UI - GitOps Mode: Core abstractions, first batch of applications (#26401)
## For #26229 – Part 1
- This PR contains the core abstractions, routes, API updates, and types
for GitOps mode in the UI. Since this work will touch essentially every
part of the Fleet UI, it is ripe for merge conflicts. To mitigate such
conflicts, I'll be merging this work in a number of iterative PRs. ~To
effectively gate any of this work from showing until it is all merged to
`main`, [this commit](feedbb2d4c25ec2e304e1f18d409cee62f6752ed) hides
the settings section that allows enabling/disabling this setting,
effectively feature flagging the entire thing. In the last of these
iterative PRs, that commit will be reverted to engage the entire
feature. For testing purposes, reviewers can `git revert
feedbb2d4c25ec2e304e1f18d409cee62f6752ed` locally~ The new settings
section for this feature is feature flagged until all PRs are merged -
to show the setting section while testing, run `ALLOW_GITOPS_MODE=true
NODE_ENV=development yarn run webpack --progress --watch` in place of
`make generate-dev`
- Changes file will be added and feature flag removed in the last PR
- [x] Settings page with routing, form, API integration (hidden until
last PR)
- [x] Activities
- [x] Navbar indicator
- Apply GOM conditional UI to:
- [x] Manage enroll secret modal: .5
- Controls >
- [x] Scripts:
- Setup experience >
- [x] Install software > Select software modal
- [x] OS Settings >
- [x] Custom settings
- [x] Disk encryption
- [x] OS Updates
2/18/25, added to this PR:
- [x] Controls > Setup experience > Run script
- [x] Software >
- [x] Manage automations modal
- [x] Add software >
- [x] App Store (VPP)
- [x] Custom package
- [x] Queries
- [x] Manage
- [x] Automations modal
- [x] New
- [x] Edit
- [x] Policies
- [x] Manage
- [x] New
- [x] Edit
- Manage automations
- [x] Calendar events
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-02-20 16:41:07 +00:00
|
|
|
import React, { useState, useEffect, useContext } from "react";
|
2022-04-11 19:04:41 +00:00
|
|
|
import { useQuery } from "react-query";
|
2026-01-26 14:36:19 +00:00
|
|
|
import { InjectedRouter } from "react-router";
|
Allow users of Fleet in Primo mode to access Software automations and Failing policy ticket & webhook automations (#30865)
## For #30749, #31013
This PR implements changes to the UI and back end to accommodate
Software automations and Failing policy Ticket and Webhook automations
when Fleet is in Primo mode. Follow-up to
https://github.com/fleetdm/fleet/pull/30291
### Software automations
- When on the `/software` page and in Primo mode, the UI is, under the
hood, on "No team," though any reference to "team"s is hidden as much as
possible. In "normal" Fleet, Software automations can only be accessed
when on "All teams." This PR implements a special case in Primo mode:
when on No team and Primo mode is enabled, the user can now access the
"Software automations" modal to configure automation settings, which are
global.
- Simplified some conditions
- Moved logic living in the parent Software page that was specific to
the `SoftwareAutomations` modal into the modal for better encapsulation.
### Policy automations
The calendar, software, and scripts failing policy automations are
currently only configurable on a team (including No team) and not for
All teams. Ticket and webhook automations, accessible via the "Other
workflows" modal, by contrast, are only configurable for All teams and
teams other than No team, but not for No team. This PR updates the
Policies page, when in Primo mode (and therefore forced to be on "No
team") to:
- Continue providing "No team" data to the first 3 mentioned policy
automations modals.
- Include an enabled Other workflows option in the automations dropdown
- Update the submission handler of the Other workflows modal to update
the relevant _global_ config values
- The backend is updated to recognize this case (Failing policy webhook
/ ticket destination, policy on No team, in Primo mode) and handle it
using the global config, making the above logic sound
_Product should consider if any of these changes should be implemented
for "normal" Fleet_
### Listing and deleting policies
- Primo mode presents a pseudo-team-less UX. However, it is still
possible for earlier clients to have policies on "All teams." This
implements the ability to both see and delete "teamless" (No team under
the hood) policies and any such inherited global policies
### Other UI considerations
- Remove teams-related functionality in a couple more places - see
#31013
### Demos
- [Deleting policies, including any potentially inherited from All teams
(possible from before Primo
mode)](https://drive.google.com/file/d/1ZI4MNM3bkiOtD5MInAU32htQw8kDEupK/view?usp=drive_link)
- [x] Changes file added for user-visible changes in `changes/
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-07-17 22:53:31 +00:00
|
|
|
import { isEmpty, omit } from "lodash";
|
|
|
|
|
|
|
|
|
|
import useDeepEffect from "hooks/useDeepEffect";
|
|
|
|
|
|
2022-04-11 19:04:41 +00:00
|
|
|
import PATHS from "router/paths";
|
Allow users of Fleet in Primo mode to access Software automations and Failing policy ticket & webhook automations (#30865)
## For #30749, #31013
This PR implements changes to the UI and back end to accommodate
Software automations and Failing policy Ticket and Webhook automations
when Fleet is in Primo mode. Follow-up to
https://github.com/fleetdm/fleet/pull/30291
### Software automations
- When on the `/software` page and in Primo mode, the UI is, under the
hood, on "No team," though any reference to "team"s is hidden as much as
possible. In "normal" Fleet, Software automations can only be accessed
when on "All teams." This PR implements a special case in Primo mode:
when on No team and Primo mode is enabled, the user can now access the
"Software automations" modal to configure automation settings, which are
global.
- Simplified some conditions
- Moved logic living in the parent Software page that was specific to
the `SoftwareAutomations` modal into the modal for better encapsulation.
### Policy automations
The calendar, software, and scripts failing policy automations are
currently only configurable on a team (including No team) and not for
All teams. Ticket and webhook automations, accessible via the "Other
workflows" modal, by contrast, are only configurable for All teams and
teams other than No team, but not for No team. This PR updates the
Policies page, when in Primo mode (and therefore forced to be on "No
team") to:
- Continue providing "No team" data to the first 3 mentioned policy
automations modals.
- Include an enabled Other workflows option in the automations dropdown
- Update the submission handler of the Other workflows modal to update
the relevant _global_ config values
- The backend is updated to recognize this case (Failing policy webhook
/ ticket destination, policy on No team, in Primo mode) and handle it
using the global config, making the above logic sound
_Product should consider if any of these changes should be implemented
for "normal" Fleet_
### Listing and deleting policies
- Primo mode presents a pseudo-team-less UX. However, it is still
possible for earlier clients to have policies on "All teams." This
implements the ability to both see and delete "teamless" (No team under
the hood) policies and any such inherited global policies
### Other UI considerations
- Remove teams-related functionality in a couple more places - see
#31013
### Demos
- [Deleting policies, including any potentially inherited from All teams
(possible from before Primo
mode)](https://drive.google.com/file/d/1ZI4MNM3bkiOtD5MInAU32htQw8kDEupK/view?usp=drive_link)
- [x] Changes file added for user-visible changes in `changes/
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-07-17 22:53:31 +00:00
|
|
|
|
UI - GitOps Mode: Core abstractions, first batch of applications (#26401)
## For #26229 – Part 1
- This PR contains the core abstractions, routes, API updates, and types
for GitOps mode in the UI. Since this work will touch essentially every
part of the Fleet UI, it is ripe for merge conflicts. To mitigate such
conflicts, I'll be merging this work in a number of iterative PRs. ~To
effectively gate any of this work from showing until it is all merged to
`main`, [this commit](feedbb2d4c25ec2e304e1f18d409cee62f6752ed) hides
the settings section that allows enabling/disabling this setting,
effectively feature flagging the entire thing. In the last of these
iterative PRs, that commit will be reverted to engage the entire
feature. For testing purposes, reviewers can `git revert
feedbb2d4c25ec2e304e1f18d409cee62f6752ed` locally~ The new settings
section for this feature is feature flagged until all PRs are merged -
to show the setting section while testing, run `ALLOW_GITOPS_MODE=true
NODE_ENV=development yarn run webpack --progress --watch` in place of
`make generate-dev`
- Changes file will be added and feature flag removed in the last PR
- [x] Settings page with routing, form, API integration (hidden until
last PR)
- [x] Activities
- [x] Navbar indicator
- Apply GOM conditional UI to:
- [x] Manage enroll secret modal: .5
- Controls >
- [x] Scripts:
- Setup experience >
- [x] Install software > Select software modal
- [x] OS Settings >
- [x] Custom settings
- [x] Disk encryption
- [x] OS Updates
2/18/25, added to this PR:
- [x] Controls > Setup experience > Run script
- [x] Software >
- [x] Manage automations modal
- [x] Add software >
- [x] App Store (VPP)
- [x] Custom package
- [x] Queries
- [x] Manage
- [x] Automations modal
- [x] New
- [x] Edit
- [x] Policies
- [x] Manage
- [x] New
- [x] Edit
- Manage automations
- [x] Calendar events
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-02-20 16:41:07 +00:00
|
|
|
import { AppContext } from "context/app";
|
2022-04-11 19:04:41 +00:00
|
|
|
|
Allow users of Fleet in Primo mode to access Software automations and Failing policy ticket & webhook automations (#30865)
## For #30749, #31013
This PR implements changes to the UI and back end to accommodate
Software automations and Failing policy Ticket and Webhook automations
when Fleet is in Primo mode. Follow-up to
https://github.com/fleetdm/fleet/pull/30291
### Software automations
- When on the `/software` page and in Primo mode, the UI is, under the
hood, on "No team," though any reference to "team"s is hidden as much as
possible. In "normal" Fleet, Software automations can only be accessed
when on "All teams." This PR implements a special case in Primo mode:
when on No team and Primo mode is enabled, the user can now access the
"Software automations" modal to configure automation settings, which are
global.
- Simplified some conditions
- Moved logic living in the parent Software page that was specific to
the `SoftwareAutomations` modal into the modal for better encapsulation.
### Policy automations
The calendar, software, and scripts failing policy automations are
currently only configurable on a team (including No team) and not for
All teams. Ticket and webhook automations, accessible via the "Other
workflows" modal, by contrast, are only configurable for All teams and
teams other than No team, but not for No team. This PR updates the
Policies page, when in Primo mode (and therefore forced to be on "No
team") to:
- Continue providing "No team" data to the first 3 mentioned policy
automations modals.
- Include an enabled Other workflows option in the automations dropdown
- Update the submission handler of the Other workflows modal to update
the relevant _global_ config values
- The backend is updated to recognize this case (Failing policy webhook
/ ticket destination, policy on No team, in Primo mode) and handle it
using the global config, making the above logic sound
_Product should consider if any of these changes should be implemented
for "normal" Fleet_
### Listing and deleting policies
- Primo mode presents a pseudo-team-less UX. However, it is still
possible for earlier clients to have policies on "All teams." This
implements the ability to both see and delete "teamless" (No team under
the hood) policies and any such inherited global policies
### Other UI considerations
- Remove teams-related functionality in a couple more places - see
#31013
### Demos
- [Deleting policies, including any potentially inherited from All teams
(possible from before Primo
mode)](https://drive.google.com/file/d/1ZI4MNM3bkiOtD5MInAU32htQw8kDEupK/view?usp=drive_link)
- [x] Changes file added for user-visible changes in `changes/
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-07-17 22:53:31 +00:00
|
|
|
import configAPI from "services/entities/config";
|
|
|
|
|
|
|
|
|
|
import { SUPPORT_LINK } from "utilities/constants";
|
|
|
|
|
|
2022-04-11 19:04:41 +00:00
|
|
|
import {
|
|
|
|
|
IJiraIntegration,
|
2022-05-11 02:33:30 +00:00
|
|
|
IZendeskIntegration,
|
|
|
|
|
IIntegration,
|
2024-03-21 20:22:47 +00:00
|
|
|
IGlobalIntegrations,
|
2022-10-14 19:26:15 +00:00
|
|
|
IIntegrationType,
|
2022-04-11 19:04:41 +00:00
|
|
|
} from "interfaces/integration";
|
2022-10-19 19:00:39 +00:00
|
|
|
import {
|
|
|
|
|
IConfig,
|
|
|
|
|
CONFIG_DEFAULT_RECENT_VULNERABILITY_MAX_AGE_IN_DAYS,
|
|
|
|
|
} from "interfaces/config";
|
Allow users of Fleet in Primo mode to access Software automations and Failing policy ticket & webhook automations (#30865)
## For #30749, #31013
This PR implements changes to the UI and back end to accommodate
Software automations and Failing policy Ticket and Webhook automations
when Fleet is in Primo mode. Follow-up to
https://github.com/fleetdm/fleet/pull/30291
### Software automations
- When on the `/software` page and in Primo mode, the UI is, under the
hood, on "No team," though any reference to "team"s is hidden as much as
possible. In "normal" Fleet, Software automations can only be accessed
when on "All teams." This PR implements a special case in Primo mode:
when on No team and Primo mode is enabled, the user can now access the
"Software automations" modal to configure automation settings, which are
global.
- Simplified some conditions
- Moved logic living in the parent Software page that was specific to
the `SoftwareAutomations` modal into the modal for better encapsulation.
### Policy automations
The calendar, software, and scripts failing policy automations are
currently only configurable on a team (including No team) and not for
All teams. Ticket and webhook automations, accessible via the "Other
workflows" modal, by contrast, are only configurable for All teams and
teams other than No team, but not for No team. This PR updates the
Policies page, when in Primo mode (and therefore forced to be on "No
team") to:
- Continue providing "No team" data to the first 3 mentioned policy
automations modals.
- Include an enabled Other workflows option in the automations dropdown
- Update the submission handler of the Other workflows modal to update
the relevant _global_ config values
- The backend is updated to recognize this case (Failing policy webhook
/ ticket destination, policy on No team, in Primo mode) and handle it
using the global config, making the above logic sound
_Product should consider if any of these changes should be implemented
for "normal" Fleet_
### Listing and deleting policies
- Primo mode presents a pseudo-team-less UX. However, it is still
possible for earlier clients to have policies on "All teams." This
implements the ability to both see and delete "teamless" (No team under
the hood) policies and any such inherited global policies
### Other UI considerations
- Remove teams-related functionality in a couple more places - see
#31013
### Demos
- [Deleting policies, including any potentially inherited from All teams
(possible from before Primo
mode)](https://drive.google.com/file/d/1ZI4MNM3bkiOtD5MInAU32htQw8kDEupK/view?usp=drive_link)
- [x] Changes file added for user-visible changes in `changes/
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-07-17 22:53:31 +00:00
|
|
|
import { ITeamConfig } from "interfaces/team";
|
|
|
|
|
import { IWebhookSoftwareVulnerabilities } from "interfaces/webhook";
|
2022-04-11 19:04:41 +00:00
|
|
|
|
|
|
|
|
// @ts-ignore
|
|
|
|
|
import Dropdown from "components/forms/fields/Dropdown";
|
2022-02-05 00:48:35 +00:00
|
|
|
import Modal from "components/Modal";
|
|
|
|
|
import Button from "components/buttons/Button";
|
2022-03-11 17:56:14 +00:00
|
|
|
import Slider from "components/forms/fields/Slider";
|
2022-04-11 19:04:41 +00:00
|
|
|
import Radio from "components/forms/fields/Radio";
|
2022-02-05 00:48:35 +00:00
|
|
|
// @ts-ignore
|
|
|
|
|
import InputField from "components/forms/fields/InputField";
|
2024-01-25 18:03:44 +00:00
|
|
|
import CustomLink from "components/CustomLink";
|
2023-02-22 14:05:38 +00:00
|
|
|
import validUrl from "components/forms/validators/valid_url";
|
UI - GitOps Mode: Core abstractions, first batch of applications (#26401)
## For #26229 – Part 1
- This PR contains the core abstractions, routes, API updates, and types
for GitOps mode in the UI. Since this work will touch essentially every
part of the Fleet UI, it is ripe for merge conflicts. To mitigate such
conflicts, I'll be merging this work in a number of iterative PRs. ~To
effectively gate any of this work from showing until it is all merged to
`main`, [this commit](feedbb2d4c25ec2e304e1f18d409cee62f6752ed) hides
the settings section that allows enabling/disabling this setting,
effectively feature flagging the entire thing. In the last of these
iterative PRs, that commit will be reverted to engage the entire
feature. For testing purposes, reviewers can `git revert
feedbb2d4c25ec2e304e1f18d409cee62f6752ed` locally~ The new settings
section for this feature is feature flagged until all PRs are merged -
to show the setting section while testing, run `ALLOW_GITOPS_MODE=true
NODE_ENV=development yarn run webpack --progress --watch` in place of
`make generate-dev`
- Changes file will be added and feature flag removed in the last PR
- [x] Settings page with routing, form, API integration (hidden until
last PR)
- [x] Activities
- [x] Navbar indicator
- Apply GOM conditional UI to:
- [x] Manage enroll secret modal: .5
- Controls >
- [x] Scripts:
- Setup experience >
- [x] Install software > Select software modal
- [x] OS Settings >
- [x] Custom settings
- [x] Disk encryption
- [x] OS Updates
2/18/25, added to this PR:
- [x] Controls > Setup experience > Run script
- [x] Software >
- [x] Manage automations modal
- [x] Add software >
- [x] App Store (VPP)
- [x] Custom package
- [x] Queries
- [x] Manage
- [x] Automations modal
- [x] New
- [x] Edit
- [x] Policies
- [x] Manage
- [x] New
- [x] Edit
- Manage automations
- [x] Calendar events
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-02-20 16:41:07 +00:00
|
|
|
import TooltipWrapper from "components/TooltipWrapper";
|
|
|
|
|
import GitOpsModeTooltipWrapper from "components/GitOpsModeTooltipWrapper";
|
2022-02-05 00:48:35 +00:00
|
|
|
|
|
|
|
|
import PreviewPayloadModal from "../PreviewPayloadModal";
|
2022-10-14 19:26:15 +00:00
|
|
|
import PreviewTicketModal from "../PreviewTicketModal";
|
2022-02-05 00:48:35 +00:00
|
|
|
|
Allow users of Fleet in Primo mode to access Software automations and Failing policy ticket & webhook automations (#30865)
## For #30749, #31013
This PR implements changes to the UI and back end to accommodate
Software automations and Failing policy Ticket and Webhook automations
when Fleet is in Primo mode. Follow-up to
https://github.com/fleetdm/fleet/pull/30291
### Software automations
- When on the `/software` page and in Primo mode, the UI is, under the
hood, on "No team," though any reference to "team"s is hidden as much as
possible. In "normal" Fleet, Software automations can only be accessed
when on "All teams." This PR implements a special case in Primo mode:
when on No team and Primo mode is enabled, the user can now access the
"Software automations" modal to configure automation settings, which are
global.
- Simplified some conditions
- Moved logic living in the parent Software page that was specific to
the `SoftwareAutomations` modal into the modal for better encapsulation.
### Policy automations
The calendar, software, and scripts failing policy automations are
currently only configurable on a team (including No team) and not for
All teams. Ticket and webhook automations, accessible via the "Other
workflows" modal, by contrast, are only configurable for All teams and
teams other than No team, but not for No team. This PR updates the
Policies page, when in Primo mode (and therefore forced to be on "No
team") to:
- Continue providing "No team" data to the first 3 mentioned policy
automations modals.
- Include an enabled Other workflows option in the automations dropdown
- Update the submission handler of the Other workflows modal to update
the relevant _global_ config values
- The backend is updated to recognize this case (Failing policy webhook
/ ticket destination, policy on No team, in Primo mode) and handle it
using the global config, making the above logic sound
_Product should consider if any of these changes should be implemented
for "normal" Fleet_
### Listing and deleting policies
- Primo mode presents a pseudo-team-less UX. However, it is still
possible for earlier clients to have policies on "All teams." This
implements the ability to both see and delete "teamless" (No team under
the hood) policies and any such inherited global policies
### Other UI considerations
- Remove teams-related functionality in a couple more places - see
#31013
### Demos
- [Deleting policies, including any potentially inherited from All teams
(possible from before Primo
mode)](https://drive.google.com/file/d/1ZI4MNM3bkiOtD5MInAU32htQw8kDEupK/view?usp=drive_link)
- [x] Changes file added for user-visible changes in `changes/
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-07-17 22:53:31 +00:00
|
|
|
export const isGlobalSWConfig = (
|
|
|
|
|
config: IConfig | ITeamConfig
|
|
|
|
|
): config is IConfig => "vulnerabilities" in config;
|
|
|
|
|
|
2022-04-11 19:04:41 +00:00
|
|
|
interface ISoftwareAutomations {
|
|
|
|
|
webhook_settings: {
|
|
|
|
|
vulnerabilities_webhook: IWebhookSoftwareVulnerabilities;
|
|
|
|
|
};
|
|
|
|
|
integrations: {
|
|
|
|
|
jira: IJiraIntegration[];
|
2022-05-11 02:33:30 +00:00
|
|
|
zendesk: IZendeskIntegration[];
|
2022-04-11 19:04:41 +00:00
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2024-01-18 15:48:44 +00:00
|
|
|
interface IManageSoftwareAutomationsModalProps {
|
2026-01-26 14:36:19 +00:00
|
|
|
router: InjectedRouter;
|
2022-02-05 00:48:35 +00:00
|
|
|
onCancel: () => void;
|
2022-04-11 19:04:41 +00:00
|
|
|
onCreateWebhookSubmit: (formData: ISoftwareAutomations) => void;
|
2022-02-05 00:48:35 +00:00
|
|
|
togglePreviewPayloadModal: () => void;
|
2022-10-14 19:26:15 +00:00
|
|
|
togglePreviewTicketModal: () => void;
|
2022-02-05 00:48:35 +00:00
|
|
|
showPreviewPayloadModal: boolean;
|
2022-10-14 19:26:15 +00:00
|
|
|
showPreviewTicketModal: boolean;
|
Allow users of Fleet in Primo mode to access Software automations and Failing policy ticket & webhook automations (#30865)
## For #30749, #31013
This PR implements changes to the UI and back end to accommodate
Software automations and Failing policy Ticket and Webhook automations
when Fleet is in Primo mode. Follow-up to
https://github.com/fleetdm/fleet/pull/30291
### Software automations
- When on the `/software` page and in Primo mode, the UI is, under the
hood, on "No team," though any reference to "team"s is hidden as much as
possible. In "normal" Fleet, Software automations can only be accessed
when on "All teams." This PR implements a special case in Primo mode:
when on No team and Primo mode is enabled, the user can now access the
"Software automations" modal to configure automation settings, which are
global.
- Simplified some conditions
- Moved logic living in the parent Software page that was specific to
the `SoftwareAutomations` modal into the modal for better encapsulation.
### Policy automations
The calendar, software, and scripts failing policy automations are
currently only configurable on a team (including No team) and not for
All teams. Ticket and webhook automations, accessible via the "Other
workflows" modal, by contrast, are only configurable for All teams and
teams other than No team, but not for No team. This PR updates the
Policies page, when in Primo mode (and therefore forced to be on "No
team") to:
- Continue providing "No team" data to the first 3 mentioned policy
automations modals.
- Include an enabled Other workflows option in the automations dropdown
- Update the submission handler of the Other workflows modal to update
the relevant _global_ config values
- The backend is updated to recognize this case (Failing policy webhook
/ ticket destination, policy on No team, in Primo mode) and handle it
using the global config, making the above logic sound
_Product should consider if any of these changes should be implemented
for "normal" Fleet_
### Listing and deleting policies
- Primo mode presents a pseudo-team-less UX. However, it is still
possible for earlier clients to have policies on "All teams." This
implements the ability to both see and delete "teamless" (No team under
the hood) policies and any such inherited global policies
### Other UI considerations
- Remove teams-related functionality in a couple more places - see
#31013
### Demos
- [Deleting policies, including any potentially inherited from All teams
(possible from before Primo
mode)](https://drive.google.com/file/d/1ZI4MNM3bkiOtD5MInAU32htQw8kDEupK/view?usp=drive_link)
- [x] Changes file added for user-visible changes in `changes/
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-07-17 22:53:31 +00:00
|
|
|
softwareConfig: IConfig | ITeamConfig;
|
2022-02-05 00:48:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const validateWebhookURL = (url: string) => {
|
|
|
|
|
const errors: { [key: string]: string } = {};
|
|
|
|
|
|
2023-02-22 14:05:38 +00:00
|
|
|
if (!url) {
|
2022-03-03 17:20:49 +00:00
|
|
|
errors.url = "Please add a destination URL";
|
2023-02-22 14:05:38 +00:00
|
|
|
} else if (!validUrl({ url })) {
|
2026-02-05 14:17:38 +00:00
|
|
|
errors.url = "Destination URL is not a valid URL";
|
2023-02-22 14:05:38 +00:00
|
|
|
} else {
|
|
|
|
|
delete errors.url;
|
2022-02-05 00:48:35 +00:00
|
|
|
}
|
|
|
|
|
|
2023-05-23 23:00:45 +00:00
|
|
|
return { valid: isEmpty(errors), errors };
|
2022-02-05 00:48:35 +00:00
|
|
|
};
|
|
|
|
|
|
2024-01-18 15:48:44 +00:00
|
|
|
const baseClass = "manage-software-automations-modal";
|
2022-02-05 00:48:35 +00:00
|
|
|
|
|
|
|
|
const ManageAutomationsModal = ({
|
2026-01-26 14:36:19 +00:00
|
|
|
router,
|
2022-02-05 00:48:35 +00:00
|
|
|
onCancel: onReturnToApp,
|
|
|
|
|
onCreateWebhookSubmit,
|
|
|
|
|
togglePreviewPayloadModal,
|
2022-10-14 19:26:15 +00:00
|
|
|
togglePreviewTicketModal,
|
2022-02-05 00:48:35 +00:00
|
|
|
showPreviewPayloadModal,
|
2022-10-14 19:26:15 +00:00
|
|
|
showPreviewTicketModal,
|
Allow users of Fleet in Primo mode to access Software automations and Failing policy ticket & webhook automations (#30865)
## For #30749, #31013
This PR implements changes to the UI and back end to accommodate
Software automations and Failing policy Ticket and Webhook automations
when Fleet is in Primo mode. Follow-up to
https://github.com/fleetdm/fleet/pull/30291
### Software automations
- When on the `/software` page and in Primo mode, the UI is, under the
hood, on "No team," though any reference to "team"s is hidden as much as
possible. In "normal" Fleet, Software automations can only be accessed
when on "All teams." This PR implements a special case in Primo mode:
when on No team and Primo mode is enabled, the user can now access the
"Software automations" modal to configure automation settings, which are
global.
- Simplified some conditions
- Moved logic living in the parent Software page that was specific to
the `SoftwareAutomations` modal into the modal for better encapsulation.
### Policy automations
The calendar, software, and scripts failing policy automations are
currently only configurable on a team (including No team) and not for
All teams. Ticket and webhook automations, accessible via the "Other
workflows" modal, by contrast, are only configurable for All teams and
teams other than No team, but not for No team. This PR updates the
Policies page, when in Primo mode (and therefore forced to be on "No
team") to:
- Continue providing "No team" data to the first 3 mentioned policy
automations modals.
- Include an enabled Other workflows option in the automations dropdown
- Update the submission handler of the Other workflows modal to update
the relevant _global_ config values
- The backend is updated to recognize this case (Failing policy webhook
/ ticket destination, policy on No team, in Primo mode) and handle it
using the global config, making the above logic sound
_Product should consider if any of these changes should be implemented
for "normal" Fleet_
### Listing and deleting policies
- Primo mode presents a pseudo-team-less UX. However, it is still
possible for earlier clients to have policies on "All teams." This
implements the ability to both see and delete "teamless" (No team under
the hood) policies and any such inherited global policies
### Other UI considerations
- Remove teams-related functionality in a couple more places - see
#31013
### Demos
- [Deleting policies, including any potentially inherited from All teams
(possible from before Primo
mode)](https://drive.google.com/file/d/1ZI4MNM3bkiOtD5MInAU32htQw8kDEupK/view?usp=drive_link)
- [x] Changes file added for user-visible changes in `changes/
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-07-17 22:53:31 +00:00
|
|
|
softwareConfig,
|
2024-01-18 15:48:44 +00:00
|
|
|
}: IManageSoftwareAutomationsModalProps): JSX.Element => {
|
Allow users of Fleet in Primo mode to access Software automations and Failing policy ticket & webhook automations (#30865)
## For #30749, #31013
This PR implements changes to the UI and back end to accommodate
Software automations and Failing policy Ticket and Webhook automations
when Fleet is in Primo mode. Follow-up to
https://github.com/fleetdm/fleet/pull/30291
### Software automations
- When on the `/software` page and in Primo mode, the UI is, under the
hood, on "No team," though any reference to "team"s is hidden as much as
possible. In "normal" Fleet, Software automations can only be accessed
when on "All teams." This PR implements a special case in Primo mode:
when on No team and Primo mode is enabled, the user can now access the
"Software automations" modal to configure automation settings, which are
global.
- Simplified some conditions
- Moved logic living in the parent Software page that was specific to
the `SoftwareAutomations` modal into the modal for better encapsulation.
### Policy automations
The calendar, software, and scripts failing policy automations are
currently only configurable on a team (including No team) and not for
All teams. Ticket and webhook automations, accessible via the "Other
workflows" modal, by contrast, are only configurable for All teams and
teams other than No team, but not for No team. This PR updates the
Policies page, when in Primo mode (and therefore forced to be on "No
team") to:
- Continue providing "No team" data to the first 3 mentioned policy
automations modals.
- Include an enabled Other workflows option in the automations dropdown
- Update the submission handler of the Other workflows modal to update
the relevant _global_ config values
- The backend is updated to recognize this case (Failing policy webhook
/ ticket destination, policy on No team, in Primo mode) and handle it
using the global config, making the above logic sound
_Product should consider if any of these changes should be implemented
for "normal" Fleet_
### Listing and deleting policies
- Primo mode presents a pseudo-team-less UX. However, it is still
possible for earlier clients to have policies on "All teams." This
implements the ability to both see and delete "teamless" (No team under
the hood) policies and any such inherited global policies
### Other UI considerations
- Remove teams-related functionality in a couple more places - see
#31013
### Demos
- [Deleting policies, including any potentially inherited from All teams
(possible from before Primo
mode)](https://drive.google.com/file/d/1ZI4MNM3bkiOtD5MInAU32htQw8kDEupK/view?usp=drive_link)
- [x] Changes file added for user-visible changes in `changes/
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-07-17 22:53:31 +00:00
|
|
|
const vulnWebhookSettings =
|
|
|
|
|
softwareConfig?.webhook_settings?.vulnerabilities_webhook;
|
|
|
|
|
const softwareVulnerabilityWebhookEnabled = !!vulnWebhookSettings?.enable_vulnerabilities_webhook;
|
|
|
|
|
const currentDestinationUrl = vulnWebhookSettings?.destination_url || "";
|
|
|
|
|
const isVulnIntegrationEnabled =
|
|
|
|
|
!!softwareConfig?.integrations.jira?.some(
|
|
|
|
|
(j) => j.enable_software_vulnerabilities
|
|
|
|
|
) ||
|
|
|
|
|
!!softwareConfig?.integrations.zendesk?.some(
|
|
|
|
|
(z) => z.enable_software_vulnerabilities
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
const softwareVulnerabilityAutomationEnabled =
|
|
|
|
|
softwareVulnerabilityWebhookEnabled || isVulnIntegrationEnabled;
|
|
|
|
|
|
2022-09-01 15:28:02 +00:00
|
|
|
const [destinationUrl, setDestinationUrl] = useState(
|
2022-02-05 00:48:35 +00:00
|
|
|
currentDestinationUrl || ""
|
|
|
|
|
);
|
|
|
|
|
const [errors, setErrors] = useState<{ [key: string]: string }>({});
|
2022-09-01 15:28:02 +00:00
|
|
|
const [softwareAutomationsEnabled, setSoftwareAutomationsEnabled] = useState(
|
|
|
|
|
softwareVulnerabilityAutomationEnabled || false
|
|
|
|
|
);
|
|
|
|
|
const [integrationEnabled, setIntegrationEnabled] = useState(
|
2022-04-11 19:04:41 +00:00
|
|
|
!softwareVulnerabilityWebhookEnabled
|
|
|
|
|
);
|
2022-05-11 02:33:30 +00:00
|
|
|
const [jiraIntegrationsIndexed, setJiraIntegrationsIndexed] = useState<
|
|
|
|
|
IIntegration[]
|
|
|
|
|
>();
|
|
|
|
|
const [zendeskIntegrationsIndexed, setZendeskIntegrationsIndexed] = useState<
|
|
|
|
|
IIntegration[]
|
|
|
|
|
>();
|
|
|
|
|
const [allIntegrationsIndexed, setAllIntegrationsIndexed] = useState<
|
|
|
|
|
IIntegration[]
|
2022-04-11 19:04:41 +00:00
|
|
|
>();
|
|
|
|
|
const [
|
|
|
|
|
selectedIntegration,
|
|
|
|
|
setSelectedIntegration,
|
2022-05-11 02:33:30 +00:00
|
|
|
] = useState<IIntegration>();
|
|
|
|
|
|
Allow users of Fleet in Primo mode to access Software automations and Failing policy ticket & webhook automations (#30865)
## For #30749, #31013
This PR implements changes to the UI and back end to accommodate
Software automations and Failing policy Ticket and Webhook automations
when Fleet is in Primo mode. Follow-up to
https://github.com/fleetdm/fleet/pull/30291
### Software automations
- When on the `/software` page and in Primo mode, the UI is, under the
hood, on "No team," though any reference to "team"s is hidden as much as
possible. In "normal" Fleet, Software automations can only be accessed
when on "All teams." This PR implements a special case in Primo mode:
when on No team and Primo mode is enabled, the user can now access the
"Software automations" modal to configure automation settings, which are
global.
- Simplified some conditions
- Moved logic living in the parent Software page that was specific to
the `SoftwareAutomations` modal into the modal for better encapsulation.
### Policy automations
The calendar, software, and scripts failing policy automations are
currently only configurable on a team (including No team) and not for
All teams. Ticket and webhook automations, accessible via the "Other
workflows" modal, by contrast, are only configurable for All teams and
teams other than No team, but not for No team. This PR updates the
Policies page, when in Primo mode (and therefore forced to be on "No
team") to:
- Continue providing "No team" data to the first 3 mentioned policy
automations modals.
- Include an enabled Other workflows option in the automations dropdown
- Update the submission handler of the Other workflows modal to update
the relevant _global_ config values
- The backend is updated to recognize this case (Failing policy webhook
/ ticket destination, policy on No team, in Primo mode) and handle it
using the global config, making the above logic sound
_Product should consider if any of these changes should be implemented
for "normal" Fleet_
### Listing and deleting policies
- Primo mode presents a pseudo-team-less UX. However, it is still
possible for earlier clients to have policies on "All teams." This
implements the ability to both see and delete "teamless" (No team under
the hood) policies and any such inherited global policies
### Other UI considerations
- Remove teams-related functionality in a couple more places - see
#31013
### Demos
- [Deleting policies, including any potentially inherited from All teams
(possible from before Primo
mode)](https://drive.google.com/file/d/1ZI4MNM3bkiOtD5MInAU32htQw8kDEupK/view?usp=drive_link)
- [x] Changes file added for user-visible changes in `changes/
- [x] Added/updated automated tests
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-07-17 22:53:31 +00:00
|
|
|
const { config: globalConfigFromContext } = useContext(AppContext);
|
|
|
|
|
const gitOpsModeEnabled = globalConfigFromContext?.gitops.gitops_mode_enabled;
|
|
|
|
|
|
|
|
|
|
const maxAgeInNanoseconds = isGlobalSWConfig(softwareConfig)
|
|
|
|
|
? softwareConfig.vulnerabilities.recent_vulnerability_max_age
|
|
|
|
|
: globalConfigFromContext?.vulnerabilities.recent_vulnerability_max_age;
|
|
|
|
|
|
|
|
|
|
const recentVulnerabilityMaxAge = maxAgeInNanoseconds
|
|
|
|
|
? Math.round(maxAgeInNanoseconds / 86400000000000) // convert from nanoseconds to days
|
|
|
|
|
: CONFIG_DEFAULT_RECENT_VULNERABILITY_MAX_AGE_IN_DAYS;
|
UI - GitOps Mode: Core abstractions, first batch of applications (#26401)
## For #26229 – Part 1
- This PR contains the core abstractions, routes, API updates, and types
for GitOps mode in the UI. Since this work will touch essentially every
part of the Fleet UI, it is ripe for merge conflicts. To mitigate such
conflicts, I'll be merging this work in a number of iterative PRs. ~To
effectively gate any of this work from showing until it is all merged to
`main`, [this commit](feedbb2d4c25ec2e304e1f18d409cee62f6752ed) hides
the settings section that allows enabling/disabling this setting,
effectively feature flagging the entire thing. In the last of these
iterative PRs, that commit will be reverted to engage the entire
feature. For testing purposes, reviewers can `git revert
feedbb2d4c25ec2e304e1f18d409cee62f6752ed` locally~ The new settings
section for this feature is feature flagged until all PRs are merged -
to show the setting section while testing, run `ALLOW_GITOPS_MODE=true
NODE_ENV=development yarn run webpack --progress --watch` in place of
`make generate-dev`
- Changes file will be added and feature flag removed in the last PR
- [x] Settings page with routing, form, API integration (hidden until
last PR)
- [x] Activities
- [x] Navbar indicator
- Apply GOM conditional UI to:
- [x] Manage enroll secret modal: .5
- Controls >
- [x] Scripts:
- Setup experience >
- [x] Install software > Select software modal
- [x] OS Settings >
- [x] Custom settings
- [x] Disk encryption
- [x] OS Updates
2/18/25, added to this PR:
- [x] Controls > Setup experience > Run script
- [x] Software >
- [x] Manage automations modal
- [x] Add software >
- [x] App Store (VPP)
- [x] Custom package
- [x] Queries
- [x] Manage
- [x] Automations modal
- [x] New
- [x] Edit
- [x] Policies
- [x] Manage
- [x] New
- [x] Edit
- Manage automations
- [x] Calendar events
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-02-20 16:41:07 +00:00
|
|
|
|
2022-04-15 17:41:05 +00:00
|
|
|
useDeepEffect(() => {
|
|
|
|
|
setSoftwareAutomationsEnabled(
|
|
|
|
|
softwareVulnerabilityAutomationEnabled || false
|
|
|
|
|
);
|
|
|
|
|
}, [softwareVulnerabilityAutomationEnabled]);
|
2022-02-05 00:48:35 +00:00
|
|
|
|
|
|
|
|
useDeepEffect(() => {
|
2022-04-13 22:23:09 +00:00
|
|
|
if (destinationUrl) {
|
2022-02-05 00:48:35 +00:00
|
|
|
setErrors({});
|
|
|
|
|
}
|
2022-04-13 22:23:09 +00:00
|
|
|
}, [destinationUrl]);
|
2022-02-05 00:48:35 +00:00
|
|
|
|
2024-03-21 20:22:47 +00:00
|
|
|
const { data: integrations } = useQuery<IConfig, Error, IGlobalIntegrations>(
|
2022-04-11 19:04:41 +00:00
|
|
|
["integrations"],
|
|
|
|
|
() => configAPI.loadAll(),
|
|
|
|
|
{
|
|
|
|
|
select: (data: IConfig) => {
|
2022-05-11 02:33:30 +00:00
|
|
|
return data.integrations;
|
2022-04-11 19:04:41 +00:00
|
|
|
},
|
|
|
|
|
onSuccess: (data) => {
|
2022-05-11 02:33:30 +00:00
|
|
|
// Set jira and zendesk integrations
|
|
|
|
|
const addJiraIndexed = data.jira
|
|
|
|
|
? data.jira.map((integration, index) => {
|
2022-10-14 19:26:15 +00:00
|
|
|
return {
|
|
|
|
|
...integration,
|
|
|
|
|
originalIndex: index,
|
|
|
|
|
type: "jira" as IIntegrationType,
|
|
|
|
|
};
|
2022-05-11 02:33:30 +00:00
|
|
|
})
|
|
|
|
|
: [];
|
|
|
|
|
setJiraIntegrationsIndexed(addJiraIndexed);
|
|
|
|
|
const addZendeskIndexed = data.zendesk
|
|
|
|
|
? data.zendesk.map((integration, index) => {
|
|
|
|
|
return {
|
|
|
|
|
...integration,
|
|
|
|
|
originalIndex: index,
|
2022-10-14 19:26:15 +00:00
|
|
|
type: "zendesk" as IIntegrationType,
|
2022-05-11 02:33:30 +00:00
|
|
|
};
|
|
|
|
|
})
|
|
|
|
|
: [];
|
|
|
|
|
setZendeskIntegrationsIndexed(addZendeskIndexed);
|
2022-04-11 19:04:41 +00:00
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
|
2022-05-11 02:33:30 +00:00
|
|
|
useEffect(() => {
|
|
|
|
|
if (jiraIntegrationsIndexed && zendeskIntegrationsIndexed) {
|
|
|
|
|
const combineDataSets = jiraIntegrationsIndexed.concat(
|
|
|
|
|
zendeskIntegrationsIndexed
|
|
|
|
|
);
|
|
|
|
|
setAllIntegrationsIndexed(
|
|
|
|
|
combineDataSets?.map((integration, index) => {
|
|
|
|
|
return { ...integration, dropdownIndex: index };
|
|
|
|
|
})
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}, [
|
|
|
|
|
jiraIntegrationsIndexed,
|
|
|
|
|
zendeskIntegrationsIndexed,
|
|
|
|
|
setAllIntegrationsIndexed,
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
useEffect(() => {
|
|
|
|
|
if (allIntegrationsIndexed) {
|
|
|
|
|
const currentSelectedIntegration = allIntegrationsIndexed.find(
|
|
|
|
|
(integration) => {
|
|
|
|
|
return integration.enable_software_vulnerabilities === true;
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
setSelectedIntegration(currentSelectedIntegration);
|
|
|
|
|
}
|
|
|
|
|
}, [allIntegrationsIndexed]);
|
|
|
|
|
|
2026-01-26 14:36:19 +00:00
|
|
|
const onAddIntegration = () => {
|
|
|
|
|
router.push(PATHS.ADMIN_INTEGRATIONS);
|
|
|
|
|
};
|
|
|
|
|
|
2022-02-05 00:48:35 +00:00
|
|
|
const onURLChange = (value: string) => {
|
|
|
|
|
setDestinationUrl(value);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const handleSaveAutomation = (evt: React.MouseEvent<HTMLFormElement>) => {
|
|
|
|
|
evt.preventDefault();
|
|
|
|
|
|
2023-05-23 23:00:45 +00:00
|
|
|
const {
|
|
|
|
|
valid: validWebhookUrl,
|
|
|
|
|
errors: errorsWebhookUrl,
|
|
|
|
|
} = validateWebhookURL(destinationUrl);
|
|
|
|
|
if (!validWebhookUrl) {
|
|
|
|
|
setErrors((prevErrs) => ({ ...prevErrs, ...errorsWebhookUrl }));
|
|
|
|
|
} else {
|
|
|
|
|
setErrors((prevErrs) => omit(prevErrs, "url"));
|
|
|
|
|
}
|
2022-02-05 00:48:35 +00:00
|
|
|
|
2022-04-11 19:04:41 +00:00
|
|
|
// Original config keys for software automation (webhook_settings, integrations)
|
|
|
|
|
const configSoftwareAutomations: ISoftwareAutomations = {
|
|
|
|
|
webhook_settings: {
|
|
|
|
|
vulnerabilities_webhook: {
|
2023-05-23 23:00:45 +00:00
|
|
|
destination_url: validWebhookUrl
|
|
|
|
|
? destinationUrl
|
|
|
|
|
: currentDestinationUrl, // if new destination url is not valid, revert to current destination url
|
2022-04-11 19:04:41 +00:00
|
|
|
enable_vulnerabilities_webhook: softwareVulnerabilityWebhookEnabled,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
integrations: {
|
2022-05-11 02:33:30 +00:00
|
|
|
jira: integrations?.jira || [],
|
|
|
|
|
zendesk: integrations?.zendesk || [],
|
2022-04-11 19:04:41 +00:00
|
|
|
},
|
|
|
|
|
};
|
2022-02-05 00:48:35 +00:00
|
|
|
|
2023-05-23 23:00:45 +00:00
|
|
|
const readyForSubmission = (): boolean => {
|
2022-04-11 19:04:41 +00:00
|
|
|
if (!softwareAutomationsEnabled) {
|
2022-05-11 02:33:30 +00:00
|
|
|
// set enable_vulnerabilities_webhook
|
|
|
|
|
// jira.enable_software_vulnerabilities
|
|
|
|
|
// and zendesk.enable_software_vulnerabilities to false
|
2022-04-11 19:04:41 +00:00
|
|
|
configSoftwareAutomations.webhook_settings.vulnerabilities_webhook.enable_vulnerabilities_webhook = false;
|
|
|
|
|
const disableAllJira = configSoftwareAutomations.integrations.jira.map(
|
|
|
|
|
(integration) => {
|
|
|
|
|
return { ...integration, enable_software_vulnerabilities: false };
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
configSoftwareAutomations.integrations.jira = disableAllJira;
|
2022-05-11 02:33:30 +00:00
|
|
|
const disableAllZendesk = configSoftwareAutomations.integrations.zendesk.map(
|
|
|
|
|
(integration) => {
|
|
|
|
|
return {
|
|
|
|
|
...integration,
|
|
|
|
|
enable_software_vulnerabilities: false,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
configSoftwareAutomations.integrations.zendesk = disableAllZendesk;
|
2023-05-23 23:00:45 +00:00
|
|
|
return true;
|
2022-04-11 19:04:41 +00:00
|
|
|
}
|
2022-05-11 02:33:30 +00:00
|
|
|
if (!integrationEnabled) {
|
2023-05-23 23:00:45 +00:00
|
|
|
if (!isEmpty(errorsWebhookUrl)) {
|
|
|
|
|
return false;
|
2022-04-11 19:04:41 +00:00
|
|
|
}
|
2022-05-11 02:33:30 +00:00
|
|
|
// set enable_vulnerabilities_webhook to true
|
|
|
|
|
// all jira.enable_software_vulnerabilities to false
|
|
|
|
|
// all zendesk.enable_software_vulnerabilities to false
|
2022-04-11 19:04:41 +00:00
|
|
|
configSoftwareAutomations.webhook_settings.vulnerabilities_webhook.enable_vulnerabilities_webhook = true;
|
|
|
|
|
const disableAllJira = configSoftwareAutomations.integrations.jira.map(
|
|
|
|
|
(integration) => {
|
|
|
|
|
return {
|
|
|
|
|
...integration,
|
|
|
|
|
enable_software_vulnerabilities: false,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
configSoftwareAutomations.integrations.jira = disableAllJira;
|
2022-05-11 02:33:30 +00:00
|
|
|
const disableAllZendesk = configSoftwareAutomations.integrations.zendesk.map(
|
|
|
|
|
(integration) => {
|
|
|
|
|
return {
|
|
|
|
|
...integration,
|
|
|
|
|
enable_software_vulnerabilities: false,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
configSoftwareAutomations.integrations.zendesk = disableAllZendesk;
|
2023-05-23 23:00:45 +00:00
|
|
|
return true;
|
2022-04-11 19:04:41 +00:00
|
|
|
}
|
2022-05-11 02:33:30 +00:00
|
|
|
// set enable_vulnerabilities_webhook to false
|
|
|
|
|
// all jira.enable_software_vulnerabilities to false
|
|
|
|
|
// all zendesk.enable_software_vulnerabilities to false
|
|
|
|
|
// except the one integration selected
|
2022-04-11 19:04:41 +00:00
|
|
|
configSoftwareAutomations.webhook_settings.vulnerabilities_webhook.enable_vulnerabilities_webhook = false;
|
|
|
|
|
const enableSelectedJiraIntegrationOnly = configSoftwareAutomations.integrations.jira.map(
|
|
|
|
|
(integration, index) => {
|
|
|
|
|
return {
|
|
|
|
|
...integration,
|
|
|
|
|
enable_software_vulnerabilities:
|
2022-05-11 02:33:30 +00:00
|
|
|
selectedIntegration?.type === "jira"
|
|
|
|
|
? index === selectedIntegration?.originalIndex
|
|
|
|
|
: false,
|
2022-04-11 19:04:41 +00:00
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
configSoftwareAutomations.integrations.jira = enableSelectedJiraIntegrationOnly;
|
2022-05-11 02:33:30 +00:00
|
|
|
const enableSelectedZendeskIntegrationOnly = configSoftwareAutomations.integrations.zendesk.map(
|
|
|
|
|
(integration, index) => {
|
|
|
|
|
return {
|
|
|
|
|
...integration,
|
|
|
|
|
enable_software_vulnerabilities:
|
|
|
|
|
selectedIntegration?.type === "zendesk"
|
|
|
|
|
? index === selectedIntegration?.originalIndex
|
|
|
|
|
: false,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
configSoftwareAutomations.integrations.zendesk = enableSelectedZendeskIntegrationOnly;
|
2023-05-23 23:00:45 +00:00
|
|
|
return true;
|
2022-04-11 19:04:41 +00:00
|
|
|
};
|
|
|
|
|
|
2023-05-23 23:00:45 +00:00
|
|
|
if (!readyForSubmission()) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2022-04-11 19:04:41 +00:00
|
|
|
onCreateWebhookSubmit(configSoftwareAutomations);
|
|
|
|
|
onReturnToApp();
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const createIntegrationDropdownOptions = () => {
|
2022-05-11 02:33:30 +00:00
|
|
|
const integrationOptions = allIntegrationsIndexed?.map((i) => {
|
2022-04-11 19:04:41 +00:00
|
|
|
return {
|
2022-05-11 02:33:30 +00:00
|
|
|
value: String(i.dropdownIndex),
|
|
|
|
|
label: `${i.url} - ${i.project_key || i.group_id}`,
|
2022-04-11 19:04:41 +00:00
|
|
|
};
|
|
|
|
|
});
|
|
|
|
|
return integrationOptions;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const onChangeSelectIntegration = (selectIntegrationIndex: string) => {
|
|
|
|
|
const integrationWithIndex:
|
2022-05-11 02:33:30 +00:00
|
|
|
| IIntegration
|
|
|
|
|
| undefined = allIntegrationsIndexed?.find(
|
|
|
|
|
(integ: IIntegration) =>
|
|
|
|
|
integ.dropdownIndex === parseInt(selectIntegrationIndex, 10)
|
2022-04-11 19:04:41 +00:00
|
|
|
);
|
|
|
|
|
setSelectedIntegration(integrationWithIndex);
|
|
|
|
|
};
|
|
|
|
|
|
2022-05-11 02:33:30 +00:00
|
|
|
const onRadioChange = (
|
|
|
|
|
enableIntegration: boolean
|
|
|
|
|
): ((evt: string) => void) => {
|
2022-04-11 19:04:41 +00:00
|
|
|
return () => {
|
2022-05-11 02:33:30 +00:00
|
|
|
setIntegrationEnabled(enableIntegration);
|
2022-04-11 19:04:41 +00:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const renderTicket = () => {
|
|
|
|
|
return (
|
2024-01-18 15:48:44 +00:00
|
|
|
<>
|
2022-04-11 19:04:41 +00:00
|
|
|
<div className={`${baseClass}__software-automation-description`}>
|
2024-01-18 15:48:44 +00:00
|
|
|
A ticket will be created in your <b>Integration</b> if a detected
|
|
|
|
|
vulnerability (CVE) was published in the last{" "}
|
|
|
|
|
{recentVulnerabilityMaxAge ||
|
|
|
|
|
CONFIG_DEFAULT_RECENT_VULNERABILITY_MAX_AGE_IN_DAYS}{" "}
|
|
|
|
|
days.
|
2022-04-11 19:04:41 +00:00
|
|
|
</div>
|
2022-05-11 02:33:30 +00:00
|
|
|
{(jiraIntegrationsIndexed && jiraIntegrationsIndexed.length > 0) ||
|
|
|
|
|
(zendeskIntegrationsIndexed &&
|
|
|
|
|
zendeskIntegrationsIndexed.length > 0) ? (
|
2022-04-11 19:04:41 +00:00
|
|
|
<Dropdown
|
2025-02-21 20:22:08 +00:00
|
|
|
disabled={gitOpsModeEnabled}
|
2022-04-11 19:04:41 +00:00
|
|
|
searchable
|
|
|
|
|
options={createIntegrationDropdownOptions()}
|
|
|
|
|
onChange={onChangeSelectIntegration}
|
2024-02-23 14:57:18 +00:00
|
|
|
placeholder="Select integration"
|
2022-05-11 02:33:30 +00:00
|
|
|
value={selectedIntegration?.dropdownIndex}
|
2024-02-23 14:57:18 +00:00
|
|
|
label="Integration"
|
2022-04-11 19:04:41 +00:00
|
|
|
wrapperClassName={`${baseClass}__form-field ${baseClass}__form-field--frequency`}
|
2024-01-18 15:48:44 +00:00
|
|
|
helpText="For each new vulnerability detected, Fleet will create a ticket with a list of the affected hosts."
|
2022-04-11 19:04:41 +00:00
|
|
|
/>
|
|
|
|
|
) : (
|
2024-01-18 15:48:44 +00:00
|
|
|
<div className={`form-field ${baseClass}__no-integrations`}>
|
|
|
|
|
<div className="form-field__label">You have no integrations.</div>
|
2026-01-26 14:36:19 +00:00
|
|
|
<div>
|
|
|
|
|
<Button
|
|
|
|
|
onClick={onAddIntegration}
|
|
|
|
|
disabled={gitOpsModeEnabled || !softwareAutomationsEnabled} // Not keyboard accessible if modal is disabled
|
|
|
|
|
>
|
|
|
|
|
Add integration
|
|
|
|
|
</Button>
|
|
|
|
|
</div>
|
2022-04-11 19:04:41 +00:00
|
|
|
</div>
|
|
|
|
|
)}
|
2022-10-14 19:26:15 +00:00
|
|
|
{!!selectedIntegration && (
|
|
|
|
|
<Button
|
|
|
|
|
type="button"
|
2025-09-29 17:10:41 +00:00
|
|
|
variant="inverse"
|
2022-10-14 19:26:15 +00:00
|
|
|
onClick={togglePreviewTicketModal}
|
|
|
|
|
>
|
|
|
|
|
Preview ticket
|
|
|
|
|
</Button>
|
|
|
|
|
)}
|
2024-01-18 15:48:44 +00:00
|
|
|
</>
|
2022-04-11 19:04:41 +00:00
|
|
|
);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const renderWebhook = () => {
|
|
|
|
|
return (
|
2024-01-18 15:48:44 +00:00
|
|
|
<>
|
2022-04-11 19:04:41 +00:00
|
|
|
<div className={`${baseClass}__software-automation-description`}>
|
|
|
|
|
<p>
|
|
|
|
|
A request will be sent to your configured <b>Destination URL</b> if
|
2022-04-13 18:45:50 +00:00
|
|
|
a detected vulnerability (CVE) was published in the last{" "}
|
|
|
|
|
{recentVulnerabilityMaxAge || "30"} days.
|
2022-04-11 19:04:41 +00:00
|
|
|
</p>
|
|
|
|
|
</div>
|
|
|
|
|
<InputField
|
|
|
|
|
inputWrapperClass={`${baseClass}__url-input`}
|
|
|
|
|
name="webhook-url"
|
2024-02-23 14:57:18 +00:00
|
|
|
label="Destination URL"
|
|
|
|
|
type="text"
|
2022-04-13 22:23:09 +00:00
|
|
|
value={destinationUrl}
|
2022-04-11 19:04:41 +00:00
|
|
|
onChange={onURLChange}
|
|
|
|
|
error={errors.url}
|
2024-01-18 15:48:44 +00:00
|
|
|
helpText={
|
2022-04-11 19:04:41 +00:00
|
|
|
"For each new vulnerability detected, Fleet will send a JSON payload to this URL with a list of the affected hosts."
|
|
|
|
|
}
|
2024-02-23 14:57:18 +00:00
|
|
|
placeholder="https://server.com/example"
|
2022-04-11 19:04:41 +00:00
|
|
|
tooltip="Provide a URL to deliver a webhook request to."
|
2025-02-21 20:22:08 +00:00
|
|
|
disabled={!softwareAutomationsEnabled || gitOpsModeEnabled}
|
2022-04-11 19:04:41 +00:00
|
|
|
/>
|
|
|
|
|
<Button
|
|
|
|
|
type="button"
|
2025-09-29 17:10:41 +00:00
|
|
|
variant="inverse"
|
2022-04-11 19:04:41 +00:00
|
|
|
onClick={togglePreviewPayloadModal}
|
2024-11-13 20:38:28 +00:00
|
|
|
disabled={!softwareAutomationsEnabled}
|
2022-04-11 19:04:41 +00:00
|
|
|
>
|
|
|
|
|
Preview payload
|
|
|
|
|
</Button>
|
2024-01-18 15:48:44 +00:00
|
|
|
</>
|
2022-04-11 19:04:41 +00:00
|
|
|
);
|
2022-02-05 00:48:35 +00:00
|
|
|
};
|
|
|
|
|
|
2022-10-14 19:26:15 +00:00
|
|
|
if (showPreviewTicketModal && selectedIntegration?.type) {
|
|
|
|
|
return (
|
|
|
|
|
<PreviewTicketModal
|
|
|
|
|
integrationType={selectedIntegration.type}
|
|
|
|
|
onCancel={togglePreviewTicketModal}
|
|
|
|
|
/>
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-05 00:48:35 +00:00
|
|
|
if (showPreviewPayloadModal) {
|
|
|
|
|
return <PreviewPayloadModal onCancel={togglePreviewPayloadModal} />;
|
|
|
|
|
}
|
|
|
|
|
|
UI - GitOps Mode: Core abstractions, first batch of applications (#26401)
## For #26229 – Part 1
- This PR contains the core abstractions, routes, API updates, and types
for GitOps mode in the UI. Since this work will touch essentially every
part of the Fleet UI, it is ripe for merge conflicts. To mitigate such
conflicts, I'll be merging this work in a number of iterative PRs. ~To
effectively gate any of this work from showing until it is all merged to
`main`, [this commit](feedbb2d4c25ec2e304e1f18d409cee62f6752ed) hides
the settings section that allows enabling/disabling this setting,
effectively feature flagging the entire thing. In the last of these
iterative PRs, that commit will be reverted to engage the entire
feature. For testing purposes, reviewers can `git revert
feedbb2d4c25ec2e304e1f18d409cee62f6752ed` locally~ The new settings
section for this feature is feature flagged until all PRs are merged -
to show the setting section while testing, run `ALLOW_GITOPS_MODE=true
NODE_ENV=development yarn run webpack --progress --watch` in place of
`make generate-dev`
- Changes file will be added and feature flag removed in the last PR
- [x] Settings page with routing, form, API integration (hidden until
last PR)
- [x] Activities
- [x] Navbar indicator
- Apply GOM conditional UI to:
- [x] Manage enroll secret modal: .5
- Controls >
- [x] Scripts:
- Setup experience >
- [x] Install software > Select software modal
- [x] OS Settings >
- [x] Custom settings
- [x] Disk encryption
- [x] OS Updates
2/18/25, added to this PR:
- [x] Controls > Setup experience > Run script
- [x] Software >
- [x] Manage automations modal
- [x] Add software >
- [x] App Store (VPP)
- [x] Custom package
- [x] Queries
- [x] Manage
- [x] Automations modal
- [x] New
- [x] Edit
- [x] Policies
- [x] Manage
- [x] New
- [x] Edit
- Manage automations
- [x] Calendar events
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-02-20 16:41:07 +00:00
|
|
|
const renderSaveButton = () => {
|
|
|
|
|
const hasIntegrations = !(
|
|
|
|
|
((jiraIntegrationsIndexed && jiraIntegrationsIndexed.length === 0) ||
|
|
|
|
|
(zendeskIntegrationsIndexed &&
|
|
|
|
|
zendeskIntegrationsIndexed.length === 0)) &&
|
|
|
|
|
integrationEnabled &&
|
|
|
|
|
softwareAutomationsEnabled
|
|
|
|
|
);
|
|
|
|
|
const renderRawButton = (gomDisabled = false) => (
|
|
|
|
|
<TooltipWrapper
|
|
|
|
|
tipContent={
|
|
|
|
|
<>
|
|
|
|
|
Add an integration to create
|
|
|
|
|
<br /> tickets for vulnerability automations.
|
|
|
|
|
</>
|
|
|
|
|
}
|
|
|
|
|
disableTooltip={hasIntegrations || gomDisabled}
|
|
|
|
|
position="bottom"
|
|
|
|
|
underline={false}
|
|
|
|
|
showArrow
|
|
|
|
|
tipOffset={6}
|
|
|
|
|
>
|
|
|
|
|
<Button
|
|
|
|
|
type="submit"
|
|
|
|
|
onClick={handleSaveAutomation}
|
|
|
|
|
disabled={
|
|
|
|
|
(softwareAutomationsEnabled &&
|
|
|
|
|
integrationEnabled &&
|
|
|
|
|
!selectedIntegration) ||
|
|
|
|
|
(softwareAutomationsEnabled &&
|
|
|
|
|
!integrationEnabled &&
|
|
|
|
|
destinationUrl === "") ||
|
|
|
|
|
gomDisabled
|
|
|
|
|
}
|
|
|
|
|
>
|
|
|
|
|
Save
|
|
|
|
|
</Button>
|
|
|
|
|
</TooltipWrapper>
|
|
|
|
|
);
|
|
|
|
|
return (
|
|
|
|
|
<GitOpsModeTooltipWrapper
|
|
|
|
|
renderChildren={renderRawButton}
|
|
|
|
|
tipOffset={6}
|
|
|
|
|
/>
|
|
|
|
|
);
|
|
|
|
|
};
|
|
|
|
|
|
2022-02-05 00:48:35 +00:00
|
|
|
return (
|
|
|
|
|
<Modal
|
|
|
|
|
onExit={onReturnToApp}
|
2024-02-23 14:57:18 +00:00
|
|
|
title="Manage automations"
|
2022-02-05 00:48:35 +00:00
|
|
|
className={baseClass}
|
2023-05-17 17:07:38 +00:00
|
|
|
width="large"
|
2022-02-05 00:48:35 +00:00
|
|
|
>
|
2024-01-18 15:48:44 +00:00
|
|
|
<div className={`${baseClass} form`}>
|
|
|
|
|
<Slider
|
2025-02-21 20:22:08 +00:00
|
|
|
disabled={gitOpsModeEnabled}
|
2024-01-18 15:48:44 +00:00
|
|
|
value={softwareAutomationsEnabled}
|
|
|
|
|
onChange={() =>
|
|
|
|
|
setSoftwareAutomationsEnabled(!softwareAutomationsEnabled)
|
|
|
|
|
}
|
2024-02-23 14:57:18 +00:00
|
|
|
inactiveText="Vulnerability automations disabled"
|
|
|
|
|
activeText="Vulnerability automations enabled"
|
2024-01-18 15:48:44 +00:00
|
|
|
/>
|
|
|
|
|
<div
|
|
|
|
|
className={`form ${baseClass}__software-automations${
|
|
|
|
|
softwareAutomationsEnabled ? "" : "__disabled"
|
|
|
|
|
}`}
|
|
|
|
|
>
|
|
|
|
|
<div className="form-field">
|
|
|
|
|
<div className="form-field__label">Workflow</div>
|
|
|
|
|
<Radio
|
|
|
|
|
className={`${baseClass}__radio-input`}
|
2024-02-23 14:57:18 +00:00
|
|
|
label="Ticket"
|
|
|
|
|
id="ticket-radio-btn"
|
2024-01-18 15:48:44 +00:00
|
|
|
checked={integrationEnabled}
|
2024-02-23 14:57:18 +00:00
|
|
|
value="ticket"
|
2024-10-16 15:37:38 +00:00
|
|
|
name="workflow-type"
|
2024-01-18 15:48:44 +00:00
|
|
|
onChange={onRadioChange(true)}
|
2025-02-21 20:22:08 +00:00
|
|
|
disabled={!softwareAutomationsEnabled || gitOpsModeEnabled}
|
2024-01-18 15:48:44 +00:00
|
|
|
/>
|
|
|
|
|
<Radio
|
|
|
|
|
className={`${baseClass}__radio-input`}
|
2024-02-23 14:57:18 +00:00
|
|
|
label="Webhook"
|
|
|
|
|
id="webhook-radio-btn"
|
2024-01-18 15:48:44 +00:00
|
|
|
checked={!integrationEnabled}
|
2024-02-23 14:57:18 +00:00
|
|
|
value="webhook"
|
2024-10-16 15:37:38 +00:00
|
|
|
name="workflow-type"
|
2024-01-18 15:48:44 +00:00
|
|
|
onChange={onRadioChange(false)}
|
2025-02-21 20:22:08 +00:00
|
|
|
disabled={!softwareAutomationsEnabled || gitOpsModeEnabled}
|
2024-01-18 15:48:44 +00:00
|
|
|
/>
|
2022-03-11 17:56:14 +00:00
|
|
|
</div>
|
2024-01-18 15:48:44 +00:00
|
|
|
{integrationEnabled ? renderTicket() : renderWebhook()}
|
2024-01-25 18:03:44 +00:00
|
|
|
<p>
|
|
|
|
|
Vulnerability automations currently run for software
|
|
|
|
|
vulnerabilities. Interested in automations for OS vulnerabilities?{" "}
|
2024-11-13 20:38:28 +00:00
|
|
|
<CustomLink
|
|
|
|
|
url={SUPPORT_LINK}
|
|
|
|
|
text="Let us know"
|
|
|
|
|
newTab
|
|
|
|
|
disableKeyboardNavigation={!softwareAutomationsEnabled}
|
|
|
|
|
/>
|
2024-01-25 18:03:44 +00:00
|
|
|
</p>
|
2022-03-11 17:56:14 +00:00
|
|
|
</div>
|
2022-04-27 20:40:28 +00:00
|
|
|
<div className="modal-cta-wrap">
|
UI - GitOps Mode: Core abstractions, first batch of applications (#26401)
## For #26229 – Part 1
- This PR contains the core abstractions, routes, API updates, and types
for GitOps mode in the UI. Since this work will touch essentially every
part of the Fleet UI, it is ripe for merge conflicts. To mitigate such
conflicts, I'll be merging this work in a number of iterative PRs. ~To
effectively gate any of this work from showing until it is all merged to
`main`, [this commit](feedbb2d4c25ec2e304e1f18d409cee62f6752ed) hides
the settings section that allows enabling/disabling this setting,
effectively feature flagging the entire thing. In the last of these
iterative PRs, that commit will be reverted to engage the entire
feature. For testing purposes, reviewers can `git revert
feedbb2d4c25ec2e304e1f18d409cee62f6752ed` locally~ The new settings
section for this feature is feature flagged until all PRs are merged -
to show the setting section while testing, run `ALLOW_GITOPS_MODE=true
NODE_ENV=development yarn run webpack --progress --watch` in place of
`make generate-dev`
- Changes file will be added and feature flag removed in the last PR
- [x] Settings page with routing, form, API integration (hidden until
last PR)
- [x] Activities
- [x] Navbar indicator
- Apply GOM conditional UI to:
- [x] Manage enroll secret modal: .5
- Controls >
- [x] Scripts:
- Setup experience >
- [x] Install software > Select software modal
- [x] OS Settings >
- [x] Custom settings
- [x] Disk encryption
- [x] OS Updates
2/18/25, added to this PR:
- [x] Controls > Setup experience > Run script
- [x] Software >
- [x] Manage automations modal
- [x] Add software >
- [x] App Store (VPP)
- [x] Custom package
- [x] Queries
- [x] Manage
- [x] Automations modal
- [x] New
- [x] Edit
- [x] Policies
- [x] Manage
- [x] New
- [x] Edit
- Manage automations
- [x] Calendar events
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-02-20 16:41:07 +00:00
|
|
|
{renderSaveButton()}
|
2022-08-29 15:21:37 +00:00
|
|
|
<Button onClick={onReturnToApp} variant="inverse">
|
|
|
|
|
Cancel
|
|
|
|
|
</Button>
|
2022-02-05 00:48:35 +00:00
|
|
|
</div>
|
2024-01-18 15:48:44 +00:00
|
|
|
</div>
|
2022-02-05 00:48:35 +00:00
|
|
|
</Modal>
|
|
|
|
|
);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
export default ManageAutomationsModal;
|