Why would this be happening?

$ fleetctl get config > /tmp/config.yaml   
$ fleetctl apply -f /tmp/config.yaml                                                                      
Error: applying fleet config: PATCH /api/latest/fleet/config received status 422 Validation Failed: missing or invalid license

Would you be up for sharing your config file with me? You can DM me or post it here with any sensitive data redacted. Whichever works for you!

im ok posting here, im just going to redact domains

---
apiVersion: v1
kind: config
spec:
  agent_options:
    config:
      decorators:
        load:
        - SELECT uuid AS host_uuid FROM system_info;
        - SELECT computer_name AS hostname FROM system_info;
      options:
        disable_distributed: false
        distributed_interval: 10
        distributed_plugin: tls
        distributed_tls_max_attempts: 3
        enable_keyboard_events: true
        enable_mouse_events: true
        logger_snapshot_event_type: true
        logger_tls_endpoint: /api/osquery/log
        logger_tls_period: 10
        pack_delimiter: /
    overrides: {}
  features:
    enable_host_users: false
    enable_software_inventory: false
  fleet_desktop:
    transparency_url: <https://fleetdm.com/transparency>
  host_expiry_settings:
    host_expiry_enabled: false
    host_expiry_window: 0
  integrations:
    jira: null
    zendesk: null
  org_info:
    org_logo_url: <https://example.com/abc>
    org_name: Material Security
  server_settings:
    deferred_save_host: false
    enable_analytics: true
    live_query_disabled: false
    server_url: <https://example.com/abc>
  smtp_settings:
    authentication_method: authmethod_plain
    authentication_type: authtype_username_password
    configured: false
    domain: ""
    enable_smtp: false
    enable_ssl_tls: true
    enable_start_tls: true
    password: ""
    port: 587
    sender_address: ""
    server: ""
    user_name: ""
    verify_ssl_certs: true
  sso_settings:
    enable_jit_provisioning: false
    enable_sso: true
    enable_sso_idp_login: true
    entity_id: <http://fleet.stellarite.io|fleet.stellarite.io>
    idp_image_url: <https://example.com/abc>
    idp_name: Okta
    issuer_uri: ""
    metadata: ""
    metadata_url: <https://example.com/abc>
  vulnerability_settings:
    databases_path: ""
  webhook_settings:
    failing_policies_webhook:
      destination_url: <https://example.com/abc>
      enable_failing_policies_webhook: true
      host_batch_size: 0
      policy_ids:
      - 4
      - 6
      - 1
      - 2
      - 5
      - 7
      - 8
      - 3
    host_status_webhook:
      days_count: 0
      destination_url: ""
      enable_host_status_webhook: false
      host_percentage: 0
    interval: 24h0m0s
    vulnerabilities_webhook:
      destination_url: ""
      enable_vulnerabilities_webhook: false
      host_batch_size: 0

Try removing these lines for me:

fleet_desktop:
    transparency_url: <https://fleetdm.com/transparency>

that worked, thanks!

Great! I haven't tested out Fleet Desktop after removing that section yet, let me know if that causes any issues. I'm going to get a bug report set up for this, will follow up with a ticket shortly.

we actually don't use it, so i dont think it will cause issues 🙂

Brilliant.

thank you for the quick help!

It's pretty cool. though. Highly recommend checking it out.

does it work with the open source fleet or only with the paid offering? if the former, i will definitely give it a spin

Both. There's a little added functionality for premium around policies, but your users will still have access to the My Device page where they can see details about their machine.