elastic
diff --git a/‎.mockery.yaml‎
Lines changed: 3 additions & 0 deletions b/‎.mockery.yaml‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎changelog/fragments/1757079091-fix-stale-upgrade-actions.yaml‎
Lines changed: 5 additions & 0 deletions b/‎changelog/fragments/1757079091-fix-stale-upgrade-actions.yaml‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎internal/pkg/agent/application/actions/handlers/handler_action_upgrade.go‎
Lines changed: 20 additions & 11 deletions b/‎internal/pkg/agent/application/actions/handlers/handler_action_upgrade.go‎
Lines changed: 20 additions & 11 deletions
diff --git a/‎internal/pkg/agent/application/actions/handlers/handler_action_upgrade_test.go‎
Lines changed: 148 additions & 0 deletions b/‎internal/pkg/agent/application/actions/handlers/handler_action_upgrade_test.go‎
Lines changed: 148 additions & 0 deletions
diff --git a/‎internal/pkg/agent/application/actions/handlers/handler_helpers.go‎
Lines changed: 1 addition & 1 deletion b/‎internal/pkg/agent/application/actions/handlers/handler_helpers.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎internal/pkg/agent/application/coordinator/coordinator.go‎
Lines changed: 60 additions & 12 deletions b/‎internal/pkg/agent/application/coordinator/coordinator.go‎
Lines changed: 60 additions & 12 deletions
@@ -23,6 +23,9 @@ packages:
       logLevelSetter:
         config:
           mockname: "LogLevelSetter"
+      upgradeCoordinator:
+        config:
+          mockname: "UpgradeCoordinator"
   github.com/elastic/elastic-agent/internal/pkg/fleetapi/acker:
     interfaces:
       Acker:
 
@@ -0,0 +1,5 @@
+kind: bug-fix
+summary: ensure failed upgrade actions are removed from queue and details are set
+component: elastic-agent
+pr: https://github.com/elastic/elastic-agent/pull/9634
+issue: https://github.com/elastic/elastic-agent/issues/9629
@@ -10,6 +10,8 @@ import (
 	"fmt"
 	"sync"
 
+	"github.com/elastic/elastic-agent-libs/logp"
+	"github.com/elastic/elastic-agent/internal/pkg/agent/application/coordinator"
 	"github.com/elastic/elastic-agent/internal/pkg/fleetapi"
 	"github.com/elastic/elastic-agent/internal/pkg/fleetapi/acker"
 	"github.com/elastic/elastic-agent/pkg/core/logger"
@@ -26,15 +28,17 @@ type Upgrade struct {
 	bkgCancel  context.CancelFunc
 	bkgMutex   sync.Mutex
 
-	tamperProtectionFn func() bool // allows to inject the flag for tests, defaults to features.TamperProtection
+	tamperProtectionFn           func() bool                                                                                                                            // allows to inject the flag for tests, defaults to features.TamperProtection
+	notifyUnitsOfProxiedActionFn func(ctx context.Context, log *logp.Logger, action dispatchableAction, ucs []unitWithComponent, performAction performActionFunc) error // allows to inject the function for tests, defaults to notifyUnitsOfProxiedAction
 }
 
 // NewUpgrade creates a new Upgrade handler.
 func NewUpgrade(log *logger.Logger, coord upgradeCoordinator) *Upgrade {
 	return &Upgrade{
-		log:                log,
-		coord:              coord,
-		tamperProtectionFn: features.TamperProtection,
+		log:                          log,
+		coord:                        coord,
+		tamperProtectionFn:           features.TamperProtection,
+		notifyUnitsOfProxiedActionFn: notifyUnitsOfProxiedAction,
 	}
 }
 
@@ -55,18 +59,23 @@ func (h *Upgrade) Handle(ctx context.Context, a fleetapi.Action, ack acker.Acker
 		return nil
 	}
 
+	var uOpts []coordinator.UpgradeOpt
 	if h.tamperProtectionFn() {
 		// Find inputs that want to receive UPGRADE action
 		// Endpoint needs to receive a signed UPGRADE action in order to be able to uncontain itself
 		state := h.coord.State()
 		ucs := findMatchingUnitsByActionType(state, a.Type())
 		if len(ucs) > 0 {
-			h.log.Debugf("handlerUpgrade: proxy/dispatch action '%+v'", a)
-			err := notifyUnitsOfProxiedAction(ctx, h.log, action, ucs, h.coord.PerformAction)
-			h.log.Debugf("handlerUpgrade: after action dispatched '%+v', err: %v", a, err)
-			if err != nil {
-				return err
-			}
+			h.log.Debugf("Found %d components running for %v action type", len(ucs), a.Type())
+			uOpts = append(uOpts, coordinator.WithPreUpgradeCallback(func(ctx context.Context, log *logger.Logger, action *fleetapi.ActionUpgrade) error {
+				log.Debugf("handlerUpgrade: proxy/dispatch action '%+v'", a)
+				err := h.notifyUnitsOfProxiedActionFn(ctx, log, action, ucs, h.coord.PerformAction)
+				log.Debugf("handlerUpgrade: after action dispatched '%+v', err: %v", a, err)
+				if err != nil {
+					return fmt.Errorf("failed to notify units of proxied action: %w", err)
+				}
+				return nil
+			}))
 		} else {
 			// Log and continue
 			h.log.Debugf("No components running for %v action type", a.Type())
@@ -75,7 +84,7 @@ func (h *Upgrade) Handle(ctx context.Context, a fleetapi.Action, ack acker.Acker
 
 	go func() {
 		h.log.Infof("starting upgrade to version %s in background", action.Data.Version)
-		if err := h.coord.Upgrade(asyncCtx, action.Data.Version, action.Data.SourceURI, action, false, false); err != nil {
+		if err := h.coord.Upgrade(asyncCtx, action.Data.Version, action.Data.SourceURI, action, uOpts...); err != nil {
 			h.log.Errorf("upgrade to version %s failed: %v", action.Data.Version, err)
 			// If context is cancelled in getAsyncContext, the actions are acked there
 			if !errors.Is(asyncCtx.Err(), context.Canceled) {
 
@@ -11,9 +11,17 @@ import (
 	"testing"
 	"time"
 
+	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/mock"
 	"github.com/stretchr/testify/require"
 
+	"github.com/elastic/elastic-agent-client/v7/pkg/client"
+	"github.com/elastic/elastic-agent-client/v7/pkg/proto"
+	"github.com/elastic/elastic-agent-libs/logp"
+	"github.com/elastic/elastic-agent/pkg/component/runtime"
+	mockhandlers "github.com/elastic/elastic-agent/testing/mocks/internal_/pkg/agent/application/actions/handlers"
+	mockAcker "github.com/elastic/elastic-agent/testing/mocks/internal_/pkg/fleetapi/acker"
+
 	"github.com/elastic/elastic-agent/internal/pkg/agent/application/coordinator"
 	"github.com/elastic/elastic-agent/internal/pkg/agent/application/info"
 	"github.com/elastic/elastic-agent/internal/pkg/agent/application/reexec"
@@ -368,6 +376,146 @@ func TestUpgradeHandlerNewVersion(t *testing.T) {
 	checkMsg(upgradeCalledChan, "8.5.0", "second call to Upgrade must be with version 8.5.0")
 }
 
+func TestEndpointPreUpgradeCallback(t *testing.T) {
+	ctx, cancel := context.WithCancel(t.Context())
+	defer cancel()
+
+	for _, tc := range []struct {
+		name                  string
+		upgradeAction         *fleetapi.ActionUpgrade
+		shouldProxyToEndpoint bool
+		coordUpgradeErr       error
+	}{
+		{
+			name: "error from coordinator upgrade with notify endpoint",
+			upgradeAction: &fleetapi.ActionUpgrade{
+				ActionType: fleetapi.ActionTypeUpgrade,
+				Data: fleetapi.ActionUpgradeData{
+					Version:   "255.0.0",
+					SourceURI: "http://localhost",
+				},
+			},
+			shouldProxyToEndpoint: true,
+			coordUpgradeErr:       errors.New("test error"),
+		},
+		{
+			name: "no error from coordinator upgrade with notify endpoint",
+			upgradeAction: &fleetapi.ActionUpgrade{
+				ActionType: fleetapi.ActionTypeUpgrade,
+				Data: fleetapi.ActionUpgradeData{
+					Version:   "255.0.0",
+					SourceURI: "http://localhost",
+				},
+			},
+			shouldProxyToEndpoint: true,
+		},
+		{
+			name: "error from coordinator upgrade without notify endpoint",
+			upgradeAction: &fleetapi.ActionUpgrade{
+				ActionType: fleetapi.ActionTypeUpgrade,
+				Data: fleetapi.ActionUpgradeData{
+					Version:   "255.0.0",
+					SourceURI: "http://localhost",
+				},
+			},
+			coordUpgradeErr: errors.New("test error"),
+		},
+		{
+			name: "no error from coordinator upgrade without notify endpoint",
+			upgradeAction: &fleetapi.ActionUpgrade{
+				ActionType: fleetapi.ActionTypeUpgrade,
+				Data: fleetapi.ActionUpgradeData{
+					Version:   "255.0.0",
+					SourceURI: "http://localhost",
+				},
+			},
+		},
+	} {
+		t.Run(tc.name, func(t *testing.T) {
+			mockCoordinator := mockhandlers.NewUpgradeCoordinator(t)
+
+			var coordState coordinator.State
+			if tc.shouldProxyToEndpoint {
+				coordState.Components = []runtime.ComponentComponentState{
+					{
+						Component: component.Component{
+							InputSpec: &component.InputRuntimeSpec{
+								Spec: component.InputSpec{
+									ProxiedActions: []string{fleetapi.ActionTypeUpgrade},
+								},
+							},
+							InputType: "endpoint",
+							Units: []component.Unit{
+								{
+									Type: client.UnitTypeInput,
+									Config: &proto.UnitExpectedConfig{
+										Type: "endpoint",
+									},
+								},
+							},
+						},
+					},
+				}
+
+				mockCoordinator.EXPECT().State().Return(coordState)
+			}
+
+			upgradeCalledChan := make(chan struct{})
+			mockCoordinator.EXPECT().Upgrade(mock.Anything, tc.upgradeAction.Data.Version, tc.upgradeAction.Data.SourceURI, mock.Anything, mock.Anything).
+				RunAndReturn(func(ctx context.Context, s string, s2 string, actionUpgrade *fleetapi.ActionUpgrade, opt ...coordinator.UpgradeOpt) error {
+					upgradeCalledChan <- struct{}{}
+					return tc.coordUpgradeErr
+				})
+
+			log, _ := logger.New("", false)
+			u := NewUpgrade(log, mockCoordinator)
+			u.tamperProtectionFn = func() bool { return tc.shouldProxyToEndpoint }
+
+			notifyUnitsCalled := atomic.Bool{}
+			u.notifyUnitsOfProxiedActionFn = func(ctx context.Context, log *logp.Logger, action dispatchableAction, ucs []unitWithComponent, performAction performActionFunc) error {
+				notifyUnitsCalled.Store(true)
+				return nil
+			}
+
+			ack := mockAcker.NewAcker(t)
+
+			if tc.coordUpgradeErr != nil {
+				// on a coordinator upgrade error we should ack and commit all the bkg actions
+				ack.EXPECT().Ack(mock.Anything, mock.Anything).Return(nil)
+				ack.EXPECT().Commit(mock.Anything).Return(nil)
+			}
+
+			err := u.Handle(ctx, tc.upgradeAction, ack)
+			require.NoError(t, err, "Handle should not return an error")
+
+			select {
+			case <-upgradeCalledChan:
+				break
+			case <-time.After(10 * time.Second):
+				t.Fatal("mockCoordinator.Upgrade was not called in time")
+			}
+
+			// notifyUnitsOfProxiedActionFn should only ever be passed as a PreUpgradeCallback to the coordinator upgrader.
+			// This assertion guards against it being called directly in this context.
+			assert.False(t, notifyUnitsCalled.Load(), "notifyUnitsOfProxiedActionFn should not be called")
+
+			assert.Eventually(t, func() bool {
+				u.bkgMutex.Lock()
+				defer u.bkgMutex.Unlock()
+				if tc.coordUpgradeErr == nil {
+					// yes this is counter-intuitive but when the coordinator upgrade returns a nil error
+					// actions are not cleaned from bkgActions. This is most likely because after a successful upgrade
+					// the expectation is for an agent to restart and thus the bkgActions will be lost.
+					// NOTE if bkgActions gets to be persisted in the future this logic needs to change.
+					return len(u.bkgActions) == 1
+				} else {
+					return len(u.bkgActions) == 0
+				}
+			}, 10*time.Second, 100*time.Millisecond)
+		})
+	}
+}
+
 type fakeAcker struct {
 	mock.Mock
 }
 
@@ -28,7 +28,7 @@ type actionCoordinator interface {
 
 type upgradeCoordinator interface {
 	actionCoordinator
-	Upgrade(ctx context.Context, version string, sourceURI string, action *fleetapi.ActionUpgrade, skipVerifyOverride bool, skipDefaultPgp bool, pgpBytes ...string) error
+	Upgrade(ctx context.Context, version string, sourceURI string, action *fleetapi.ActionUpgrade, opts ...coordinator.UpgradeOpt) error
 }
 
 type performActionFunc func(context.Context, component.Component, component.Unit, string, map[string]interface{}) (map[string]interface{}, error)
 
@@ -695,19 +695,45 @@ func (c *Coordinator) Migrate(ctx context.Context, action *fleetapi.ActionMigrat
 	return nil
 }
 
-// Upgrade runs the upgrade process.
-// Called from external goroutines.
-func (c *Coordinator) Upgrade(ctx context.Context, version string, sourceURI string, action *fleetapi.ActionUpgrade, skipVerifyOverride bool, skipDefaultPgp bool, pgpBytes ...string) error {
-	// early check outside of upgrader before overriding the state
-	if !c.upgradeMgr.Upgradeable() {
-		return ErrNotUpgradable
+type upgradeOpts struct {
+	skipVerifyOverride bool
+	skipDefaultPgp     bool
+	pgpBytes           []string
+	preUpgradeCallback func(ctx context.Context, log *logger.Logger, action *fleetapi.ActionUpgrade) error
+}
+
+type UpgradeOpt func(*upgradeOpts)
+
+func WithSkipVerifyOverride(skipVerifyOverride bool) UpgradeOpt {
+	return func(opts *upgradeOpts) {
+		opts.skipVerifyOverride = skipVerifyOverride
 	}
+}
 
-	// early check capabilities to ensure this upgrade actions is allowed
-	if c.caps != nil {
-		if !c.caps.AllowUpgrade(version, sourceURI) {
-			return ErrNotUpgradable
-		}
+func WithSkipDefaultPgp(skipDefaultPgp bool) UpgradeOpt {
+	return func(opts *upgradeOpts) {
+		opts.skipDefaultPgp = skipDefaultPgp
+	}
+}
+
+func WithPgpBytes(pgpBytes []string) UpgradeOpt {
+	return func(opts *upgradeOpts) {
+		opts.pgpBytes = pgpBytes
+	}
+}
+
+func WithPreUpgradeCallback(preUpgradeCallback func(ctx context.Context, log *logger.Logger, action *fleetapi.ActionUpgrade) error) UpgradeOpt {
+	return func(opts *upgradeOpts) {
+		opts.preUpgradeCallback = preUpgradeCallback
+	}
+}
+
+// Upgrade runs the upgrade process.
+// Called from external goroutines.
+func (c *Coordinator) Upgrade(ctx context.Context, version string, sourceURI string, action *fleetapi.ActionUpgrade, opts ...UpgradeOpt) error {
+	var uOpts upgradeOpts
+	for _, opt := range opts {
+		opt(&uOpts)
 	}
 
 	// A previous upgrade may be cancelled and needs some time to
@@ -737,7 +763,29 @@ func (c *Coordinator) Upgrade(ctx context.Context, version string, sourceURI str
 	det := details.NewDetails(version, details.StateRequested, actionID)
 	det.RegisterObserver(c.SetUpgradeDetails)
 
-	cb, err := c.upgradeMgr.Upgrade(ctx, version, sourceURI, action, det, skipVerifyOverride, skipDefaultPgp, pgpBytes...)
+	// early check outside of upgrader before overriding the state
+	if !c.upgradeMgr.Upgradeable() {
+		det.Fail(ErrNotUpgradable)
+		return ErrNotUpgradable
+	}
+
+	// early check capabilities to ensure this upgrade actions is allowed
+	if c.caps != nil {
+		if !c.caps.AllowUpgrade(version, sourceURI) {
+			det.Fail(ErrNotUpgradable)
+			return ErrNotUpgradable
+		}
+	}
+
+	// run any pre upgrade callback
+	if uOpts.preUpgradeCallback != nil {
+		if err := uOpts.preUpgradeCallback(ctx, c.logger, action); err != nil {
+			det.Fail(err)
+			return err
+		}
+	}
+
+	cb, err := c.upgradeMgr.Upgrade(ctx, version, sourceURI, action, det, uOpts.skipVerifyOverride, uOpts.skipDefaultPgp, uOpts.pgpBytes...)
 	if err != nil {
 		c.ClearOverrideState()
 		if errors.Is(err, upgrade.ErrUpgradeSameVersion) {
Original file line number	Diff line number	Diff line change
`@@ -28,7 +28,7 @@ type actionCoordinator interface {`
`28`	`28`
`29`	`29`	`type upgradeCoordinator interface {`
`30`	`30`	`actionCoordinator`
`31`		`- Upgrade(ctx context.Context, version string, sourceURI string, action *fleetapi.ActionUpgrade, skipVerifyOverride bool, skipDefaultPgp bool, pgpBytes ...string) error`
	`31`	`+ Upgrade(ctx context.Context, version string, sourceURI string, action *fleetapi.ActionUpgrade, opts ...coordinator.UpgradeOpt) error`
`32`	`32`	`}`
`33`	`33`
`34`	`34`	`type performActionFunc func(context.Context, component.Component, component.Unit, string, map[string]interface{}) (map[string]interface{}, error)`