Using the --context option with fleetctl gives unexpected results

[dherder]

Fleet version: <!-- Copy this from the "My account" page in the Fleet UI, or run fleetctl --version -->

Web browser and operating system:

---

💥  Actual behavior

When applying a context to fleetctl with the mdm option, you have to place the --context in an odd location.

🧑‍💻  Steps to reproduce

1. Issue fleetctl mdm run-command --context dev --payload=restart-device.xml --host=hostname

Result

Successful command

Expected Behaviour

All other fleetctl commands when using --context seem to work when adding the context after the verb. I would expect to add the --context after run-command but if I do this, I get an error.

🕯️ More info (optional)

This workaround is documented as an FAQ here. When this bug is squashed, please remove that documentation.

[noahtalerman]

I would expect to add the --context after run-command but if I do this, I get an error.

@dherder if I'm understanding correctly, the steps to reproduce should be this? fleetctl mdm run-command --context dev ...

And not the following (--context before run-command):

I think I would expect the above to not work because fleetctl mdm isn't a command itself.

[dherder]

@noahtalerman yes, you are correct apologies. I kind of described it backwards.

[noahtalerman]

Got it. I updated the issue description.

[sabrinabuckets]

@roperzh I'm having trouble following the expected behavior here. Just to confirm I was able to send a successful command only by using this formatting: fleetctl mdm --context dev run-command --payload=restart-device.xml --host=hostname

Is that correct behavior?

[roperzh]

@sabrinabuckets the expected behavior is that you can use --context after run-command. Maybe you have an old version? I just tried from latest main and it works (the error proofs that I was able to communicate to dogfood)

/fleet $ git fetch && git status
On branch main
Your branch is up to date with 'origin/main'.

nothing to commit, working tree clean

~/fleet $ make fleetctl
mkdir -p build/linux
mkdir -p build/darwin
# Race requires cgo
CGO_ENABLED=0 go build -race=false -o build/fleetctl -ldflags " -X github.com/kolide/kit/version.appName=fleetctl -X github.com/kolide/kit/version.version=fleet-v4.39.0-43-g0e99f5a66 -X github.com/kolide/kit/version.branch=main -X github.com/kolide/kit/version.revision=0e99f5a6602d402fc3d072411b8802766370ae72 -X github.com/kolide/kit/version.buildDate=2023-10-30 -X github.com/kolide/kit/version.buildUser=roperzh -X github.com/kolide/kit/version.goVersion=go1.21.0" ./cmd/fleetctl
go: downloading github.com/facebookincubator/nvdtools v0.1.6-0.20231010102659-d14ce526f176
go: downloading github.com/hashicorp/go-hclog v1.0.0

~/fleet $ ./build/fleetctl mdm run-command --context=dogfood --host=asdf --payload=README.md
Error: The host doesn't exist. Please provide a valid hostname, uuid, osquery_host_id or node_key.

[sabrinabuckets]

@roperzh I was on latest main yesterday when testing, and am starting fresh again this morning, same results.

[roperzh]

@sabrinabuckets sanity checking, are you using the binary from ./build/fleetctl?

[sabrinabuckets]

@roperzh yup, always

[roperzh]

@sabrinabuckets follow up, what's the output of ./build/fleetctl mdm run-command --help? mine includes --context:

NAME:
   fleetctl mdm run-command - Run a custom MDM command on one macOS host. Head to Apple's documentation for a list of available commands and example payloads here:  https://developer.apple.com/documentation/devicemanagement/commands_and_queries

USAGE:
   fleetctl mdm run-command [command options] [arguments...]

OPTIONS:
   --context value  Name of fleetctl config context to use (default: "default") [$CONTEXT]
   --debug          Enable debug http request logging (default: false) [$DEBUG]
   --host value     The host, specified by hostname, uuid, osquery_host_id or node_key, that you want to run the MDM command on.
   --payload value  A path to an XML file containing the raw MDM request payload.
   --help, -h       show help (default: false)

[sabrinabuckets]

bri@bris-mbp-2 fleet % ./build/fleetctl mdm run-command --help
NAME:
   fleetctl mdm run-command - Run a custom MDM command on one macOS host. Head to Apple's documentation for a list of available commands and example payloads here:  https://developer.apple.com/documentation/devicemanagement/commands_and_queries

USAGE:
   fleetctl mdm run-command [command options] [arguments...]

OPTIONS:
   --context value  Name of fleetctl config context to use (default: "default") [$CONTEXT]
   --debug          Enable debug http request logging (default: false) [$DEBUG]
   --host value     The host, specified by hostname, uuid, osquery_host_id or node_key, that you want to run the MDM command on.
   --payload value  A path to an XML file containing the raw MDM request payload.
   --help, -h       show help (default: false)

[sabrinabuckets]

If it helps, when I run with --context after run-command I get Error: create client: context "dev" is not found

[roperzh]

@sabrinabuckets thank you! so it's there, and what output you get when you run the command with --context dev at tail end?

[sabrinabuckets]

Same as above, Error: create client: context "dev" is not found

[roperzh]

jinx! okay, that helps! it means you don't have a dev context configured (so the flag is working, now we have to figure out if you really don't have a dev context or something else is going on)

@sabrinabuckets could you please check in ~/.fleet/config (a yaml file) if you have a dev context?

[sabrinabuckets]

I'm not sure how, but I have a .yml and a .yaml, (the first one seems to be formatted incorrectly, so I'm guessing it's not the "right" one), neither of them have a reference to dev in any way I can find.

[roperzh]

@sabrinabuckets I think that's the problem then 🎉 . The --context flag is working as expected but you don't have a dev context (guessing you were probably following Dave's example above?)

my recommendation would be to use any other context you have configured, or you can create a context like this:

$ ./build/fleetctl config set --address A_FLEET_SERVER_URL --context dev
$ ./build/fleetctl login --context dev
$ ./build/fleetctl mdm run-command ... --context dev

[sabrinabuckets]

OK, that worked. It's actually quite funny that a ticket about "context" was entirely missing it 😆.

[fleet-release]

In Fleet's glass city, --context finds its true place, Commands sail smoothly.