Gracefully fail when cannot do client tools updates#57142
Merged
Conversation
hugoShaka
changed the title
vapopov
approved these changes
Jul 24, 2025
espadolini
approved these changes
Jul 24, 2025
public-teleport-github-review-bot
bot
removed request for
fheinecke,
sclevine and
smallinsky
sclevine
approved these changes
Jul 24, 2025
| // the installation is recorded in the configuration file, and the tool is re-executed with the updated version. | ||
| func CheckAndUpdateLocal(ctx context.Context, currentProfileName string, reExecArgs []string) error { | ||
| // If client tools updates are explicitly disabled, we want to catch this as soon as possible | ||
| // so we don't try to read te user home directory, fail, and log warnings. |
Member
There was a problem hiding this comment.
Suggested change
| // so we don't try to read te user home directory, fail, and log warnings. | |
| // so we don't try to read the user home directory, fail, and log warnings. |
auto-merge was automatically disabled
July 24, 2025 17:01
Pull Request is not mergeable
Contributor
|
@hugoShaka See the table below for backport results.
|
This was referenced Jul 24, 2025
vapopov
pushed a commit
that referenced
this pull request
Jul 24, 2025
* Gracefully fail when cannot do client tool update * Gracefully fail when cannot check the version
vapopov
pushed a commit
that referenced
this pull request
Jul 24, 2025
* Gracefully fail when cannot do client tool update * Gracefully fail when cannot check the version
github-merge-queue bot
pushed a commit
that referenced
this pull request
Aug 7, 2025
* Client-tools managed updates version caching (#54563) * Add profile integration to disable update and re-execution for specific cluster * Complete integration for the tctl and tsh * Add commands for tsh * Fix linter warnings * Add config file with version and disabling status * Move check out from helper * Fixed re-execution ignore if versions is identical * Move logic out from client * Remove helper package and profile integration * Fix argument parsing by filtering * Use same Darwin platform approach of package extraction for Linux Add client tools cleanup for V1 directories * Fix packaging unit test * Add cleanup for last recently used tools * Add migration from v1 for better support Show error log message about failed update/re-execution instead of failing command execution in case if updated binary was broken, modified or not able to validate signature * Add ignore the version check fail, add more debug information * Check update for commands `tsh ssh`, `tsh proxy ssh` Fixed creating `.tsh` subdirectory when TELEPORT_HOME is set Fix `tsh --proxy` flag parsing * Wraps client init function to check client tools managed update only when it requested for `tsh ssh` and `tsh proxy ssh` * Move filesystem lock to configuration library Configuration modification protected by lock, other process must wait until it is released * Rename command to `tsh update`, `tsh update --clear` * Add test for argument filtering * Update RFD Make max tools installed to be configurable and set to 3 by default * Replace "automatic updates" to "managed updates" * Updated comments to reflect the latest changes * Fix migration for older versions with two packages * CR changes * Prevent failing tools execution if configuration file is corrupted * Remove lock file as part of cleanup command * Added context to arguments * Use a separate Kingpin application for tctl, as is already done for tsh. Double parsing may cause issues since it is not stateless. * CTMU no longer uses a static path, any re-execution from the tools directory must disable further re-execution * Gracefully fail when cannot do client tools updates (#57142) * Gracefully fail when cannot do client tool update * Gracefully fail when cannot check the version * Fix printing empty usage and terminate CLI for parsing global flags (#57401) * Fix printing empty usage and terminate CLI for parsing global flags * Add test with check of both `--help` flag and `help` command that usage print is not empty and both identical. Add godoc clarification * Disable managed update check for version help command test --------- Co-authored-by: Hugo Shaka <hugo.hervieux@goteleport.com>
github-merge-queue bot
pushed a commit
that referenced
this pull request
Aug 7, 2025
* Client-tools managed updates version caching (#54563) * Add profile integration to disable update and re-execution for specific cluster * Complete integration for the tctl and tsh * Add commands for tsh * Fix linter warnings * Add config file with version and disabling status * Move check out from helper * Fixed re-execution ignore if versions is identical * Move logic out from client * Remove helper package and profile integration * Fix argument parsing by filtering * Use same Darwin platform approach of package extraction for Linux Add client tools cleanup for V1 directories * Fix packaging unit test * Add cleanup for last recently used tools * Add migration from v1 for better support Show error log message about failed update/re-execution instead of failing command execution in case if updated binary was broken, modified or not able to validate signature * Add ignore the version check fail, add more debug information * Check update for commands `tsh ssh`, `tsh proxy ssh` Fixed creating `.tsh` subdirectory when TELEPORT_HOME is set Fix `tsh --proxy` flag parsing * Wraps client init function to check client tools managed update only when it requested for `tsh ssh` and `tsh proxy ssh` * Move filesystem lock to configuration library Configuration modification protected by lock, other process must wait until it is released * Rename command to `tsh update`, `tsh update --clear` * Add test for argument filtering * Update RFD Make max tools installed to be configurable and set to 3 by default * Replace "automatic updates" to "managed updates" * Updated comments to reflect the latest changes * Fix migration for older versions with two packages * CR changes * Prevent failing tools execution if configuration file is corrupted * Remove lock file as part of cleanup command * Added context to arguments * Use a separate Kingpin application for tctl, as is already done for tsh. Double parsing may cause issues since it is not stateless. * CTMU no longer uses a static path, any re-execution from the tools directory must disable further re-execution * Gracefully fail when cannot do client tools updates (#57142) * Gracefully fail when cannot do client tool update * Gracefully fail when cannot check the version * Fix printing empty usage and terminate CLI for parsing global flags (#57401) * Fix printing empty usage and terminate CLI for parsing global flags * Add test with check of both `--help` flag and `help` command that usage print is not empty and both identical. Add godoc clarification * Disable managed update check for version help command test --------- Co-authored-by: Hugo Shaka <hugo.hervieux@goteleport.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR fixes a bug where client tools update fail to create/read
~/.tshand block the execution of tctl commands in container images. e.g.The PR does 3 changes:
TELEPORT_TOOLS_VERSION=offin our docker container to prevent it from even thinking about updating client toolsChangelog: Fix a bug causing
tctl/tshto fail on read-only file systems.Changelog: the
teleport-distrolesscontainer image now disables client tools updates by default (when using tsh/tctl, you will always use the version from the image). You can enable them back by unsetting theTELEPORT_TOOLS_VERSIONenvironment variable.