * Restrict major version downgrade * Make `--skip-version-check` available for major upgrade check * Fix linter warnings * Add logs and make skip more safe in case of broke item in backend * Remove deleting version item from process database, stateBackend doesn't support deletion (requires implementation for kube secrets storage) * Rename AuthInfo to BackendInfo Add cleanup of the version item from process storage after successful migration * Make skip-version-check to upsert the version in backend * Update lib/auth/version.go Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com> --------- Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com>
espadolini
approved these changes
May 8, 2025
Contributor
|
How will this change interact when updating to versions that don't have it? e.g. we run the latest v16, we update to v17.1.0, then to the latest v17 |
Contributor
Author
|
@hugoShaka good point cluster with persisting local database:
|
Contributor
|
On one hand that's one unlikely update path (latest v16 -> early v17 -> v18), on the other this would break our version compatibility guarantees. I would lean toward not backporting to v16 and v15 (this would not protect users properly anyway if they are updating to a version that doesn't have this change). |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport #52837 to branch/v16
Changelog: Fixed major version check for stateless environment