In our setup, we have a few environments which are for a private cloud hosting provider. The provider performs all the updates to all of our applications themselves on a regular basis. Prior to using Octopus Deploy, this was accomplished by essentially sending them a binary installer, which they would then apply to all their machines. Now, this is accomplished by giving them access to the OD Server with deployment permissions for their environments; they log in to the server and hit the deploy button when they are ready to deploy (which honestly works much nicer and is much more reliable and verifiable).
However, because they understandably still want to have control over their own machines and the applications installed on them, we are not able to push updates to the tentacles on their machines (they are currently version locked so they don’t get auto-updated when we update the server). We would like to give them the ability to push the tentacle update from the server, since they will be working there anyway. Is it possible to restrict their permissions so they can only push updates to targets in specific environments (but not make any other changes to those targets), or do we have to arrange for them to manually run the installer on each machine?
Thanks for getting in touch! Running the installer manually may be the only option here unfortunately, as you require special permissions to allow Tentacles to upgrade, which would open up too many permissions.
Tentacle does not need constant upgrading as Tentacle is currently coupled to Octopus so its version changes with every Octopus Server release even if there are no direct Tentacle changes. This may mean that they do not have to upgrade Tentacle as often as is currently occurring.
Understood. Is there an easy way to determine if there were updates made to Tentacle within a given version? We’re anticipating the release of 3.4, and will likely be updating all components at that time, but I also want to make sure we are caught up on any security or bug fixes that may impact our deployments, and the notes don’t seem to explicitly call out server vs tentacle changes without diving into every issue.
Thanks for getting back! Currently we have no way to separate the server/Tentacle release notes. We are hoping to be able to uncouple these release notes some time soon. However, generally updating the Tentacle every Major/Minor release is good practice. If we ever require a force update due to some form of security issue, we will make sure to let everyone know that it is required.
I hope that answers your questions. Please don’t hesitate to get in touch if I can clarify this further or if you have any more questions.
This issue has been closed due to inactivity. If you encounter the same or a similar issue and require help, please open a new discussion (if we asked for logs or extra details in this thread, consider including them in the new thread). If you are the creator of this thread and believe it should not be closed let us know via our support email.