How to abort the deployment if the download_enter state script fails

Hi,

As part of our customer requirement, downgrading of SW installed in the system should not be possible. I see there is no direct support for this feature using free version of mender.

Mender Client version: 2.6

I tried to achieve this functionality by using state script. I am executing the state script in Download_Enter state. The state script checks for the current artifact version and the incoming artifact version. If the new version is lower than the current version it exits with return code ‘1’.

During the testing I noticed that although the mender client aborts the deployment , the deployment status is still in progress in the mender server.

Status seen in mender server:
"downloading:
Executing script: Download_Enter_02_compare-artifact-version
"

If the box is restarted or the mender client is restarted, the download check is happening again. The client aborts the software update, but in the server the status is still in deployment.

Any idea how to abort the deployment also in the server when the download_enter state script fails?
Any other idea to do the version check is also welcome.

Logs:

Sep 29 07:49:21 mender[426]: time=“2021-09-29T07:49:21Z” level=info msg=“State transition: check-wait [Idle] → inventory-update [Sync]”
Sep 29 07:49:23 mender[426]: time=“2021-09-29T07:49:23Z” level=info msg=“State transition: inventory-update [Sync] → check-wait [Idle]”
Sep 29 07:49:23 mender[426]: time=“2021-09-29T07:49:23Z” level=info msg=“State transition: check-wait [Idle] → update-check [Sync]”
Sep 29 07:49:24 mender[426]: time=“2021-09-29T07:49:24Z” level=info msg="Correct request for getting image from: “…”
Sep 29 07:49:24 mender[426]: time=“2021-09-29T07:49:24Z” level=info msg=“State transition: update-check [Sync] → update-fetch [Download_Enter]”
Sep 29 07:49:24 mender[426]: time=“2021-09-29T07:49:24Z” level=info msg=“Executing script: Download_Enter_02_compare-artifact-version”
Sep 29 07:49:25 mender[426]: time=“2021-09-29T07:49:25Z” level=error msg=“transient error: error calling enter script for (error) update-fetch state: error running enter state script(s) for Download_Enter state: statescript: error executing ‘Download_Enter_02_compare-artifact-version’: 1 : exit status 1”
Sep 29 07:49:25 mender[426]: time=“2021-09-29T07:49:25Z” level=info msg=“State transition: update-fetch [Download_Enter] → error [Error]”
Sep 29 07:49:25 mender[426]: time=“2021-09-29T07:49:25Z” level=info msg=“Handling error state, current error: transient error: error calling enter script for (error) update-fetch state: error running enter state script(s) for Download_Enter state: statescript: error executing ‘Download_Enter_02_compare-artifact-version’: 1 : exit status 1”
Sep 29 07:49:25 mender[426]: time=“2021-09-29T07:49:25Z” level=info msg=“State transition: error [Error] → idle [Idle]”
Sep 29 07:49:25 mender[426]: time=“2021-09-29T07:49:25Z” level=info msg=“State transition: idle [Idle] → check-wait [Idle]”

Thanks & Regards,
Vinothkumar

Assuming ur only using one type of update (say a rootfs) for this example, then I think I would consider going the route of a custom update module:

See here for the docs:
https://docs.mender.io/artifact-creation/create-a-custom-update-module

There is a sample implementation here for an update module that checks the version and makes sure that it never goes backward.

It looks like there is no error flow when using the Download state scripts. This is consistent with your report of the deployment being still active. It may be possible to use an ArtifactIInstall_Enter state script to get the desired behavior rather than using a custom update module.

Drew

I believe that the status reporting mechanism for the deployment is activated right after Download_Enter, so the first two places where it’s possible to report failure is either inside Download (if using an Update Module), or in Download_Leave (if using a state script).