kolide · James-Pickett · May 29, 2024 · May 8, 2024 · May 8, 2024 · May 9, 2024
diff --git a/pkg/osquery/extension.go b/pkg/osquery/extension.go
@@ -17,6 +17,7 @@ import (
 	"github.com/kolide/launcher/ee/agent"
 	"github.com/kolide/launcher/ee/agent/startupsettings"
 	"github.com/kolide/launcher/ee/agent/types"
+	"github.com/kolide/launcher/ee/uninstall"
 	"github.com/kolide/launcher/pkg/backoff"
 	"github.com/kolide/launcher/pkg/osquery/runtime/history"
 	"github.com/kolide/launcher/pkg/service"
@@ -449,13 +450,20 @@ func (e *Extension) Enroll(ctx context.Context) (string, bool, error) {
 	// If no cached node key, enroll for new node key
 	// note that we set invalid two ways. Via the return, _or_ via isNodeInvaliderr
 	keyString, invalid, err := e.serviceClient.RequestEnrollment(ctx, enrollSecret, identifier, enrollDetails)
-	if isNodeInvalidErr(err) {
+
+	switch {
+	case errors.Is(err, service.ErrDeviceDisabled{}):
+		uninstall.Uninstall(ctx, e.knapsack, true)
+
+	case isNodeInvalidErr(err):
 		invalid = true
-	} else if err != nil {
-		err := fmt.Errorf("transport error in enrollment: %w", err)
-		traces.SetError(span, err)
-		return "", true, err
+
+	case err != nil:
+		return "", true, fmt.Errorf("transport error getting queries: %w", err)
+
+	default: // pass through no error
 	}
+
 	if invalid {
 		if err == nil {
 			err = errors.New("no further error")
@@ -554,10 +562,17 @@ var reenrollmentInvalidErr = errors.New("enrollment invalid, reenrollment invali
 // Helper to allow for a single attempt at re-enrollment
 func (e *Extension) generateConfigsWithReenroll(ctx context.Context, reenroll bool) (string, error) {
 	config, invalid, err := e.serviceClient.RequestConfig(ctx, e.NodeKey)
-	if isNodeInvalidErr(err) {
+	switch {
+	case errors.Is(err, service.ErrDeviceDisabled{}):
+		uninstall.Uninstall(ctx, e.knapsack, true)
+
+	case isNodeInvalidErr(err):
 		invalid = true
-	} else if err != nil {
-		return "", fmt.Errorf("transport error retrieving config: %w", err)
+
+	case err != nil:
+		return "", fmt.Errorf("transport error getting queries: %w", err)
+
+	default: // pass through no error
 	}
 
 	if invalid {
@@ -791,6 +806,11 @@ func (e *Extension) writeBufferedLogsForType(typ logger.LogType) error {
 // Helper to allow for a single attempt at re-enrollment
 func (e *Extension) writeLogsWithReenroll(ctx context.Context, typ logger.LogType, logs []string, reenroll bool) error {
 	_, _, invalid, err := e.serviceClient.PublishLogs(ctx, e.NodeKey, typ, logs)
+
+	if errors.Is(err, service.ErrDeviceDisabled{}) {
+		uninstall.Uninstall(ctx, e.knapsack, true)
+	}
+
 	invalid = invalid || isNodeInvalidErr(err)
 	if !invalid && err == nil {
 		// publication was successful- update logPublicationState and move on
@@ -899,10 +919,18 @@ func (e *Extension) getQueriesWithReenroll(ctx context.Context, reenroll bool) (
 
 	// Note that we set invalid two ways -- in the return, and via isNodeinvaliderr
 	queries, invalid, err := e.serviceClient.RequestQueries(ctx, e.NodeKey)
-	if isNodeInvalidErr(err) {
+
+	switch {
+	case errors.Is(err, service.ErrDeviceDisabled{}):
+		uninstall.Uninstall(ctx, e.knapsack, true)
+
+	case isNodeInvalidErr(err):
 		invalid = true
-	} else if err != nil {
+
+	case err != nil:
 		return nil, fmt.Errorf("transport error getting queries: %w", err)
+
+	default: // pass through no error
 	}
 
 	if invalid {
@@ -945,10 +973,17 @@ func (e *Extension) writeResultsWithReenroll(ctx context.Context, results []dist
 	defer span.End()
 
 	_, _, invalid, err := e.serviceClient.PublishResults(ctx, e.NodeKey, results)
-	if isNodeInvalidErr(err) {
+	switch {
+	case errors.Is(err, service.ErrDeviceDisabled{}):
+		uninstall.Uninstall(ctx, e.knapsack, true)
+
+	case isNodeInvalidErr(err):
 		invalid = true
-	} else if err != nil {
-		return fmt.Errorf("transport error writing results: %w", err)
+
+	case err != nil:
+		return fmt.Errorf("transport error getting queries: %w", err)
+
+	default: // pass through no error
 	}
 
 	if invalid {

diff --git a/pkg/pb/launcher/launcher.go b/pkg/pb/launcher/launcher.go
@@ -1,3 +1,3 @@
 package launcher
 
-//go:generate protoc --go_out=plugins=grpc:. launcher.proto
+//go:generate protoc --go-grpc_out=. --go_out=. launcher.proto