mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 13:37:30 +00:00
Prepare for 4.20.0 (#7651)
This commit is contained in:
Noah Talerman
GitHub
parent
63628dac34
commit
26b610dde4
42 changed files with 52 additions and 55 deletions
44
CHANGELOG.md
44
CHANGELOG.md
|
|
@ -1,3 +1,47 @@
|
|||
## Fleet 4.20.0 (Sep 9, 2022)
|
||||
|
||||
* Add ability to know how many hosts, and which hosts, have Munki issues. This information is presented on the **Home > macOS** page and **Host details** page. This information is also available in the [`GET /api/v1/fleet/macadmins`](https://fleetdm.com/docs/using-fleet/rest-api#get-aggregated-hosts-mobile-device-management-mdm-and-munki-information) and [`GET /api/v1/fleet/hosts/{id}/macadmins`](https://fleetdm.com/docs/using-fleet/rest-api#get-hosts-mobile-device-management-mdm-and-munki-information) and API routes.
|
||||
|
||||
* Fleet Premium: Added ability to test features, like software inventory, on canary teams by adding a [`features` section](https://fleetdm.com/docs/using-fleet/configuration-files#features) to the `teams` YAML document.
|
||||
|
||||
* Improved vulnerability detection for macOS hosts by improving detection of Zoom, Ruby, and Node.js vulnerabilities. Warning: For users that download and sync Fleet's vulnerability feeds manually, there are [required adjustments](https://github.com/fleetdm/fleet/issues/6628) or else vulnerability processing will stop working. Users with the default vulnerability processing settings can safely upgrade without adjustments.
|
||||
|
||||
* Fleet Premium: Improved the vulnerability automations by adding vulnerability scores (EPSS probability, CVSS scores, and CISA-known exploits) to the webhook payload. Read more about vulnerability automations on [fleetdm.com/docs](https://fleetdm.com/docs/using-fleet/automations#vulnerability-automations).
|
||||
|
||||
* Renamed the `host_settings` section to `features` in the the [`config` YAML file](https://fleetdm.com/docs/using-fleet/configuration-files#features). But `host_settings` is still supported for backwards compatibility.
|
||||
|
||||
* Improved the activity feed by adding the ability to see who modified agent options and when modifications occurred. This information is available on the Home page in the Fleet UI and the [`GET /activites` API route](https://fleetdm.com/docs/using-fleet/rest-api#activities).
|
||||
|
||||
* Improved the [`config` YAML documentation](https://fleetdm.com/docs/using-fleet/configuration-files#organization-settings).
|
||||
|
||||
* Improved the **Hosts** page for smaller screen widths.
|
||||
|
||||
* Improved the building of osquery installers for Windows (`.msi` packages).
|
||||
|
||||
* Added a **Show query** button on the **Schedule** page, which adds the ability to quickly see a query's SQL.
|
||||
|
||||
* Improved the Fleet UI by adding loading spinners to all buttons that create or update entities in Fleet (e.g., users).
|
||||
|
||||
* Fixed a bug in which a user could not reach some teams in the UI via pagination if there were more than 20 teams.
|
||||
|
||||
* Fixed a bug in which a user could not reach some users in the UI via pagination if there were more than 20 users.
|
||||
|
||||
* Fixed a bug in which duplicate vulnerabilities (CVEs) sometimes appeared on **Software details** page.
|
||||
|
||||
* Fixed a bug in which the count in the **Issues** column (exclamation tooltip) in the **Hosts** table would sometimes not appear.
|
||||
|
||||
* Fixed a bug in which no error message would appear if there was an issue while setting up Fleet.
|
||||
|
||||
* Fixed a bug in which no error message would appear if users were creating or editing a label with a name or description that was too long.
|
||||
|
||||
* Fixed a big in which the example payload for usage statistics included incorrect key names.
|
||||
|
||||
* Fixed a bug in which the count above the **Software** table would sometimes not appear.
|
||||
|
||||
* Fixed a bug in which the **Add hosts** button would not be displayed when search returned 0 hosts.
|
||||
|
||||
* Fixed a bug in which modifying filters on the **Hosts** page would not return the user to the first page of the **Hosts** table.
|
||||
|
||||
## Fleet 4.19.1 (Sep 1, 2022)
|
||||
|
||||
* Fix a migration error that may occur when upgrading to Fleet 4.19.0.
|
||||
|
|
|
|||
|
|
@ -1 +0,0 @@
|
|||
The software details page was showing duplicated vulnerabilities if the software was used by many hosts.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
Bumped up the following migrations:
|
||||
|
||||
- 20220711104651_RemoveCpeIDColumnFromSoftwareCve
|
||||
- 20220809091020_AddWindowsUpdatesTable
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Removed cpe_id column from the software_cve table.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* UI displays munki issues on macOS homepage, filter by issue on manage host page, and munki issue table on host details page
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
- We now ingest and store installed Windows updates in a new table, `windows_updates`.
|
||||
- Added a new configuration option used for disabling the ingestion of Windows updates and also
|
||||
disabling Windows vulnerability scans.
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
- Added the MSRC feed parser that we will be using for generating the MSRC artifacts.
|
||||
- Added sync logic for keeping the local MSRC artifacts up to date.
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
- Include the CVSS score, EPSS score, and known exploits properties in the vulnerability Webhook
|
||||
payload only if the customer is premium.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Added issues count to `GET /labels/{id}/hosts` response
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Tech Debt: Consistency in code for anchor elements and external links
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
* This updates the manage host page for better usability on smaller screen widths. It remover the
|
||||
labels sidebar and adds them into a table filter select dropdown.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Added detailed documentation of all organization settings, including default values and whether it is a required setting or not.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* UI shows sql of scheduled queries
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Implemented retries as a workaround for transient failures when building MSI packages on Apple M1.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Added activities for when a team spec is applied and when the agent options are edited.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
* Improved vulnerability detection on MacOS to decrease false positives and added the ability to define custom rules for matching software to CPEs for vulnerability processing.
|
||||
When upgrading fleet, there are a few config options to consider or else vulnerability processing will stop working.
|
||||
If the environment variable `FLEET_VULNERABILITIES_DISABLE_DATA_SYNC` is set to `true` or the flag `--vulnerabilities_disable_data_sync` is set, you must manually download the latest CPE database and CPE translations files and copy them to the vulnerabilities databases path that has been configured for fleet..
|
||||
If the environment variable `FLEET_VULNERABILITIES_CPE_DATABASE_URL` is set or the flag `--vulnerabilities_cpe_database_url` is set, you must ensure that the CPE database file the url points to has been updated to the latest version.
|
||||
The latest CPE database and CPE translations files can be downloaded from [NVD Releases](https://github.com/fleetdm/nvd/releases/latest).
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Adds loading spinners to all buttons that post to the API
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Add back button to new pack and edit pack page
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Added the ingestion of Munki issues (error and warning messages provided by the `munki_info` macadmins osquery extension table) and added this information to the response payload of the `GET /api/v1/fleet/hosts/{id}/macadmins` endpoint, and compute aggregated stats by Munki issue, now returned as part of the `GET /api/v1/fleet/macadmins` endpoint.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Improved agent options in-page documentation
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Modifying filters on the manage host page returns host table to page 0
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Fleet UI: Show user errors for creating/editing a label with a label name or label description that is too long
|
||||
|
|
@ -1 +0,0 @@
|
|||
* adds better messaging where there is an error in the setup flow
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Add host button still shown when search returns 0 hosts, noly hides when 0 hosts and empty state with add host button is shown
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Clean up CSS for Welcome to Fleet card
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
* Renamed the `host_settings` config to `features`.
|
||||
* Teams: Added the ability to apply custom `features` settings to each team.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Bug fix to collapse label sidebar
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Clearing filter pill on host detail page only clears that single filter
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Removed the `hosts_count` field from the `mobile_device_management_solution` and `munki_issue` top-level objects in the `GET /hosts` API endpoint response, as it was a pre-computed count that is updated at intervals, not a live count, and it could be confusing when it did not match the number of hosts returned.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Add padding to accomodate tooltip at bottom of page causing double scroll bar
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Updated the UI preview and the documentation example for the usage statistics' `hostsEnrolledByOperatingSystem` so that it more closely matches the actual values collected.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Fleet UI to use Client side pagination which fixes bug hiding users over 20 users
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Fix flakey software count
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Fleet Free and Fleet Premium UI show different software automation payload example
|
||||
|
|
@ -1 +0,0 @@
|
|||
* UI supports more than 20 teams
|
||||
|
|
@ -4,9 +4,9 @@ name: fleet
|
|||
keywords:
|
||||
- fleet
|
||||
- osquery
|
||||
version: v4.19.1
|
||||
version: v4.20.0
|
||||
home: https://github.com/fleetdm/fleet
|
||||
sources:
|
||||
- https://github.com/fleetdm/fleet.git
|
||||
appVersion: v4.19.1
|
||||
appVersion: v4.20.0
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
# All settings related to how Fleet is deployed in Kubernetes
|
||||
hostName: fleet.localhost
|
||||
replicas: 3 # The number of Fleet instances to deploy
|
||||
imageTag: v4.19.1 # Version of Fleet to deploy
|
||||
imageTag: v4.20.0 # Version of Fleet to deploy
|
||||
createIngress: true # Whether or not to automatically create an Ingress
|
||||
ingressAnnotations: {} # Additional annotation to add to the Ingress
|
||||
podAnnotations: {} # Additional annotations to add to the Fleet pod
|
||||
|
|
|
|||
|
|
@ -264,7 +264,7 @@ spec:
|
|||
spec:
|
||||
containers:
|
||||
- name: fleet
|
||||
image: fleetdm/fleet:4.19.1
|
||||
image: fleetdm/fleet:4.20.0
|
||||
env:
|
||||
- name: FLEET_MYSQL_ADDRESS
|
||||
valueFrom:
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ variable "database_name" {
|
|||
|
||||
variable "fleet_image" {
|
||||
description = "the name of the container image to run"
|
||||
default = "fleetdm/fleet:v4.19.1"
|
||||
default = "fleetdm/fleet:v4.20.0"
|
||||
}
|
||||
|
||||
variable "software_inventory" {
|
||||
|
|
|
|||
|
|
@ -68,5 +68,5 @@ variable "redis_mem" {
|
|||
}
|
||||
|
||||
variable "image" {
|
||||
default = "fleet:v4.19.1"
|
||||
default = "fleet:v4.20.0"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -157,7 +157,7 @@ resource "helm_release" "main" {
|
|||
|
||||
set {
|
||||
name = "imageTag"
|
||||
value = "v4.19.1"
|
||||
value = "v4.20.0"
|
||||
}
|
||||
|
||||
set {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "fleetctl",
|
||||
"version": "v4.19.1",
|
||||
"version": "v4.20.0",
|
||||
"description": "Installer for the fleetctl CLI tool",
|
||||
"bin": {
|
||||
"fleetctl": "./run.js"
|
||||
|
|
|
|||
Loading…
Reference in a new issue