Feature request: block supervisor auto-updates

UPDATE

The suggested workaround is now impractical because it has negative consequences.

The workaround suggests modifying Supervisor’s source code. Since Supervisor version 2021.05.3 it detects changes to its source code and marks your instance as Unsupported and Unhealthy (and then you can’t add/update Add-Ons or update Home Assistant).

There is a command line option to disable checking for source code modifications. If disabled, it simply flags your instance as Unsupported. However, in version 2021.05.4 that option broke. Even if disabled, it still marks the instance as Unsupported and Unhealthy. I reported the bug as an issue a week ago (and there has been no reply yet).

1 Like

Is this new? Or if I ignore it will it just install itself at some point?

It gives you a heads-up but if you do nothing it will update itself automatically.

There’s no ability to skip the update or postpone it temporarily.

2 Likes

+1 for this. I find it absurd that we’re resorting to blocking outgoing connections, this isn’t a chinese ip camera.

The pros have already been discussed thoroughly. If there are reasons to keep this feature that we don’t know about it would be great to hear them so we can understand why things work like they do.

Is this feature documented somewhere? Couldn’t find it.

2 Likes

+1, my network bandwidth is limited as pi is running under a prepay mobile data sim.

+1

My HomeAssistant install keeps breaking because Supervisor gets updated, but core does not. I end up with a broken system on reboot, which I inevitably find out about when I’m trying to go to bed and wondering why lights won’t turn off.

Having to implement blocks at DNS level to prevent a piece of open-source software from updating is beyond insane.

I wouldn’t be averse to creating a PR, but from How to stop supervisor auto-update? - #18 by john-arvid it looks like it wouldn’t actually be accepted on some (IMO) fairly spurious principle

4 Likes

I just wanted to chime in. My HA installation just broke because of the Supervisor happily updating and the rest of the system kept on a stable known-to-work version. I finally decided to upgrade, and I could not even create a backup (!). Or more, precisely, a backup was created but it was not being listed for download.

When trying to figure out what was wrong, I noticed the following:

For God’s sake, how can a system update itself into an unsupported installation ?
EDIT: just for reference, this is not something like 3-year-old setup left unattended. It was installed from scratch 10 months ago. And now I could not backup the config without an upgrade of the whole system. This is ridiculous.

For what is worth, I am thinking of nuking this setup and installing HA Container where I can control what is updated and when. Any auto-updating system should be relegated to testing/development usage and not production, especially one that integrates with real-world hardware.

1 Like

And it looks like you have not applied a single one of the ten updates update since then

1ba7a0d2e763071577c9529fb502a29221094e8a

Falling behind like this is a sure fire way to court disaster.

Could you elaborate on that? I cannot envision any possible disaster resulting from not updating, it’s usually the opposite. Updates break things, I know that because I write software for a living.

The update I did today broke my tuya integration, my looko2 integration and needed re-auth from netatmo. Now I need to install some chinese app just to operate my thermostat. Are you saying that people click “update” every month and have fun resolving the incompatibility issues on a regular basis?

You answered your own question:

Each update can introduce a small breaking change or two. Not an issue if you deal with it at the time. One update a month. If the breaking change affects you it is almost always a simple fix.

If you let the updates accumulate so that you have to deal with 10 months of breaking changes at once when you have to update due to a vital security patch or OS update, you are going to have a very bad time.

That is exactly what I am saying and yes that is what smart people do (second graph).

Keep your system up to date. Once a month is not onerous.

You answered your own question

Not really, although I haven’t stated it explicitly. My question is what possible disaster can come from not updating.

Thanks for the statistics though, it’s very informative.

An insecure system vulnerable to intrusion. There has been at least one major update to address this.

Goodness me! This is still not implemented. How hard can it be?

I ended up blocking version.home-assistant.io in DNS. I have subscribed to receive release notifications for each add on as well as core and supervisor so when there is an update I read the release notes, take a full backup, remove the DNS block update and put the DNS block back on. It’s a pain but at least I have an option to update as and when I can. Rather than this happening when I’m away and losing my whole setup. By the way that did happen already!

  1. Does blocking version.home-assistant.io prevent that supervisor is updated too?
  2. Is there a way to install a Hassos image with its original version of the supervisor?

Thanks

  1. Yes. Essentially blocking this URL prevents HA from checking and downloading new versions therefore it is not able to update supervisor. This also stops all add ons from downloading their updates which is not really useful as add ons can be prevented from auto update.
  2. I’m not sure I understand your question.

This also stops all add ons from downloading their updates

This is not correct. The addon versions are queried from Github.

I can confirm that this blocks add ons updates on my system as well as supervisor and core. It may not block downloading the add on updates, they all come from github… but it certainly stops add ons, supervisor and core from checking for updates and showing that an update is available hence at least core and supervisor won’t do an auto update.

Finally, they added a toggle for supervisor auto-updates :slight_smile:

3 Likes

Nice! When to be expected to arrive in a productive release?