Hey folks, is it possible to setup enroll_secret during fleet bootstrap ? I am trying to run fleet in containers and once the 'fleet serve' has been run I am not able to run any more command from within docker. I tried to run 'fleet -c secrets.yaml serve' but it didn't work.

A default enroll secret is generated when you start up the server for the first time. You can retrieve that secret with

fleetctl get enroll_secret

.

yes but since I am running this in containers the app can be restarted anytime. And once it's restarted it sets this secret to a random string. Is there any way to set it upfront to the same string ?

The containers should all be connecting to the same MySQL database which means that they will use the same set of enroll secrets.

ok so this keeps the secret in mysql. this may make things easier. I would need to set the pass only once

No it's okay to run

fleet prepare db

again. It will not do anything if the migrations are already run.

Thanks

also

fleet serve

is running the fleet process, so you wouldn't be able to run any commands after that. Maybe try running

fleet serve &

or just connecting from a different docker container.

yeah I can but I'd rather do it without 'hacking' 😉 I'd rather set the secret initially. I didn't know the secret is kept in mysql. now I know this and I can set persistent storage for mysql docker container to ensure the enroll secret is the same