update windows data dir installation

[zackattack01]

There are two pieces to this update:

1. breaks the windows installation out into:

• C:\Program Files\Kolide\Launcher-[IDENTIFIER]\
  • Still contains the bin and conf directories
• C:\ProgramData\Kolide\Launcher-[IDENTIFIER]\
  • Now contains the data directory
  • Still functions as the rootDir, containing all updates

2. creates an empty launcher.db file in the data directory

• doing this (along with any other files we want to add for cleanup) before the harvest tool (heat.exe) is run ensures that the launcher.db is cleaned up when an uninstall is initiated

Ideally we would integrate the wix RemoveFolderEx util extension into the wix-generated files (along with some registry updates) to achieve full cleanup, but this did not work as advertised after several attempts. Our cleanup complications come from arbitrarily nested directories containing filenames which are unknown at the time of harvest (e.g. rotated logs, updates, etc.). But because we are specifically concerned with the launcher.db cleanup, ensuring that file is present is enough for forward progress here.

Another option we can look into in the future if additional cleanup is needed is the wix CustomAction element. There are some reports of successful cleanup on this type of install structure using a separate removal script via CustomAction.

Including a quick logical overview of the changes here because it took me a bit to understand how wix works and how we integrate it within the build process - note that this is especially confusing because wix operates off of relative paths, expanded internally at build time, while the linux and darwin build processes are able to nest full paths within their respective root build directories back at the level of pkg/packaging/packaging.go. This makes it difficult to cleanly share as much logic as we would like between platform builds, and largely shaped this approach methodology in order to prevent excessive changes within the linux/darwin builds.

• within pkg/packaging/packaging.go, we needed to ensure the windows rootDir would point at ProgramData (see canonicalizeRootDir for the flag file generation
  • we also needed to prevent the data (root) dir from being created at this level for MSI targets to give the logic in pkg/pkgkit/wix/wix.go the chance to set up a separate data directory for harvest (in ProgramData)
• within pkg/pkgkit/wix/wix.go, we set up this directory and add any additional files we want to be included in the registry for cleanup on uninstall
  • we then run heat for DATADIR (expanded by wix into the ProgramData directory) with our pre-created file stubs, and include the newly generated component group from the main wix template

Testing

To test locally (outside of CI builds) I'd recommend using git bash to build on a windows machine directly (otherwise you will need to make some modifications to the commands below).

Navigate to your launcher directory within git bash and pull down this branch. Most build setup should be identical to other platforms (i.e. make deps && make).

Note your existing enroll secret and replace in the command below: cat C:/Program\ Files/Kolide/Launcher-kolide-k2/conf/secret

Run the following to build an MSI for local installation:

./build/package-builder.exe make -debug=true -transport=jsonrpc -hostname=k2device-preprod.kolide.com -output_dir=./build/ -identifier=kolide-k2 -launcher_version=./build/launcher.exe -enroll_secret="<TAKEN_FROM_ABOVE>" -i-am-a-kolide-customer

Uninstall your existing Launcher installation from Control-Panel and ensure a fresh installation by removing all of C:/Program\ Files/Kolide.

Your new build for testing should be installable from ./build/launcher.windows-service-msi.msi

[directionless]

note to self -- think about this

[CLAassistant]

All committers have signed the CLA.

[directionless]

I think this is probably correct, and I love how small it is.

How should we test this? We could build some nabalu packages with the branch maybe

[RebeccaMahany]

Probably a good idea to update the default value here https://github.com/kolide/launcher/blob/main/pkg/launcher/paths.go#L42 also?

[zackattack01]

will do!

[RebeccaMahany]

LGTM, thank you for the documentation in the code + in the PR description

[James-Pickett]

how is this going to work with existing installations? Do we need to do some kind of migration or peek at old dir first?

[zackattack01]

this was a recent change I can re-run some tests with to verify- but with prior testing this has always worked out regardless of existing/new installation because only the new installations have the new path in launcher.flags

[James-Pickett]

ohh duh =) ... yea, I forgot this was assigned in launcher.flags