Ryan Pesek
01/05/2023, 9:23 PMtls_client_cert
and tls_client_key
set in our environment to enforce mTLS on all API calls the agent makes. However the paths to these certificate files need to change depending on if the host in MacOS or Windows. It doesn't appear to be possible to set multiple values for these config options because according to the docs command_line_flags
does not support the overrides
key.Kathy Satterlee
01/05/2023, 10:12 PMcommand_line_flags
key present in agent options. If you omit that key, you can continue to manage your flags manually and don't need to worry about Orit overwriting the existing flags.Ryan Pesek
01/06/2023, 2:27 PMcommand_line_flags: {}
to the agent configs when upgrading from older versions of Fleet. I didn't notice anything in the Changelog that this would be added and that it would wipe the existing config in the flagfiles we have deployed. Just my two cents.command_line_flags
with overrides,
or some other mechanism, to deploy different comman_line_flags
to different OSs?command_line_flags
. If I delete command_line_flags: {}
using the UI, save the page, and then refresh, command_line_flags: {} # requires Fleet's osquery installer
appears again. I can confirm using fleetctl
that command_line_flags: {}
is not present in the agent_options
section. So I believe this is just a UI bug always wanting to render an empty command_line_flags key when it is empty. The bug is probably in this logic where it is trying to add the comment: https://github.com/fleetdm/fleet/blob/main/frontend/utilities/yaml/index.ts#L22-L38Kathy Satterlee
01/06/2023, 4:52 PMRyan Pesek
01/06/2023, 5:11 PM