Teleport auth should refuse to start when jumping major versions #41782
Assignees
Labels
feature-request
Used for new features in Teleport, improvements to current should be #enhancements
Comments
r0mant
added
the
feature-request
vapopov
added a commit
that referenced
this issue
Jun 25, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
From time to time we get S1's from folks who attempt to jump multiple major versions at once when upgrading despite our compatibility guarantees that state that only adjacent major upgrades are supported. This leads to corrupted backend, broken cluster and lengthy recovery time.
Let's prevent these situations by having auth to just refuse to start when it detects an incompatible upgrade path is being attempted. One way to implement this would be to have auth save its version in the backend and then check it the first thing during startup to make sure that last "saved" version is not more than 1 major version behind, and abort startup if it is before any backend migrations are done, and exit with an error exit code and a clear error message explaining that this is unsupported upgrade path and linking to the compatibility documentation.
The text was updated successfully, but these errors were encountered: