fleet icon indicating copy to clipboard operation
fleet copied to clipboard
verified publisher icon fleetdm

generate-gitops does not pull current MacOS_setup settings

Open AndreyKizimenko opened this issue 7 months ago • 1 comments

Fleet version: 4.70 <!-- Copy this from the "My account" page in the Fleet UI, or run fleetctl --version -->

Web browser and operating system: N/A

💥  Actual behavior

Running generate-gitops does not automatically pull any macos_setup settings. Using this config to then run gitops will result in all Setup Experience options resetting on the server.

https://github.com/user-attachments/assets/7648b09c-7e4d-4817-9728-7ecfbb50c84d

🧑‍💻  Steps to reproduce

  1. Set up a gitops repo for your local Fleet server so you can do a fleetctl gitops run.
  2. In your fleet instance customize your setup experience for any team
  3. ./build/fleetctl generate-gitops --dir <your-repo> --force
  4. Preview the .yml file for the team that had custom Setup Experience. macos_setup is empty

🕯️ More info (optional)

We have an open issue (#30067) to support Fleet maintained software with GitOps but I'm not sure whether the current behavior is still expected.

AndreyKizimenko avatar Jun 20 '25 19:06 AndreyKizimenko

@sgress454 is there another ticket already for this? I know that per https://github.com/fleetdm/fleet/commit/d716265641cd377a9457ace8ffdaa22c24d2de90 the output files mention that values aren't filled in, so IIRC this qualifies as expected behavior, so this winds up being a feature request rather than a bug.

iansltx avatar Jun 21 '25 01:06 iansltx

Talked to @sgress454 about this and what we are currently seeing is indeed expected. It is documented and warnings are added to the output. Nonetheless this is something that we want to support in the future and so I'm converting this bug into a feature request following that template. @rachaelshaw could you please take a look? I'm still new to the team and want to make sure that it has all the details and is properly routed.

AndreyKizimenko avatar Jun 23 '25 16:06 AndreyKizimenko

Using this config to then run gitops will result in all Setup Experience options resetting on the server.

@AndreyKizimenko This should not be the case -- the output generated by generate-gitops for teams with mac setup experience set up should fail when attempting to apply gitops, with an error like:

Error: 1 error occurred:
	* failed to unmarshal controls: json: cannot unmarshal string into Go struct field GitOpsControls.macos_setup of type fleet.MacOSSetup

(we have a separate ticket for making error messages like this better)

If that's not the case and the output of generate-gitops is not failing gitops but is instead clearing the macos_settings on the server, then this is a bug that needs to be prioritized. I just tested it and got the expected behavior, but it's worth repeating the experiment on your system to be sure.

sgress454 avatar Jul 01 '25 14:07 sgress454

@sgress454 I just tested this on the local server on main and I'm indeed getting this error now. There is no error, though, on 4.70RC that is currently deployed on QA Render. I'm guessing it was resolved by some other work that was done on GitOps?

AndreyKizimenko avatar Jul 01 '25 15:07 AndreyKizimenko

@sgress454 I just tested this on the local server on main and I'm indeed getting this error now. There is no error, though, on 4.70RC that is currently deployed on QA Render. I'm guessing it was resolved by some other work that was done on GitOps?

Not that I know of, we should always have that error. The macos_settings config can't be a string. I'll look at the RC.

sgress454 avatar Jul 01 '25 15:07 sgress454

Hm I still see the error using 4.70 versions of fleetctl and fleet server. I also tested with the server on main and fleetctl on 4.70, and vice versa. Want to shoot me the .yml you're testing with?

sgress454 avatar Jul 01 '25 15:07 sgress454