Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-23 00:49:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 106
fleet/orbit/pkg/constant/constant.go

90 lines
4.8 KiB
Go
Raw Normal View History

Add constant package Currently only file and directory mode defaults.
2020-12-24 03:20:31 +00:00
package constant
Orbit enroll retry on unauth (#7928)
2022-09-23 21:46:33 +00:00
import "time"
Add constant package Currently only file and directory mode defaults.
2020-12-24 03:20:31 +00:00
const (
// DefaultDirMode is the default file mode to apply to created directories.
PoC of packaging and autoupdate working together - Linux packaging works (tested on Ubuntu 20) - Packaging needs to be made configurable via flags
2021-01-26 03:53:51 +00:00
DefaultDirMode = 0o755
Add constant package Currently only file and directory mode defaults.
2020-12-24 03:20:31 +00:00
// DefaultFileMode is the default file mode to apply to created files.
DefaultFileMode = 0o600
token rotation for fleet desktop (#7779) This implements what's described in detail here https://github.com/fleetdm/fleet/blob/main/proposals/fleet-desktop-token-rotation.md
2022-10-10 20:15:35 +00:00
// DefaultWorldReadableFileMode is the default file mode to apply to files
// that can be read by other processes.
DefaultWorldReadableFileMode = 0o644
Shebang should be on the first line of script (#5747) * Shebang should be on the first line of script * Set 644 file mode for SystemD unit file
2022-05-23 22:18:19 +00:00
// DefaultSystemdUnitMode is the required file mode to systemd unit files.
token rotation for fleet desktop (#7779) This implements what's described in detail here https://github.com/fleetdm/fleet/blob/main/proposals/fleet-desktop-token-rotation.md
2022-10-10 20:15:35 +00:00
DefaultSystemdUnitMode = DefaultWorldReadableFileMode
Fleet Desktop MVP (#4530) * WIP * WIP2 * Fix orbit and fleetctl tests * Amend macos-app default * Add some fixes * Use fleetctl updates roots command * Add more fixes to Updater * Fixes to app publishing and downloading * Add more changes to support fleetctl cross generation * Amend comment * Add pkg generation to ease testing * Make more fixes * Add changes entry * Add legacy targets (until our TUF system exposes the new app) * Fix fleetctl preview * Fix bool flag * Fix orbit logic for disabled-updates and dev-mode * Fix TestPreview * Remove constant and fix zip-slip attack (codeql) * Return unknown error * Fix updater's checkExec * Add support for executable signing in init_tuf.sh * Try only signing orbit * Fix init_tuf.sh targets, macos-app only for osqueryd * Specify GOARCH to support M1s * Add workflow to generate osqueryd.app.tar.gz * Use 5.2.2 on init_tuf.sh * Add unit test for tar.gz target * Use artifacts instead of releases * Remove copy paste residue * Fleet Desktop Packaging WIP * Ignore gosec warning * Trigger on PR too * Install Go in workflow * Pass url parameter to desktop app * Fix fleetctl package * Final set of changes for v1 of Fleet Desktop * Add changes * PR fixes * Fix CI build * add larger menu bar icon * Add transparency item * Delete host_device_auth entry on host deletion * Add SetTargetChannel * Update white logo and add desktop to update runner * Add fleet-desktop monitoring to orbit * Define fleet-desktop app exec name * Fix update runner creation * Add API test before enabling the My device menu item Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2022-03-21 17:53:53 +00:00
// DesktopAppExecName is the name of Fleet's Desktop executable.
Orbit: Add Fleet Desktop support to Windows (#4873) * Orbit: Add Fleet Desktop support to Windows * Rename workflow, fix linux build * Do not compile systray on linux * nolint on unused * Fix lint properly * nolint both checkers * Fix monitor logic in desktopRunner * Fix interrupt and execute order
2022-04-01 20:28:51 +00:00
//
// We use fleet-desktop as name to properly identify the process when listing
// running processes/tasks.
Fleet Desktop MVP (#4530) * WIP * WIP2 * Fix orbit and fleetctl tests * Amend macos-app default * Add some fixes * Use fleetctl updates roots command * Add more fixes to Updater * Fixes to app publishing and downloading * Add more changes to support fleetctl cross generation * Amend comment * Add pkg generation to ease testing * Make more fixes * Add changes entry * Add legacy targets (until our TUF system exposes the new app) * Fix fleetctl preview * Fix bool flag * Fix orbit logic for disabled-updates and dev-mode * Fix TestPreview * Remove constant and fix zip-slip attack (codeql) * Return unknown error * Fix updater's checkExec * Add support for executable signing in init_tuf.sh * Try only signing orbit * Fix init_tuf.sh targets, macos-app only for osqueryd * Specify GOARCH to support M1s * Add workflow to generate osqueryd.app.tar.gz * Use 5.2.2 on init_tuf.sh * Add unit test for tar.gz target * Use artifacts instead of releases * Remove copy paste residue * Fleet Desktop Packaging WIP * Ignore gosec warning * Trigger on PR too * Install Go in workflow * Pass url parameter to desktop app * Fix fleetctl package * Final set of changes for v1 of Fleet Desktop * Add changes * PR fixes * Fix CI build * add larger menu bar icon * Add transparency item * Delete host_device_auth entry on host deletion * Add SetTargetChannel * Update white logo and add desktop to update runner * Add fleet-desktop monitoring to orbit * Define fleet-desktop app exec name * Fix update runner creation * Add API test before enabling the My device menu item Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2022-03-21 17:53:53 +00:00
DesktopAppExecName = "fleet-desktop"
Delete Fleet Desktop auth token when we detect a migrated host (#23658) #23164 This ensures that "My device" correctly shows the current host immediately after migration, rather than the old host (Orbit is already reporting on the current host correctly due to swapped node keys) # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [x] Orbit runs on macOS, Linux and Windows. Check if the orbit feature/bugfix should only apply to one platform (`runtime.GOOS`). QA'd on macOS as there's a runtime guard on this code.
2024-11-10 05:35:49 +00:00
// DesktopTokenFileName is the filename on disk (in the orbit base dir) where we store the Fleet Desktop auth token
DesktopTokenFileName = "identifier"
Orbit enroll retry on unauth (#7928)
2022-09-23 21:46:33 +00:00
// OrbitNodeKeyFileName is the filename on disk where we write the orbit node key to
OrbitNodeKeyFileName = "secret-orbit-node-key.txt"
Fixed duplicate enrolled macOS UUIDs/SNs (#32769) Fixes #31934 Manually QA'd using a Migration Assistant flow from one macOS VM to another. # Checklist for submitter - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. ## Testing - [x] QA'd all new/changed functionality manually ## fleetd/orbit/Fleet Desktop - [x] Verified compatibility with the latest released version of Fleet (see [Must rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/workflows/fleetd-development-and-release-strategy.md)) - [x] If the change applies to only one platform, confirmed that `runtime.GOOS` is used as needed to isolate changes - [x] Verified that fleetd runs on macOS, Linux and Windows - [x] Verified auto-update works from the released version of component to the new version (see [tools/tuf/test](../tools/tuf/test/README.md)) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * macOS: Prevents duplicate hosts by persisting the hardware UUID and triggering re-enrollment when it changes (e.g., after hardware migration or system restore). Improves reliability across restarts and cleans up legacy data during migration. * **Documentation** * Added changelog entry noting the macOS-specific fix for duplicate enrolled hosts (UUID/SN). <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-09-12 20:02:24 +00:00
// HardwareUUIDFileName is the filename on disk where we store the hardware UUID for migration detection
HardwareUUIDFileName = "hardware-uuid.txt"
Add exponential backoff to orbit enroll retries (#17368) #16594 - [X] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [X] Added/updated tests - [X] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [X] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [X] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2024-03-13 10:57:00 +00:00
// OrbitEnrollMaxRetries is the max number of retries when doing an enroll request.
// We set it to 6 to allow the retry backoff to take effect.
OrbitEnrollMaxRetries = 6
// OrbitEnrollBackoffMultiplier is the multiplier to use for backing off between enroll retries.
OrbitEnrollBackoffMultiplier = 2
// OrbitEnrollRetrySleep is the duration to sleep between enroll retries.
OrbitEnrollRetrySleep = 10 * time.Second
Bug 7874: Adding SCM calls to register Orbit as a windows service (#7934) * Bug 7874: Adding SCM calls to register Orbit as a windows service
2022-09-27 14:52:41 +00:00
// OsqueryPidfile is the file containing the PID of the running osqueryd process
OsqueryPidfile = "osquery.pid"
Write an enroll secret to osquery when it's read from config profile (#11066) #11065 Since `secret.txt` is written when the installer is built, but installers using `--use-system-config` don't have an enroll secret at build time, this file was empty and causing osquery to have trouble enrolling. This PR writes the file when the values are read from a configuration profile.
2023-04-07 22:34:16 +00:00
// OsqueryEnrollSecretFileName is the filename on disk where we write
// the orbit enroll secret.
OsqueryEnrollSecretFileName = "secret.txt"
Bug 7874: Adding SCM calls to register Orbit as a windows service (#7934) * Bug 7874: Adding SCM calls to register Orbit as a windows service
2022-09-27 14:52:41 +00:00
// SystemServiceName is the name of Orbit system service
// The service name is used by the OS service management framework
SystemServiceName = "Fleet osquery"
Add mTLS support to fleetd (#11319) #7970 - [X] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md)~ - ~[ ] Documented any permissions changes~ - ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements)~ - ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features.~ - [X] Added/updated tests - [x] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [x] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [x] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-04-27 11:44:39 +00:00
// FleetTLSClientCertificateFileName is the name of the TLS client certificate file
// used when connecting to the Fleet server.
FleetTLSClientCertificateFileName = "fleet_client.crt"
// FleetTLSClientKeyFileName is the name of the TLS client private key file
// used when connecting to the Fleet server.
FleetTLSClientKeyFileName = "fleet_client.key"
// UpdateTLSClientCertificateFileName is the name of the TLS client certificate file
// used when connecting to the update server.
UpdateTLSClientCertificateFileName = "update_client.crt"
// UpdateTLSClientKeyFileName is the name of the TLS client private key file
// used when connecting to the update server.
UpdateTLSClientKeyFileName = "update_client.key"
environment variable to disable orbit enroll logs (#13519)
2023-08-25 21:25:07 +00:00
// SilenceEnrollLogErrorEnvVer is an environment variable name for disabling enroll log errors
SilenceEnrollLogErrorEnvVar = "FLEETD_SILENCE_ENROLL_ERROR"
Remotely configure fleetd update channels (#15848) #13825 - [X] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Added/updated tests - [X] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [X] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [X] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)). --------- Co-authored-by: Victor Lyuboslavsky <victor.lyuboslavsky@gmail.com>
2024-01-02 20:59:40 +00:00
// ServerOverridesFileName is the name of the file in the root directory
// that specifies the override configuration fetched from the server.
ServerOverridesFileName = "server-overrides.json"
feat: manual MDM migration updates (#21115) > Related issue: #20311 # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Added/updated tests - [x] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [ ] Orbit runs on macOS, Linux and Windows. Check if the orbit feature/bugfix should only apply to one platform (`runtime.GOOS`). - [ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [x] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2024-08-08 19:46:42 +00:00
// MigrationFileName is the name of the file used by fleetd to determine if the host is
// partially through an MDM migration.
MigrationFileName = "mdm_migration.txt"
// MDMMigrationTypeManual indicates that the MDM migration is for a manually enrolled host.
MDMMigrationTypeManual = "manual"
// MDMMigrationTypeADE indicates that the MDM migration is for an ADE enrolled host.
MDMMigrationTypeADE = "ade"
feat: pre sonoma migration features (#21266) > Related issue #20311 # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Added/updated tests - [x] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [ ] Orbit runs on macOS, Linux and Windows. Check if the orbit feature/bugfix should only apply to one platform (`runtime.GOOS`). - [ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [x] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2024-08-13 20:14:35 +00:00
// MDMMigrationTypePreSonoma indicates that the MDM migration is for a host on a macOS version < 14.
MDMMigrationTypePreSonoma = "pre-sonoma"
Update MDM migration flow with offline dialog (#21274)
2024-08-13 17:59:50 +00:00
// MDMMigrationOfflineWatcherInterval is the interval at which the offline watcher checks for
// the presence of the migration file.
MDMMigrationOfflineWatcherInterval = 3 * time.Minute
fix: cleanup tasks for MDM migration updates (#21325) > No issue, just cleanup # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [x] Orbit runs on macOS, Linux and Windows. Check if the orbit feature/bugfix should only apply to one platform (`runtime.GOOS`). - [x] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [x] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2024-08-15 21:16:56 +00:00
SonomaMajorVersion = 14
fleetd to start up when TUF signatures are expired (#23102) #22740 Full QA is still a WIP but this is ready for review. - [X] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [X] Added/updated tests - [X] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [x] Orbit runs on macOS, Linux and Windows. Check if the orbit feature/bugfix should only apply to one platform (`runtime.GOOS`). - [x] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [x] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2024-10-28 23:40:19 +00:00
// OrbitTUFTargetName is the target name of the orbit component of fleetd in TUF.
OrbitTUFTargetName = "orbit"
// OsqueryTUFTargetName is the target name of the osquery component of fleetd in TUF.
OsqueryTUFTargetName = "osqueryd"
// DesktopTUFTargetName is the target name of the Fleet Desktop component of fleetd in TUF.
DesktopTUFTargetName = "desktop"
Store/retrieve Fleet URL and enroll secret when MDM profile has been removed (#23559) #23438 # Demo <div> <a href="https://www.loom.com/share/d5c0340512df49acba1f5412789f145b"> <p>[Demo] fleetd connecting to Fleet server when MDM profiles removed (#23438) - Watch Video</p> </a> <a href="https://www.loom.com/share/d5c0340512df49acba1f5412789f145b"> <img style="max-width:300px;" src="https://cdn.loom.com/sessions/thumbnails/d5c0340512df49acba1f5412789f145b-6688b64fea2e09ca-full-play.gif"> </a> </div> # Checklist for submitter - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [x] Orbit runs on macOS, Linux and Windows. Check if the orbit feature/bugfix should only apply to one platform (`runtime.GOOS`). - [x] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [x] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2024-11-05 22:53:09 +00:00
// FleetURLFileName is the file where Fleet URL is stored after being read from Apple config profile.
FleetURLFileName = "fleet_url.txt"
Changes to not rely on Fleet Desktop for Linux setup experience (#33018) For #32788. ## Testing - [X] Added/updated automated tests - [X] QA'd all new/changed functionality manually ## fleetd/orbit/Fleet Desktop - [X] Verified compatibility with the latest released version of Fleet (see [Must rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/workflows/fleetd-development-and-release-strategy.md)) - [X] If the change applies to only one platform, confirmed that `runtime.GOOS` is used as needed to isolate changes - [x] Verified that fleetd runs on macOS, Linux and Windows - [X] Verified auto-update works from the released version of component to the new version (see [tools/tuf/test](../tools/tuf/test/README.md)) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Enhanced Linux setup experience: persists status on disk, resumes automatically, and completes when software/scripts finish. - Opens the “My Device” page only when desktop is enabled, using a user-aware launcher on Linux. - Linux setup status now focuses on software progress for faster, clearer feedback. - Bug Fixes - Corrected auth/MDM checks: macOS requires Apple MDM; Linux no longer blocked by MDM configuration on shared endpoints. - Improved reliability and logging around software installation and temporary directory cleanup. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-09-16 16:26:00 +00:00
Linux setup experience agent (#32172) #32053
2025-09-05 14:07:03 +00:00
// SetupExperienceComplete is a file created when Linux (and soon Windows) completes setup experience
SetupExperienceFilename = "setup_experience.json"
fleetd generate TPM key and issue SCEP certificate (#30932) #30461 This PR contains the changes for the happy path. On a separate PR we will be adding tests and further fixes for edge cases. - [X] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. - [ ] Added/updated automated tests - [x] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [ ] Make sure fleetd is compatible with the latest released version of Fleet (see [Must rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/workflows/fleetd-development-and-release-strategy.md)). - [ ] Orbit runs on macOS, Linux and Windows. Check if the orbit feature/bugfix should only apply to one platform (`runtime.GOOS`). - [ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)). <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added support for using a TPM-backed key and SCEP-issued certificate to sign HTTP requests, enhancing security through hardware-based key management. * Introduced new CLI and environment flags to enable TPM-backed client certificates for Linux packages and Orbit. * Added a local HTTPS proxy that automatically signs requests using the TPM-backed key. * **Bug Fixes** * Improved cleanup and restart behavior when authentication fails with a host identity certificate. * **Tests** * Added comprehensive tests for SCEP client functionality and TPM integration. * **Chores** * Updated scripts and documentation to support TPM-backed client certificate packaging and configuration. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-07-18 14:31:52 +00:00
FleetHTTPSignatureCertificateFileName = "host_identity.crt"
Host identity cert renewal (#31372) For #30476 Contributor doc updates: https://github.com/fleetdm/fleet/pull/31371 # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. ## Testing - [x] Added/updated automated tests - [x] Where appropriate, [automated tests simulate multiple hosts and test for host isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing) (updates to one hosts's records do not affect another) - [x] QA'd all new/changed functionality manually ## fleetd/orbit/Fleet Desktop - [x] Verified compatibility with the latest released version of Fleet (see [Must rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/workflows/fleetd-development-and-release-strategy.md)) - [x] If the change applies to only one platform, confirmed that `runtime.GOOS` is used as needed to isolate changes - [x] Verified that fleetd runs on macOS, Linux and Windows - [x] Verified auto-update works from the released version of component to the new version (see [tools/tuf/test](../tools/tuf/test/README.md)) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Automated certificate renewal is now supported, including proof-of-possession for enhanced security. * Certificate renewal can be triggered when the existing certificate is within 180 days of expiration. * Dynamic configuration of certificate validity period via environment variable. * Improved TPM hardware integration for certificate management. * **Bug Fixes** * Enhanced error handling and logging for TPM device closure and certificate operations. * **Tests** * Extended integration tests to cover certificate renewal flows, host deletion, and TPM-based scenarios for improved reliability. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-07-30 14:46:36 +00:00
// FleetHTTPSignatureTPMKeyFileName is the filename for the TPM key used for HTTP signature authentication
FleetHTTPSignatureTPMKeyFileName = "host_identity_tpm.pem"
// FleetHTTPSignatureTPMKeyBackupFileName is the filename for the backup of the TPM key during renewal
FleetHTTPSignatureTPMKeyBackupFileName = "host_identity_tpm.old.pem"
Add constant package Currently only file and directory mode defaults.
2020-12-24 03:20:31 +00:00
)
Reference in a new issue Copy permalink