# Update

Update a tenant's services to the latest version

Secrets Management: This command supports multiple options for secrets management:

* infisical: Use Infisical as a dedicated secrets manager
* aws-secretsmanager: Use AWS Secrets Manager
* custom: Use environment variables (recommended when using tools like "infisical run" or AWS CLI)

For custom secrets provider, inject secrets as environment variables before running the command. Example: infisical run -- sfp server update --tenant my-app --secrets-provider custom

* [`sfp server update`](#sfp-server-update)

## `sfp server update`

Update a tenant's services to the latest version

```
USAGE
  $ sfp server update -t <value> [-j] [--skip-backup] [--base-dir <value>] [--supabase-working-dir <value>]
    [--passphrase <value> [--identity-file <value> --ssh-connection <value>]] [-r <value>] [--docker-tag pr-123-dev]
    [--restart] [--config-file ./server-config.json] [--continue-on-db-migration-failure] [--infisical-token <value>
    --secrets-provider infisical|aws-secretsmanager|custom] [--aws-region <value> ] [--aws-access-key-id <value> ]
    [--aws-secret-access-key <value> ] [-g <value>...] [--loglevel
    trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL]

FLAGS
  -g, --logsgroupsymbol=<value>...
      Symbol used by CICD platform to group/collapse logs in the console. Provide an opening group, and an optional
      closing group symbol.

  -j, --[no-]json
      Output in JSON format

  -r, --cadence=<value>
      [default: latest] The default cadence to use for cli updates (default: latest)

  -t, --tenant=<value>
      (required) Name of the tenant to update

  --aws-access-key-id=<value>
      AWS access key ID. Optional when secrets-provider is "aws-secretsmanager" (can use instance profile).

  --aws-region=<value>
      AWS region for Secrets Manager. Required only when secrets-provider is "aws-secretsmanager".

  --aws-secret-access-key=<value>
      AWS secret access key. Optional when secrets-provider is "aws-secretsmanager" (can use instance profile).

  --base-dir=<value>
      [default: ./sfp-server] Base Directory which contains the sfp-server

  --config-file=./server-config.json
      Path to JSON config file containing server configuration values

  --[no-]continue-on-db-migration-failure
      Continue update process even if database migrations fail

  --docker-tag=pr-123-dev
      Docker image tag to deploy (overrides cadence)

  --identity-file=<value>
      Path to SSH private key file

  --infisical-token=<value>
      Infisical API token. Required only when secrets-provider is "infisical".

  --loglevel=<option>
      [default: info] logging level for this command invocation
      <options: trace|debug|info|warn|error|fatal|TRACE|DEBUG|INFO|WARN|ERROR|FATAL>

  --passphrase=<value>
      Passphrase for the SSH private key if required

  --[no-]restart
      Restart services after update

  --secrets-provider=<option>
      [default: custom] Secret provider to use for managing secrets. Available options:
      - infisical: Use Infisical as secrets provider
      - aws-secretsmanager: Use AWS Secrets Manager
      - custom: Use environment variables (suitable when using external tools like "infisical run" or AWS CLI)
      <options: infisical|aws-secretsmanager|custom>

  --skip-backup
      Skip backing up current configuration

  --ssh-connection=<value>
      SSH connection string in the format user@host[:port]

  --supabase-working-dir=<value>
      Working directory which contains supabase configuration

DESCRIPTION
  Update a tenant's services to the latest version

  Secrets Management:
  This command supports multiple options for secrets management:
  - infisical: Use Infisical as a dedicated secrets manager
  - aws-secretsmanager: Use AWS Secrets Manager
  - custom: Use environment variables (recommended when using tools like "infisical run" or AWS CLI)

  For custom secrets provider, inject secrets as environment variables before running the command.
  Example: infisical run -- sfp server update --tenant my-app --secrets-provider custom

EXAMPLES
  $ sfp server update --tenant my-tenant
  Update the server for tenant 'my-tenant'

  $ sfp server update --tenant my-tenant --skip-backup
  Update the server for tenant 'my-tenant' without backing up critical files

  $ sfp server update --tenant my-tenant --ssh-host remote-server --ssh-username admin
  Update the server for tenant 'my-tenant' on a remote server using SSH

  $ sfp server update --tenant my-tenant --continue-on-db-migration-failure
  Update the server for tenant 'my-tenant' and continue even if database migrations fail
```

*See code:* [*src/commands/server/update.ts*](https://source.flxbl.io/flxbl/sfp-pro)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.flxbl.io/flxbl/sfp/cli-reference-v50-and-below/server/update.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.