Open mbainter opened 1 year ago
I agree there could be improvements to these workflows. The postrm script in fleet-osquery_1.17.0_amd64.deb has this content:
#!/bin/sh
rm -rf /var/lib/orbit /var/log/orbit /usr/local/bin/orbit /etc/default/orbit /usr/lib/systemd/system/orbit.service /opt/orbit
This is causing any customisation in /etc/default/orbit
to be removed on every upgrade.
So I don't think that /etc/default/orbit
should be touched at all during install/upgrade unless it doesn't already exist.
Goal
Align closer to packaging best practices, particularly in regard to how the service is managed. Allow those deploying the software to have better control over that without wrestling with the package.
Context
I ran into this same problem with Kolide. NFPM is great, but a little effort into implementing good packaging practices for something like this would be greatly appreciated. Right now, the package you provide is exceedingly basic. In particular:
If I, as a systems administrator, want to deploy an override file that governs how osquery runs, I end up in a race condition with the current package. I have to write automation around the package install to:
If, instead, these packages were built in accordance with Debian/Ubuntu packaging guidelines and systemd recommended practices, I could do:
systemctl preset orbit disable
systemctl preset orbit enable
It would be nice if NFPM supported this natively as a best-practice for anything with a service, but it does allow you to customize your pre/post inst/rm scripts and that's enough to implement this. It would just require a little bit of effort to leverage the built-in tools like
deb-systemd-helper
.Potential solutions
These are untested -- they're just rough outlines of what this might look like.
honoring presets in postinst:
handling purge and cleanup in postrm: