Include stderr in enrollment details failures so we can capture addit…

…ional information on Windows (#1671)
kolide · Apr 3, 2024 · 859f598 · 859f598
1 parent 1ee3416
commit 859f598
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 4 deletions.
diff --git a/pkg/osquery/enrollment_details.go b/pkg/osquery/enrollment_details.go
@@ -61,10 +61,12 @@ func getEnrollDetails(ctx context.Context, osquerydPath string) (service.Enrollm
 `
 
 	var respBytes bytes.Buffer
+	var stderrBytes bytes.Buffer
 
 	osq, err := runsimple.NewOsqueryProcess(
 		osquerydPath,
 		runsimple.WithStdout(&respBytes),
+		runsimple.WithStderr(&stderrBytes),
 	)
 	if err != nil {
 		return details, fmt.Errorf("create osquery for enrollment details: %w", err)
@@ -74,18 +76,18 @@ func getEnrollDetails(ctx context.Context, osquerydPath string) (service.Enrollm
 	defer osqCancel()
 
 	if sqlErr := osq.RunSql(osqCtx, []byte(query)); osqCtx.Err() != nil {
-		return details, fmt.Errorf("query enrollment details context error: %w", osqCtx.Err())
+		return details, fmt.Errorf("query enrollment details context error: %w: stderr: %s", osqCtx.Err(), stderrBytes.String())
 	} else if sqlErr != nil {
-		return details, fmt.Errorf("query enrollment details: %w", sqlErr)
+		return details, fmt.Errorf("query enrollment details: %w; stderr: %s", sqlErr, stderrBytes.String())
 	}
 
 	var resp []map[string]string
 	if err := json.Unmarshal(respBytes.Bytes(), &resp); err != nil {
-		return details, fmt.Errorf("json decode enrollment details: %w", err)
+		return details, fmt.Errorf("json decode enrollment details: %w; stderr: %s", err, stderrBytes.String())
 	}
 
 	if len(resp) < 1 {
-		return details, errors.New("expected at least one row from the enrollment details query")
+		return details, fmt.Errorf("expected at least one row from the enrollment details query: stderr: %s", stderrBytes.String())
 	}
 
 	if val, ok := resp[0]["os_version"]; ok {

diff --git a/pkg/osquery/enrollment_details_test.go b/pkg/osquery/enrollment_details_test.go
@@ -0,0 +1,31 @@
+package osquery
+
+import (
+	"context"
+	"os"
+	"path/filepath"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func Test_getEnrollDetails_binaryNotExist(t *testing.T) {
+	t.Parallel()
+
+	_, err1 := getEnrollDetails(context.TODO(), filepath.Join("some", "fake", "path", "to", "osqueryd"))
+	require.Error(t, err1, "expected error when path does not exist")
+
+	_, err2 := getEnrollDetails(context.TODO(), t.TempDir())
+	require.Error(t, err2, "expected error when path is directory")
+}
+
+func Test_getEnrollDetails_executionError(t *testing.T) {
+	t.Parallel()
+
+	currentExecutable, err := os.Executable()
+	require.NoError(t, err, "could not get current executable for test")
+
+	// We expect getEnrollDetails to fail when called against an executable that is not osquery
+	_, err = getEnrollDetails(context.TODO(), currentExecutable)
+	require.Error(t, err, "should not have been able to get enroll details with non-osqueryd executable")
+}