Feature request: block supervisor auto-updates

I think they care… considering the effort required to get HA to this point… they care :smile:

What I’ve not seen (and not searched for…maybe it’s written down somewhere) are the reasons why this feature can’t be implemented. Perhaps it’s on the roadmap, perhaps it has been considered, perhaps it’s waaaaay more complex than anyone can implement? Perhaps the HA devs just don’t want it. Perhaps they want it too, but it’s 1 of millions of other FRs?

Personally, I just want auto-updates to check for an update, but not to actually install it. Which seems ok, but what if I don’t check for [insert long period of time] - would the updater actually work any more? Maybe that’s the problem?

I also use pfSense at home and because it’s my gateway to the internet, I have not updated it recently because I cannot afford for the upgrade to fail whilst we’re all working & learning from home. However, I’m quite happy to plan for a weekend when I’m not working and the family aren’t glued to the internet. Then, after breakfast, I can backup my current system, check I have the old firmware to rollback (just in case) and then perform the backup at a relaxed time, during daylight hours…

Every single time I do that, I barely finish my coffee and we’re up & running again

If I could do that with HA, then I’d be happy :relieved:

I’m not wanting to block URLs, or freeze my system “forever” and I’m quite open minded that HA is on a very fast development cycle at the moment, but, sometimes, I just need a day or two before I’m ready for the upgrade.

1 Like

Don’t conflate Home Assistant Core (HA) with Supervisor. They are two different software projects, each with its own GitHub repo and development team. Currently, there are two active developers for Supervisor. Historically, it was the invention of one person who had little time to implement Feature Requests. If you look at the repo, they also have very little time to resolve Issues.

In contrast, Home Assistant Core has a large team of paid developers plus a small army of volunteer developers. New functionality is added regularly and Feature Requests are occasionally implemented. It’s much more open to user input, whereas the Supervisor project is comparatively insular.

As for a roadmap, if any of the projects (Core, Supervisor, Operating System, etc) have one, it’s never been shared publicly. In other words, it doesn’t exist.


If you’re interested, you may also wish to vote for the following Feature Request:

3 Likes

UPDATE

The suggested workaround is now impractical because it has negative consequences.

The workaround suggests modifying Supervisor’s source code. Since Supervisor version 2021.05.3 it detects changes to its source code and marks your instance as Unsupported and Unhealthy (and then you can’t add/update Add-Ons or update Home Assistant).

There is a command line option to disable checking for source code modifications. If disabled, it simply flags your instance as Unsupported. However, in version 2021.05.4 that option broke. Even if disabled, it still marks the instance as Unsupported and Unhealthy. I reported the bug as an issue a week ago (and there has been no reply yet).

1 Like

Is this new? Or if I ignore it will it just install itself at some point?

It gives you a heads-up but if you do nothing it will update itself automatically.

There’s no ability to skip the update or postpone it temporarily.

2 Likes

+1 for this. I find it absurd that we’re resorting to blocking outgoing connections, this isn’t a chinese ip camera.

The pros have already been discussed thoroughly. If there are reasons to keep this feature that we don’t know about it would be great to hear them so we can understand why things work like they do.

Is this feature documented somewhere? Couldn’t find it.

2 Likes

+1, my network bandwidth is limited as pi is running under a prepay mobile data sim.

+1

My HomeAssistant install keeps breaking because Supervisor gets updated, but core does not. I end up with a broken system on reboot, which I inevitably find out about when I’m trying to go to bed and wondering why lights won’t turn off.

Having to implement blocks at DNS level to prevent a piece of open-source software from updating is beyond insane.

I wouldn’t be averse to creating a PR, but from How to stop supervisor auto-update? - #18 by john-arvid it looks like it wouldn’t actually be accepted on some (IMO) fairly spurious principle

4 Likes

I just wanted to chime in. My HA installation just broke because of the Supervisor happily updating and the rest of the system kept on a stable known-to-work version. I finally decided to upgrade, and I could not even create a backup (!). Or more, precisely, a backup was created but it was not being listed for download.

When trying to figure out what was wrong, I noticed the following:

For God’s sake, how can a system update itself into an unsupported installation ?
EDIT: just for reference, this is not something like 3-year-old setup left unattended. It was installed from scratch 10 months ago. And now I could not backup the config without an upgrade of the whole system. This is ridiculous.

For what is worth, I am thinking of nuking this setup and installing HA Container where I can control what is updated and when. Any auto-updating system should be relegated to testing/development usage and not production, especially one that integrates with real-world hardware.

1 Like

And it looks like you have not applied a single one of the ten updates update since then

1ba7a0d2e763071577c9529fb502a29221094e8a

Falling behind like this is a sure fire way to court disaster.

Could you elaborate on that? I cannot envision any possible disaster resulting from not updating, it’s usually the opposite. Updates break things, I know that because I write software for a living.

The update I did today broke my tuya integration, my looko2 integration and needed re-auth from netatmo. Now I need to install some chinese app just to operate my thermostat. Are you saying that people click “update” every month and have fun resolving the incompatibility issues on a regular basis?

You answered your own question:

Each update can introduce a small breaking change or two. Not an issue if you deal with it at the time. One update a month. If the breaking change affects you it is almost always a simple fix.

If you let the updates accumulate so that you have to deal with 10 months of breaking changes at once when you have to update due to a vital security patch or OS update, you are going to have a very bad time.

That is exactly what I am saying and yes that is what smart people do (second graph).

Keep your system up to date. Once a month is not onerous.

You answered your own question

Not really, although I haven’t stated it explicitly. My question is what possible disaster can come from not updating.

Thanks for the statistics though, it’s very informative.

An insecure system vulnerable to intrusion. There has been at least one major update to address this.

Goodness me! This is still not implemented. How hard can it be?

I ended up blocking version.home-assistant.io in DNS. I have subscribed to receive release notifications for each add on as well as core and supervisor so when there is an update I read the release notes, take a full backup, remove the DNS block update and put the DNS block back on. It’s a pain but at least I have an option to update as and when I can. Rather than this happening when I’m away and losing my whole setup. By the way that did happen already!

  1. Does blocking version.home-assistant.io prevent that supervisor is updated too?
  2. Is there a way to install a Hassos image with its original version of the supervisor?

Thanks

  1. Yes. Essentially blocking this URL prevents HA from checking and downloading new versions therefore it is not able to update supervisor. This also stops all add ons from downloading their updates which is not really useful as add ons can be prevented from auto update.
  2. I’m not sure I understand your question.

This also stops all add ons from downloading their updates

This is not correct. The addon versions are queried from Github.

I can confirm that this blocks add ons updates on my system as well as supervisor and core. It may not block downloading the add on updates, they all come from github… but it certainly stops add ons, supervisor and core from checking for updates and showing that an update is available hence at least core and supervisor won’t do an auto update.