search

fleetdm / fleet

Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
https://fleetdm.com
Other
3.11k stars 429 forks source link

GitOps `path` not consistent in software item #22187

Open getvictor opened 1 month ago

getvictor commented 1 month ago

Fleet version: <!-- Copy this from the "My account" page in the Fleet UI, or run fleetctl --version --> 4.46.0 Web browser and operating system:

💥  Actual behavior

https://www.loom.com/share/beb14e98a6a94ab5abab1997a61c4b88

🧑‍💻  Steps to reproduce

See video: https://www.loom.com/share/beb14e98a6a94ab5abab1997a61c4b88

Test Plan

For each of a normal team or No Team in GitOps, set up firefox.pkg.software.yml inside lib/package:

url: https://ftp.mozilla.org/pub/firefox/releases/129.0.2/mac/en-US/Firefox%20129.0.2.pkg
self_service: true
pre_install_query:
  path: ./preinstall-query.yml
install_script:
  path: ../../install-firefox.sh
post_install_script:
  path: ./postinstall-firefox.sh
uninstall_script:
  path: ../scripts/uninstall-firefox.sh

Then place scripts/query YAML in the appropriate directory levels, relative to lib/package. GitOps apply should succeed.

Then swap the package yml path reference for an inline software declaration:

software:
  packages:
    - url: https://ftp.mozilla.org/pub/firefox/releases/129.0.2/mac/en-US/Firefox%20129.0.2.pkg
      self_service: true
      pre_install_query:
        path: ../lib/package/preinstall-query.yml
      install_script:
        path: ../install-firefox.sh
      post_install_script:
        path: ../lib/package/postinstall-firefox.sh
      uninstall_script:
        path: ../lib/scripts/uninstall-firefox.sh
getvictor commented 1 month ago

@noahtalerman Are we OK with making another breaking change to GitOps software YAML to fix this? (Only impacts users with software packages already defined.)

noahtalerman commented 1 month ago

@getvictor yes. We marked software as an experimental feature in the YAML files reference docs here.

Sorry for the delay!

iansltx commented 1 month ago

I'm in the process of fixing other bugs and noticed that the software spec is plopped down without modification whether it's in a path or at the root, unmarshalled directly into the spec struct without any checks from the looks of it. So we'll have to add some intelligence to the unmarshalling process to get paths to resolve correctly.

iansltx commented 1 week ago

Confirmed that this is still an issue with the latest fleetctl, so while I fixed other similar cases this one is still broken. Working on a fix now.