support installers with multiple software titles on them

[roperzh]

Goal

User story
As an IT admin,
I want Fleet to recognize installers with multiple software titles on them Microsoft Office or Adobe Suite
so that I can properly track them in the UI.

Context

• Requestor(s): @roperzh
• Product designer: _____

Changes

Product

• [ ] UI changes: TODO
• [ ] CLI usage changes: TODO
• [ ] REST API changes: TODO
• [ ] Fleet's agent (fleetd) changes: TODO
• [ ] Permissions changes: TODO
• [ ] Outdated documentation changes: TODO
• [ ] Changes to paid features or tiers: TODO

Engineering

• [ ] Database schema migrations: TODO
• [ ] Load testing: TODO

ℹ️  Please read this issue carefully and understand it. Pay special attention to UI wireframes, especially "dev notes".

QA

Risk assessment

• Requires load testing: TODO
• Risk level: Low / High TODO
• Risk description: TODO

Manual testing steps

1. Step 1
2. Step 2
3. Step 3

Testing notes

Confirmation

1. [ ] Engineer (@____): Added comment to user story confirming successful completion of QA.
2. [ ] QA (@____): Added comment to user story confirming successful completion of QA.

[noahtalerman]

Hey @roperzh thanks for tracking this!

If I'm understand correctly, the Microsoft 365 .pkg you get here includes Word, Excel, and Powerpoint. So, when we upload this .pkg to Fleet we want to update/create a Word, Excel, and Powerpoint software title instead of creating a Microsoft 365 title.

We want the Adobe Package Downloader to behave the same. The .pkg can include many tools (up to IT admin). So, when we upload the .pkg to Fleet we want to update/create a software title for each tool instead of creating an Adobe Package Downloader title.

Is that right?

Also, did a customer/user report this? Or, did we run into this when dogfooding?

[roperzh]

@noahtalerman yes that's a pretty neat description! mostly because osquery will report the apps installed by the package as separate apps.

We can call it dogfooding, I found it while working on https://github.com/fleetdm/fleet/issues/19144

[noahtalerman]

@nonpunctual: macOS 15 will only support flat .pkgs so this issue might be impacted by that.

[nonpunctual]

I think the good news is we maybe can de-prioritize it unless it's critical to support older installers that come this way on older versions of macOS https://helpx.adobe.com/enterprise/using/create-flat-packages.html @noahtalerman @spokanemac @marko-lisica

[noahtalerman]

we maybe can de-prioritize it unless it's critical to support older installers that come this way on older versions of macOS

@nonpunctual I'm not sure I understand. Newer version of macOS don't support flat packages?

[nonpunctual]

@noahtalerman I think it's the opposite. Only flat packages. May be mistaken though. I have a macOS Sequoia beta I will test on.

[nonpunctual]

So, my hunch is that especially Adobe & Microsoft are going to account for any changes. That said, I will try to find the documentation or some reference for what I thought I heard about package installers. It may have been that the .mpkg is deprecated. Microsoft hasn't used those for a long time. Adobe seems to be working around them with the flat .pkg installers (which they are not signing... sigh.)

The current Microsoft Office package downloaded from here: https://www.microsoft.com/en-us/microsoft-365/download-office#download worked fine in macOS Sequoia, but, I was only able to install 1 app from the suite because of disk size limits on my VM.

@noahtalerman @marko-lisica I am not sure what features you are trying to account for I guess. A .pkg installer has the logic for installing multiple apps built into it. I have never seen a .dmg installer with multiple apps - it's usually just 1 intended for install & maybe additional files or docs. The situation may be different on Win but I think for .exe there are vendors where the .exe actually has to be run, not just placed. For .msi, it should have the logic for install built-in with no magic required from Fleet like .pkg

Thanks.

[roperzh]

Hey folks, my understanding is that we're conflating two different things here? "Flat packages" are the regular pkg files everyone uses, which can contain more than one app, I don't think this is going away.

I created this issue for flat packages that contain multiple Apps, the current behavior is that Fleet will pick the first app that it finds in the pkg and will create a software title.

Please correct me if I'm saying nonsense!

[nonpunctual]

You are correct about flat .pkg packages. They are not going away.

Ok, then @roperzh what doesn't make sense to me is why / how could Fleet be only extracting the 1st app from a .pkg? Why not just call the installer binary & let the .pkg do its thing? If you have a package with multiple packages & just run

installer -pkg /path/to/.pkg -tgt /

it would install eveything. Why would we have to account for pulling it apart? If we are extracting apps from .pkg files now with the Fleet installations, why? When the Jamf binary executes a .pkg it is just calling the macOS installer binary.

[roperzh]

@nonpunctual sorry for not being clear!

Fleet will use whatever installer script you provided, and the default looks exactly like the one you posted! so all apps will effectively be installed on the host.

The problem is with the "smart" software title creation that happens under the hood in the fleet server, the current UX assumes that each pkg only contains one application, and as such it creates a single "software title" (the first we grab)

Hope that's better explained!

[noahtalerman]

Hey @roperzh this didn't get designed in the current design sprint. Pulling it off the drafting board.

If you think we should consider bringing it back, please add the feature fest label. Thanks!