fleet
fleet copied to clipboard
fleetdm
Cannot build Linux package with native tooling enabled
Fleetctl version: v4.49.3
💥 Actual behavior
When building deb or rpm packages using the official fleetctl docker image, the process exits with this error:
Error: open output file: open build/fleet-osquery_1.24.0_amd64.deb: no such file or directory
I was able to determine that this is because the environment is set up to support building with native tooling:
Disabling native tooling either using ENV or as a command-line flag resolves the issue.
`### 🧑💻 Steps to reproduce
- Place the following Dockerfile and entrypoint.sh in a local directory
Dockerfile:
FROM fleetdm/fleetctl
ENV FLEET_URL "https://xxx.com"
ENV ENROLLMENT_SECRET "xxxx"
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
WORKDIR /tmp
entrypoint.sh:
#!/bin/bash
fleetctl package --type="deb" --verbose --debug --enable-scripts --fleet-desktop --fleet-url=$FLEET_URL --enroll-secret=$ENROLLMENT_SECRET
ls -lA -R
- From that location, build the Docker Image:
docker build -t generate-linux-installer:latest .
- Run Docker:
docker run --platform linux/amd64 --rm -ti generate-linux-installer:latest env
- Making either of the following edits and then building the image again will resolve the issue:
Dockerfile:
FROM fleetdm/fleetctl
ENV FLEET_URL "https://xxx.com"
ENV ENROLLMENT_SECRET "xxxx"
ENV FLEETCTL_NATIVE_TOOLING 0
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
WORKDIR /tmp
entrypoint.sh
fleetctl package --type="deb" --native-tooling=0 --verbose --debug --enable-scripts --fleet-desktop --fleet-url=$FLEET_URL --enroll-secret=$ENROLLMENT_SECRET
🕯️ More info (optional)
N/A
@xpkoala I haven't had a chance to test this natively in Linux rather than in Docker, but I suspect we'd see the same issue. If you think we're good to send through without additional reproduction, I don't have an objection.
Happy to say it worked on my local docker AND on the fargate task ! @ksatter
@ksatter @valentinpezon-primo hey folks! sanity checking: have you tried using a volume as documented in the README?
https://github.com/fleetdm/fleet/blob/5fb52f6baf20abb718347501bdd08d3ea5b1e5f5/tools/fleetctl-docker/README.md?plain=1#L12-L16
This is how we run it in CI too:
https://github.com/fleetdm/fleet/blob/5fb52f6baf20abb718347501bdd08d3ea5b1e5f5/.github/workflows/test-native-tooling-packaging.yml#L67-L89
I think it's fine to create a build folder in the image as well, but that's the error you're seeing.
Having that said, note that the only advantage of native tooling is to build msi and pkg files in Linux, it might be okay to just disable it if you don't plan to, and don't want to use some form of shared volume
I did try with a shared volume, but not specifically specifying build. That makes sense! I do think that it's sub-optimal that you need to use different setups for Mac/Windows or Linux. The workflow I described above works for .pkg files, but not for deb or rpm.
using the official fleetctl docker image
Hey @ksatter or @roperzh do you know where document this docker image? I can't find it in the docs?
@noahtalerman I don't know if it's officially documented, the closest I know is the README I linked above https://github.com/fleetdm/fleet/blob/5fb52f6baf20abb718347501bdd08d3ea5b1e5f5/tools/fleetctl-docker/README.md
Thanks @roperzh!
Disabling native tooling either using ENV or as a command-line flag resolves the issue.
@ksatter I think if we document the above (update the README Roberto shared) then we can call this bug resolved/closed.
What do you think?
@ksatter just giving you an extra ping :)
@ksatter I think if we document the above (update the README Roberto shared) then we can call this bug resolved/closed.
What do you think about the above? If you agree, can you please take on the docs for this?
Thanks @noahtalerman! I wasn't aware that documentation existed, I think that what we have there covers it.
Native tooling error, A path in the cloud city, Fleet now builds clear.
