search

fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
https://fleetdm.com
Other
2.67k stars 379 forks source link

Changing team name in Fleet UI breaks the next GitOps run #19817

Open lukeheath opened 2 weeks ago

lukeheath commented 2 weeks ago

Fleet version: 4.51.0

💥  Actual behavior

Changed team name from "Virtual machines" to "Compliance exclusions" in the UI. Next gitops dry run failed.

[+] would've applied fleet config
[+] would've applied enroll secrets
[+] syncing 1 queries
[+] applying MDM profiles for team Explore data (fleetdm.com)
[+] would've applied 1 teams
[+] syncing 321 queries
[+] applying MDM profiles for team ☁️🐣 Servers (canary)
[+] would've applied 1 teams
[+] applying MDM profiles for team ☁️ Servers
[+] would've applied 1 teams
Error: applying teams: POST /api/latest/fleet/spec/teams received status 422 Validation Failed: a provided enroll secret for team 'Virtual machines' is already being used

🧑‍💻  Steps to reproduce

  1. Change team name in UI.
  2. Run gitops dry run.

🕯️ More info (optional)

N/A

Unsure how to fix. Discuss with product design to determine how to resolve.

getvictor commented 2 weeks ago

The fix would be to delete the new unauthorized "Compliance exclusions" team before re-creating the "Virtual machines" team.

We should fix this at the same time as https://github.com/fleetdm/fleet/issues/18471

getvictor commented 2 weeks ago

This should be a non-issue once gitops can rename teams (#18471). In this example, the team will simply be renamed back to "Virtual Machines" by gitops.