search

fleetdm / fleet

Open device management
https://fleetdm.com
Other
5.22k stars 611 forks source link

Setup experience software is reset with any gitops run #30216

Closed AndreyKizimenko closed 2 weeks ago

AndreyKizimenko commented 2 weeks ago

Fleet version: 4.70 <!-- Copy this from the "My account" page in the Fleet UI, or run fleetctl --version -->

Web browser and operating system: N/A

:boom: Actual behavior

After a gitops run the software that you pre-selected in the Setup Experience UI is cleared out

https://github.com/user-attachments/assets/98808ee9-c73b-45eb-ad1b-0e22a5a2d01f

:technologist: Steps to reproduce

  1. Set up a gitops repo for your local Fleet server so you can do a fleetctl gitops run.
  2. In your fleet instance add any software in the Setup Experience
  3. Add supported macos_setup options. i.e. 
    macos_setup:   
bootstrap_package: https://files.pezhub.ngrok.app/fleetdm/Bootstrap-packages/dummy-bootstrap-package.pkg
enable_end_user_authentication: true
macos_setup_assistant: null
  4. Run a fleetctl gitops command
  5. Refresh the Setup experience page and go to the software tab

    :candle: More info (optional)

    We have an open issue (#30067) to support Setup experience with GitOps but I'm not sure whether the current behavior is still expected. Anyone who's using gitops will reset their software

iansltx commented 2 weeks ago

@AndreyKizimenko Setup Experience software is usable on GitOps, as shown in our own Dogfood GitOps config for the Workstations team:

https://github.com/fleetdm/fleet/blob/2caaca59c546bcca283a5da46278213164814fb0/it-and-security/teams/workstations.yml#L75-L79

This is also documented in the YAML setup experience docs.

GitOps is intended to be declarative, so having macOS Setup Experience set without software is behaving as intended: deleting the associated software.

When you didn't provide Setup Experience config at all and applied GitOps, was software removed then, fi first added via the UI? If they weren't removed, that would be a bug, as we're not behaving sufficiently declaratively.

Adding the :reproduce tag back here to confirm if there's something wrong there, but currently your report looks like expected behavior.

iansltx commented 2 weeks ago

Side note: 4.70 is RC rather than released, so if this was a bug specific to 4.70 (or on main) it would be an unreleased bug and prioritized accordingly; the latest tagged release is 4.69 so in order to be classified as released a bug would need to be repro'd on 4.69 at this point.

AndreyKizimenko commented 2 weeks ago

Ah, I see, I was probably mislead by this open issue (#30067), thanks for the clarifications. Answering your question, yes it is removing all the software that was previously available in the UI. Closing this as not planned

fleet-release commented 2 weeks ago

Gitops run clears, A reset in software's dawn, Fleet finds paths untread.