[BUG]: Self-update not running to install security updates.

[floushee]

What happened?

We got notified through a tool (Tenable) that there are security issues with our installed Azure DevOps agents. In our case these have the version 2.188.3.0 (Environment -> VM Resources).

My current knowledge makes me believe that the agents are capable to self-update if they require a newer version because of the pipeline that is executed.

It took us a while to find a workaround to update them manually using auto generated deployment pools in the organizations settings.

This leads me to my question. Should the agents also execute a self-update to fix security patches? In our case an issue that was fixed by the 2.217.2 version. I am currently not sure if we have a problem locally that prevents the self-update, or if this isn't a "feature" in the first place?

Versions

Azure DevOps agent 2.188.3.0

Environment type (Please select at least one enviroment where you face this issue)

• Self-Hosted
• Microsoft Hosted
• VMSS Pool
• Container

Azure DevOps Server type

dev.azure.com (formerly visualstudio.com)

Azure DevOps Server Version (if applicable)

No response

Operation system

Windows Server 2019 Standard

Version controll system

No response

Relevant log output

The only issue I found in the logs that might be related to this issue are these:

[2023-12-04 12:08:36Z INFO VisualStudioServices] Starting operation Location.GetConnectionData
[2023-12-04 12:08:36Z WARN VisualStudioServices] Authentication failed with status code 401.

[DenisNikulin5]

Hi @floushee thanks for reporting! We are working on more prioritized issues at the moment but will get back to this one soon.

[github-actions]

This issue has had no activity in 180 days. Please comment if it is not actually stale