fleet/server/mdm/maintainedapps/installers.go

package maintained_apps

import (
	"context"
	"fmt"
	"mime"
	"net/http"
	"net/url"
	"path"
	"strings"
	"time"

	"github.com/fleetdm/fleet/v4/server/contexts/ctxerr"
	"github.com/fleetdm/fleet/v4/server/fleet"
)

// InstallerTimeout is the timeout duration for downloading and adding a maintained app.
const InstallerTimeout = 15 * time.Minute

// DownloadInstaller downloads the maintained app installer located at the given URL.
func DownloadInstaller(ctx context.Context, installerURL string, client *http.Client) (*fleet.TempFileReader, string, error) {
	// validate the URL before doing the request
	_, err := url.ParseRequestURI(installerURL)
	if err != nil {
		return nil, "", fleet.NewInvalidArgumentError(
			"fleet_maintained_app.url",
			fmt.Sprintf("Couldn't download maintained app installer. URL (%q) is invalid", installerURL),
		)
	}

	req, err := http.NewRequestWithContext(ctx, http.MethodGet, installerURL, nil)
	if err != nil {
		return nil, "", ctxerr.Wrapf(ctx, err, "creating request for URL %s", installerURL)
	}

	resp, err := client.Do(req)
	if err != nil {
		return nil, "", ctxerr.Wrapf(ctx, err, "performing request for URL %s", installerURL)
	}
	defer resp.Body.Close()

	if resp.StatusCode == http.StatusNotFound {
		return nil, "", fleet.NewInvalidArgumentError(
			"fleet_maintained_app.url",
			fmt.Sprintf("Couldn't download maintained app installer. URL (%q) doesn't exist. Please make sure that URLs are publicy accessible to the internet.", installerURL),
		)
	}

	// Allow all 2xx and 3xx status codes in this pass.
	if resp.StatusCode > 400 {
		return nil, "", fleet.NewInvalidArgumentError(
			"fleet_maintained_app.url",
			fmt.Sprintf("Couldn't download maintained app installer. URL (%q) received response status code %d.", installerURL, resp.StatusCode),
		)
	}

	tfr, err := fleet.NewTempFileReader(resp.Body, nil)
	if err != nil {
		return nil, "", ctxerr.Wrapf(ctx, err, "reading installer %q contents", installerURL)
	}

	return tfr, FilenameFromResponse(resp), nil
}

func FilenameFromResponse(resp *http.Response) string {
	var filename string
	cdh, ok := resp.Header["Content-Disposition"]
	if ok && len(cdh) > 0 {
		_, params, err := mime.ParseMediaType(cdh[0])
		if err == nil {
			filename = params["filename"]
		} else {
			// fallback for responses that include a filename in their content-disposition header
			// but the header isn't technically RFC compliant
			cdhParts := strings.Split(cdh[0], "filename=")
			if len(cdhParts) > 1 {
				unescapedFilename, err := url.QueryUnescape(cdhParts[1])
				if err == nil {
					filename = unescapedFilename
				}
			}
		}
	}

	// Fall back on extracting the filename from the URL
	// This is OK for the first 20 apps we support, but we should do something more robust once we
	// support more apps.
	if filename == "" && resp.Request.URL.Path != "" {
		filename = path.Base(resp.Request.URL.Path)
	}

	return filename
}
Switch Fleet-maintained apps to use manifest-based structure (#27201) For #26082. # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] If paths of existing endpoints are modified without backwards compatibility, checked the frontend/CLI for any necessary changes - [x] If database migrations are included, checked table schema to confirm autoupdate - For database migrations: - [x] Checked schema for all modified table for columns that will auto-update timestamps during migration. - [x] Confirmed that updating the timestamps is acceptable, and will not cause unwanted side effects. - [x] Ensured the correct collation is explicitly set for character columns (`COLLATE utf8mb4_unicode_ci`). - [x] Added/updated automated tests - [x] A detailed QA plan exists on the associated ticket (if it isn't there, work with the product group's QA engineer to add it) - [x] Manual QA for all new/changed functionality 2025-03-21 02:21:56 +00:00			`package maintained_apps`
feat: add fleet-maintained software (#22031) > Related issue: #21776 # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2024-09-18 16:21:53 +00:00
			`import (`
			`"context"`
			`"fmt"`
			`"mime"`
			`"net/http"`
			`"net/url"`
			`"path"`
Switch Fleet-maintained apps to use manifest-based structure (#27201) For #26082. # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] If paths of existing endpoints are modified without backwards compatibility, checked the frontend/CLI for any necessary changes - [x] If database migrations are included, checked table schema to confirm autoupdate - For database migrations: - [x] Checked schema for all modified table for columns that will auto-update timestamps during migration. - [x] Confirmed that updating the timestamps is acceptable, and will not cause unwanted side effects. - [x] Ensured the correct collation is explicitly set for character columns (`COLLATE utf8mb4_unicode_ci`). - [x] Added/updated automated tests - [x] A detailed QA plan exists on the associated ticket (if it isn't there, work with the product group's QA engineer to add it) - [x] Manual QA for all new/changed functionality 2025-03-21 02:21:56 +00:00			`"strings"`
feat: add fleet-maintained software (#22031) > Related issue: #21776 # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2024-09-18 16:21:53 +00:00			`"time"`

			`"github.com/fleetdm/fleet/v4/server/contexts/ctxerr"`
			`"github.com/fleetdm/fleet/v4/server/fleet"`
			`)`

feat: use a 15 minute timeout for adding a maintained app (#22247) > Related issue: #22239 # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2024-09-19 19:42:17 +00:00			`// InstallerTimeout is the timeout duration for downloading and adding a maintained app.`
			`const InstallerTimeout = 15 * time.Minute`

feat: add fleet-maintained software (#22031) > Related issue: #21776 # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2024-09-18 16:21:53 +00:00			`// DownloadInstaller downloads the maintained app installer located at the given URL.`
Improve memory usage of software installers parsing (#23596) 2024-11-12 14:28:08 +00:00			`func DownloadInstaller(ctx context.Context, installerURL string, client http.Client) (fleet.TempFileReader, string, error) {`
feat: add fleet-maintained software (#22031) > Related issue: #21776 # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2024-09-18 16:21:53 +00:00			`// validate the URL before doing the request`
			`_, err := url.ParseRequestURI(installerURL)`
			`if err != nil {`
			`return nil, "", fleet.NewInvalidArgumentError(`
			`"fleet_maintained_app.url",`
			`fmt.Sprintf("Couldn't download maintained app installer. URL (%q) is invalid", installerURL),`
			`)`
			`}`

			`req, err := http.NewRequestWithContext(ctx, http.MethodGet, installerURL, nil)`
			`if err != nil {`
			`return nil, "", ctxerr.Wrapf(ctx, err, "creating request for URL %s", installerURL)`
			`}`

			`resp, err := client.Do(req)`
			`if err != nil {`
			`return nil, "", ctxerr.Wrapf(ctx, err, "performing request for URL %s", installerURL)`
			`}`
			`defer resp.Body.Close()`

			`if resp.StatusCode == http.StatusNotFound {`
			`return nil, "", fleet.NewInvalidArgumentError(`
			`"fleet_maintained_app.url",`
			`fmt.Sprintf("Couldn't download maintained app installer. URL (%q) doesn't exist. Please make sure that URLs are publicy accessible to the internet.", installerURL),`
			`)`
			`}`

			`// Allow all 2xx and 3xx status codes in this pass.`
			`if resp.StatusCode > 400 {`
			`return nil, "", fleet.NewInvalidArgumentError(`
			`"fleet_maintained_app.url",`
			`fmt.Sprintf("Couldn't download maintained app installer. URL (%q) received response status code %d.", installerURL, resp.StatusCode),`
			`)`
			`}`

Support for fleet maintained apps in gitops (#28751) https://github.com/fleetdm/fleet/issues/24469 - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] If paths of existing endpoints are modified without backwards compatibility, checked the frontend/CLI for any necessary changes - [x] Added/updated automated tests - [x] A detailed QA plan exists on the associated ticket (if it isn't there, work with the product group's QA engineer to add it) - [x] Manual QA for all new/changed functionality 2025-05-07 23:16:08 +00:00			`tfr, err := fleet.NewTempFileReader(resp.Body, nil)`
			`if err != nil {`
			`return nil, "", ctxerr.Wrapf(ctx, err, "reading installer %q contents", installerURL)`
			`}`

			`return tfr, FilenameFromResponse(resp), nil`
			`}`

			`func FilenameFromResponse(resp *http.Response) string {`
feat: add fleet-maintained software (#22031) > Related issue: #21776 # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2024-09-18 16:21:53 +00:00			`var filename string`
			`cdh, ok := resp.Header["Content-Disposition"]`
			`if ok && len(cdh) > 0 {`
			`_, params, err := mime.ParseMediaType(cdh[0])`
			`if err == nil {`
			`filename = params["filename"]`
Switch Fleet-maintained apps to use manifest-based structure (#27201) For #26082. # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] If paths of existing endpoints are modified without backwards compatibility, checked the frontend/CLI for any necessary changes - [x] If database migrations are included, checked table schema to confirm autoupdate - For database migrations: - [x] Checked schema for all modified table for columns that will auto-update timestamps during migration. - [x] Confirmed that updating the timestamps is acceptable, and will not cause unwanted side effects. - [x] Ensured the correct collation is explicitly set for character columns (`COLLATE utf8mb4_unicode_ci`). - [x] Added/updated automated tests - [x] A detailed QA plan exists on the associated ticket (if it isn't there, work with the product group's QA engineer to add it) - [x] Manual QA for all new/changed functionality 2025-03-21 02:21:56 +00:00			`} else {`
			`// fallback for responses that include a filename in their content-disposition header`
			`// but the header isn't technically RFC compliant`
			`cdhParts := strings.Split(cdh[0], "filename=")`
			`if len(cdhParts) > 1 {`
			`unescapedFilename, err := url.QueryUnescape(cdhParts[1])`
			`if err == nil {`
			`filename = unescapedFilename`
			`}`
			`}`
feat: add fleet-maintained software (#22031) > Related issue: #21776 # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2024-09-18 16:21:53 +00:00			`}`
			`}`

			`// Fall back on extracting the filename from the URL`
			`// This is OK for the first 20 apps we support, but we should do something more robust once we`
			`// support more apps.`
Support for fleet maintained apps in gitops (#28751) https://github.com/fleetdm/fleet/issues/24469 - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] If paths of existing endpoints are modified without backwards compatibility, checked the frontend/CLI for any necessary changes - [x] Added/updated automated tests - [x] A detailed QA plan exists on the associated ticket (if it isn't there, work with the product group's QA engineer to add it) - [x] Manual QA for all new/changed functionality 2025-05-07 23:16:08 +00:00			`if filename == "" && resp.Request.URL.Path != "" {`
feat: add fleet-maintained software (#22031) > Related issue: #21776 # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2024-09-18 16:21:53 +00:00			`filename = path.Base(resp.Request.URL.Path)`
			`}`

Support for fleet maintained apps in gitops (#28751) https://github.com/fleetdm/fleet/issues/24469 - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] If paths of existing endpoints are modified without backwards compatibility, checked the frontend/CLI for any necessary changes - [x] Added/updated automated tests - [x] A detailed QA plan exists on the associated ticket (if it isn't there, work with the product group's QA engineer to add it) - [x] Manual QA for all new/changed functionality 2025-05-07 23:16:08 +00:00			`return filename`
feat: add fleet-maintained software (#22031) > Related issue: #21776 # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated tests - [x] Manual QA for all new/changed functionality 2024-09-18 16:21:53 +00:00			`}`