Open AntonAM opened 1 month ago
Related RCA. A customer downloaded the OSS version of Teleport instead of the enterprise one during a downgrade.
Instead of adding stubs (which would have to be maintained and kept in sync), I wonder if we could detect this problem much earlier. I was thinking of a warning when the OSS version notices auth_service.license_file
. OTOH it'd be hard to see the warning itself – the customer noticed the problem only after they tried to log in with SSO which returned 404.
Another idea I had was a banner alert, but I think to see it you need to first log in.
So maybe I'm overthinking it and a stub for the login endpoints would be enough?
What would you like Teleport to do?
We should add stubs for the enterprise endpoints into OSS version, such as SSO logins, which can clearly indicate that user is trying to access enterprise-only functionality on the OSS cluster. Currently it just returns 404, which makes it harder to understand what is wrong (this caused a S1 incident for a customer after manual upgrade with wrong binary).