fleet
fleet copied to clipboard
fleetdm
Increase character limit for saved scripts
Goal
| User story |
|---|
| As an IT admin, |
| I want to run the Installomator.sh script (~390k characters) |
| so that I can install software on hosts using scripts w/o having to call Installomator.sh w/ another script. |
Changes
Product
- [ ] UI changes: Figma link
- [ ] CLI usage changes: Figma link for CLI
- [ ] REST API changes: PR link
- Update script character limit to 500,000k for saved scripts
- For both
POST /scripts/run/syncPOST /scripts/runreturn an error ifscript_contentsis specified and the script is over 10k characters. Error message:Error: Script is too large. 'script_content' is limited to 10,000 characters. To run larger script save it to Fleet and use 'script_name' parameter.
Engineering
- [ ] Database schema migrations: TODO
- [ ] Load testing: TODO
ℹ️ Please read this issue carefully and understand it. Pay special attention to UI wireframes, especially "dev notes".
Context
- Requestor(s): _________________________
QA
Risk assessment
- Requires load testing: TODO
- Risk level: Low / High TODO
- Risk description: TODO
Manual testing steps
- Step 1
- Step 2
- Step 3
Testing notes
Confirmation
- [ ] Engineer (@____): Added comment to user story confirming successful completion of QA.
- [ ] QA (@____): Added comment to user story confirming successful completion of QA.
More context:
From @dherder: customer is looking for a way to execute a script that has more than 10,000 characters.
From @pacamaster:
Other customers are trying to use installomator
- installomator is an 8500 line, 390k character, 380kb bash script that executes in a single pass each time it's called.
- because Fleet does not yet include its own application install features, for orgs that are allowed to use installomator, it's critical
- my personal script repo (mostly written for Jamf) average number of lines is around 200. This is partly because scripts contain boilerplate code for logging & perhaps for API authentication, or here docs or base64 encoded graphics or, etc.
What are you doing right now to work around this issue?
Calling scripts with other scripts but this is unnecessarily complex & can cause many issues with execution including:
- inaccurate feedback / logs
- weird subshell / permissions behavior
Fleet should allow admins to run ANY script.
Hey @harrisonravazzolo, @nonpunctual told me that you're excited about this improvement.
Heads up that it's in the current sprint (target release date is 2024-03-11).
Here is another script that macOS admins will probably want to deploy: https://github.com/grahampugh/erase-install/releases/tag/v33.0
Validated error state for exceeding character count in UI and CLI:
Error: Script is too large. Script referenced by '--script-path' is limited to 10,000 characters. To run larger script save it to Fleet and use '--script-name'.
Validated new help menu text:
bri@Bris-MBP-2 fleet % ./build/fleetctl run-script --help
NAME:
fleetctl run-script - Run a live script on one host and get results back (5 minute timeout).
USAGE:
fleetctl run-script [options]
OPTIONS:
--script-path value The path to the script.
--host value A host, specified by hostname, serial number, UUID, osquery host ID, or node key.
--script-name value Name of saved script to run.
--team value Available in Fleet Premium. ID of the team that the saved script belongs to. 0 targets hosts assigned to “No team” (default: 0). (default: 0)
--config value Path to the fleetctl config file (default: "/Users/bri/.fleet/config") [$CONFIG]
--context value Name of fleetctl config context to use (default: "default") [$CONTEXT]
--debug Enable debug http request logging (default: false) [$DEBUG]
--help, -h show help (default: false)
Validated net-new functionality of running saved scripts from the CLI.
No regressions observed in existing scripts functionality.
Docs PR is here: #16699
Still need to merge it in.
@Patagonia121 heads up, this customer requests was shipped in fleet 4.47 🎸
Long scripts unfurl, Cloud city's tech pulse quickens, Ease for admins reigns.
