Generate the enrollment details on launcher startup #2045
Conversation
… and update related methods
…rollmentDetails struct to types
| @@ -528,6 +541,15 @@ func (ta *TufAutoupdater) checkForUpdate(binariesToCheck []autoupdatableBinary) | |||
| if updatedVersion, ok := updatesDownloaded[binaryLauncher]; ok { | |||
| // Only reload if we're not using a localdev path | |||
| if ta.knapsack.LocalDevelopmentPath() == "" { | |||
| ctx := context.Background() | |||
There was a problem hiding this comment.
I'll defer to becca, but I'm not sure this is the right place
There was a problem hiding this comment.
Thinking...we have both LauncherVersion and OsqueryVersion inside the enrollment details, so that's why I'd wanted it updated after autoupdate. If we want to keep it here for that reason, then it probably makes more sense to only update EnrollmentDetails.LauncherVersion and EnrollmentDetails.OsqueryVersion -- we don't need to regenerate the rest of the enrollment details at this time. What do you think?
cmd/launcher/launcher.go
Outdated
| ) | ||
| } | ||
| return err | ||
| }, 30*time.Second, 5*time.Second); err != nil { |
There was a problem hiding this comment.
This can delay launcher startup for up to 30 seconds -- I think we probably don't want to do that. Maybe we should call getEnrollmentDetails in a goroutine so that it doesn't halt startup? (We would probably want to make knapsack.enrollmentDetails nullable -- var enrollmentDetails *types.EnrollmentDetails -- and then have extension.Enroll wait for those details to be available.)
| @@ -528,6 +541,15 @@ func (ta *TufAutoupdater) checkForUpdate(binariesToCheck []autoupdatableBinary) | |||
| if updatedVersion, ok := updatesDownloaded[binaryLauncher]; ok { | |||
| // Only reload if we're not using a localdev path | |||
| if ta.knapsack.LocalDevelopmentPath() == "" { | |||
| ctx := context.Background() | |||
There was a problem hiding this comment.
Thinking...we have both LauncherVersion and OsqueryVersion inside the enrollment details, so that's why I'd wanted it updated after autoupdate. If we want to keep it here for that reason, then it probably makes more sense to only update EnrollmentDetails.LauncherVersion and EnrollmentDetails.OsqueryVersion -- we don't need to regenerate the rest of the enrollment details at this time. What do you think?
|
I'm starting over to make the changes simpler. I'll also add a requirement of not caching the quick look up part of the call and focus the caching only on the osquery details |
This pull request introduces new functionality for managing enrollment details and updates several mocks in the
knapsackpackage. The key changes include adding methods for setting and getting enrollment details, movingEnrollmentDetailsto a new location, and updating the mocks accordingly.Open Questions:
New Functionality for Enrollment Details:
cmd/launcher/launcher.go: Added logic to retrieve and set runtime enrollment details, including a retry mechanism with backoff for fetching osquery enrollment details.ee/agent/knapsack/knapsack.go: IntroducedSetEnrollmentDetailsandGetEnrollmentDetailsmethods to manage enrollment details.ee/agent/types/enrollment.go: MovedEnrollmentDetailsstruct from the service package to the types package, and definedEnrollmentStatusconstants.ee/agent/types/knapsack.go: Updated theKnapsackinterface to include methods for managing enrollment details.Updates to Mocks:
ee/agent/types/mocks/knapsack.go: Added mock implementations for the newGetEnrollmentDetailsandSetEnrollmentDetailsmethods. [1] [2]ee/agent/types/mocks/flags.go: Removed several unused mock methods related to osquery endpoints.These changes enhance the functionality and maintainability of the
knapsackpackage by providing a standardized way to handle enrollment details and updating the mocks to reflect the new methods.Updates to Autoupdate:
New Functionality
collectAndSetEnrollmentDetailsmethod to preserve system state during updatesCode Structure
ee/tuf/autoupdate.go:Test Improvements
ee/tuf/autoupdate_test.go:Configuration Options
WithOsquerierBackofffor flexible timing control