Client tools auto update #47466
Client tools auto update #47466
Conversation
vapopov
added
the
no-changelog
| return 0, trace.Errorf("invalid size") | ||
| } | ||
| avail := stat.Bavail * uint64(stat.Bsize) | ||
| avail := uint64(stat.Bavail) * uint64(stat.Bsize) |
There was a problem hiding this comment.
This change related to this comment #47060 (comment)
also I'm locally checking linter for warnings related touint64(stat.Bavail)
vapopov
force-pushed
the
vapopov/client-auto-update
branch
from
5bc4215
to
ddcbaf9
Compare
Move integration tests to client tools specific dir Use context cancellation with SIGTERM, SIGINT Remove cancelable tee reader with context replacement Renaming
Fix archive cleanup if hash is not valid Limit the archive write bytes
vapopov
force-pushed
the
vapopov/client-auto-update
branch
from
144d573
to
d5dd770
Compare
vapopov
force-pushed
the
vapopov/client-auto-update
branch
from
355c675
to
5f5688e
Compare
Base URL renaming
Replace hash for bytes matching Proper temp file close for archive download
vapopov
force-pushed
the
vapopov/client-auto-update
branch
from
c860415
to
b019206
Compare
|
@hugoShaka note lib/modules might not work for tbot: #47565 (comment) |
lib/autoupdate/fips_enabled.go
Outdated
| @@ -0,0 +1,25 @@ | |||
| //go:build fips | |||
There was a problem hiding this comment.
@zmb3 should I move this one to lib/modules to identify if the build supports the FIPS? Or there already a way to get this info from modules package
There was a problem hiding this comment.
I think this is present as modules.GetModules().IsBoringCrypto() -- BoringCrypto is FIPS validated
I think tbot should be considered an agent like teleport and be updated by the agent updater we're building (as opposed to tools self-update). According to the RFD we going to have a single agent updater for oss, ent, fips and it will figure out the right build from /find or /ping rather than any existing binary version or build flag. So I think everything will fit nicely? |
|
@hugoShaka tbot also has a oneshot mode for CI/CD use cases. The current (possibly only verbally discussed) plan is to allow tbot to be upgraded through either method. But this may not ship in the first release of client tools updates. |
|
@avatus @EdwardDowling would appreciate your review, need one more approval |
public-teleport-github-review-bot
bot
removed the request for review
from EdwardDowling
* Add client tools auto update * Replace fork for posix platform for re-exec Move integration tests to client tools specific dir Use context cancellation with SIGTERM, SIGINT Remove cancelable tee reader with context replacement Renaming * Fix syscall path execution Fix archive cleanup if hash is not valid Limit the archive write bytes * Cover the case with single package for darwin platform after v17 * Move updater logic to tools package * Move context out from the library Base URL renaming * Add more context in comments * Changes in find endpoint * Replace test http server with `httptest` Replace hash for bytes matching Proper temp file close for archive download * Add more context to comments * Move feature flag to main package to be reused * Constant rename * Replace build tag with lib/modules to identify enterprise build * Replace fips tag with modules flag
* Add client tools auto update * Replace fork for posix platform for re-exec Move integration tests to client tools specific dir Use context cancellation with SIGTERM, SIGINT Remove cancelable tee reader with context replacement Renaming * Fix syscall path execution Fix archive cleanup if hash is not valid Limit the archive write bytes * Cover the case with single package for darwin platform after v17 * Move updater logic to tools package * Move context out from the library Base URL renaming * Add more context in comments * Changes in find endpoint * Replace test http server with `httptest` Replace hash for bytes matching Proper temp file close for archive download * Add more context to comments * Move feature flag to main package to be reused * Constant rename * Replace build tag with lib/modules to identify enterprise build * Replace fips tag with modules flag
In this PR implemented logic for client tools auto update {tsh, tctl} described in this RFD #39805
Update logic downloads Teleport binaries from CDN, extracts data in tools sub-directory (going to be used
$TELEPORT_HOME/bin/{UUID-update-pkg}/{tsh,tctl}) and creates symlinks for {tsh,tctl} to$TELEPORT_HOME/bin/{tsh,tctl}.Added integration tests which compiles updater binary with update logic only to simulate command execution with requested version to downloads them from fake test CDN server.