Filing a bug from an internal report of this error.

C:\Program Files\Elastic\Agent\fleet.enc: rename C:\ProgramFiles\Elastic\Agent\fleet.enc.tmp C:\ProgramFiles\Elastic\Agent\fleet.enc: Access is denied

https://github.com/elastic/elastic-agent-libs/blob/4babafd5ed1e5079acf74212ed3da01740b22de7/file/helper_windows.go#L26-L49

The SafeFileRotate implementation on Windows makes a call to os.Remove that can fail with an Access is Denied error if a process still has the file open when the removal is attempted. It is unclear what process has the file open, potentially there is AV software performing a periodic scan of the file system.

We could add retries like we did for the uninstall command that used to hit this error more frequently:

We could also switch to using Win32 calls directly. Then we could use the MoveFileExA directly with the MoveOnReboot flag. We would have to check what happens if you have multiple moves scheduled on reboot.