diff --git a/CHANGELOG.md b/CHANGELOG.md index e61e745d04..935643fc35 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,47 @@ +## Fleet 4.20.0 (Sep 9, 2022) + +* Add ability to know how many hosts, and which hosts, have Munki issues. This information is presented on the **Home > macOS** page and **Host details** page. This information is also available in the [`GET /api/v1/fleet/macadmins`](https://fleetdm.com/docs/using-fleet/rest-api#get-aggregated-hosts-mobile-device-management-mdm-and-munki-information) and [`GET /api/v1/fleet/hosts/{id}/macadmins`](https://fleetdm.com/docs/using-fleet/rest-api#get-hosts-mobile-device-management-mdm-and-munki-information) and API routes. + +* Fleet Premium: Added ability to test features, like software inventory, on canary teams by adding a [`features` section](https://fleetdm.com/docs/using-fleet/configuration-files#features) to the `teams` YAML document. + +* Improved vulnerability detection for macOS hosts by improving detection of Zoom, Ruby, and Node.js vulnerabilities. Warning: For users that download and sync Fleet's vulnerability feeds manually, there are [required adjustments](https://github.com/fleetdm/fleet/issues/6628) or else vulnerability processing will stop working. Users with the default vulnerability processing settings can safely upgrade without adjustments. + +* Fleet Premium: Improved the vulnerability automations by adding vulnerability scores (EPSS probability, CVSS scores, and CISA-known exploits) to the webhook payload. Read more about vulnerability automations on [fleetdm.com/docs](https://fleetdm.com/docs/using-fleet/automations#vulnerability-automations). + +* Renamed the `host_settings` section to `features` in the the [`config` YAML file](https://fleetdm.com/docs/using-fleet/configuration-files#features). But `host_settings` is still supported for backwards compatibility. + +* Improved the activity feed by adding the ability to see who modified agent options and when modifications occurred. This information is available on the Home page in the Fleet UI and the [`GET /activites` API route](https://fleetdm.com/docs/using-fleet/rest-api#activities). + +* Improved the [`config` YAML documentation](https://fleetdm.com/docs/using-fleet/configuration-files#organization-settings). + +* Improved the **Hosts** page for smaller screen widths. + +* Improved the building of osquery installers for Windows (`.msi` packages). + +* Added a **Show query** button on the **Schedule** page, which adds the ability to quickly see a query's SQL. + +* Improved the Fleet UI by adding loading spinners to all buttons that create or update entities in Fleet (e.g., users). + +* Fixed a bug in which a user could not reach some teams in the UI via pagination if there were more than 20 teams. + +* Fixed a bug in which a user could not reach some users in the UI via pagination if there were more than 20 users. + +* Fixed a bug in which duplicate vulnerabilities (CVEs) sometimes appeared on **Software details** page. + +* Fixed a bug in which the count in the **Issues** column (exclamation tooltip) in the **Hosts** table would sometimes not appear. + +* Fixed a bug in which no error message would appear if there was an issue while setting up Fleet. + +* Fixed a bug in which no error message would appear if users were creating or editing a label with a name or description that was too long. + +* Fixed a big in which the example payload for usage statistics included incorrect key names. + +* Fixed a bug in which the count above the **Software** table would sometimes not appear. + +* Fixed a bug in which the **Add hosts** button would not be displayed when search returned 0 hosts. + +* Fixed a bug in which modifying filters on the **Hosts** page would not return the user to the first page of the **Hosts** table. + ## Fleet 4.19.1 (Sep 1, 2022) * Fix a migration error that may occur when upgrading to Fleet 4.19.0. diff --git a/changes/bug-7320-duplicates-cves-in-software-page b/changes/bug-7320-duplicates-cves-in-software-page deleted file mode 100644 index 6057f5c396..0000000000 --- a/changes/bug-7320-duplicates-cves-in-software-page +++ /dev/null @@ -1 +0,0 @@ -The software details page was showing duplicated vulnerabilities if the software was used by many hosts. diff --git a/changes/bug-7465-bump-migrations b/changes/bug-7465-bump-migrations deleted file mode 100644 index b93f4d33bb..0000000000 --- a/changes/bug-7465-bump-migrations +++ /dev/null @@ -1,4 +0,0 @@ -Bumped up the following migrations: - -- 20220711104651_RemoveCpeIDColumnFromSoftwareCve -- 20220809091020_AddWindowsUpdatesTable diff --git a/changes/feature-6538-remove-cpe_id-column b/changes/feature-6538-remove-cpe_id-column deleted file mode 100644 index f4fc4da620..0000000000 --- a/changes/feature-6538-remove-cpe_id-column +++ /dev/null @@ -1 +0,0 @@ -- Removed cpe_id column from the software_cve table. \ No newline at end of file diff --git a/changes/feature-6931-display-munki-issues-in-ui b/changes/feature-6931-display-munki-issues-in-ui deleted file mode 100644 index 803d101ce9..0000000000 --- a/changes/feature-6931-display-munki-issues-in-ui +++ /dev/null @@ -1 +0,0 @@ -* UI displays munki issues on macOS homepage, filter by issue on manage host page, and munki issue table on host details page \ No newline at end of file diff --git a/changes/feature-7076-store-windows-updates b/changes/feature-7076-store-windows-updates deleted file mode 100644 index 01e234a418..0000000000 --- a/changes/feature-7076-store-windows-updates +++ /dev/null @@ -1,3 +0,0 @@ -- We now ingest and store installed Windows updates in a new table, `windows_updates`. -- Added a new configuration option used for disabling the ingestion of Windows updates and also - disabling Windows vulnerability scans. diff --git a/changes/feature-7077-msrc-parser b/changes/feature-7077-msrc-parser deleted file mode 100644 index b08fc2fdec..0000000000 --- a/changes/feature-7077-msrc-parser +++ /dev/null @@ -1,2 +0,0 @@ -- Added the MSRC feed parser that we will be using for generating the MSRC artifacts. -- Added sync logic for keeping the local MSRC artifacts up to date. diff --git a/changes/feature-7559-webhook-payload-includes-cve-scores b/changes/feature-7559-webhook-payload-includes-cve-scores deleted file mode 100644 index 4d0d1c64c3..0000000000 --- a/changes/feature-7559-webhook-payload-includes-cve-scores +++ /dev/null @@ -1,2 +0,0 @@ -- Include the CVSS score, EPSS score, and known exploits properties in the vulnerability Webhook - payload only if the customer is premium. diff --git a/changes/issue-4248-list-label-hosts-failing-policies b/changes/issue-4248-list-label-hosts-failing-policies deleted file mode 100644 index 74f2982737..0000000000 --- a/changes/issue-4248-list-label-hosts-failing-policies +++ /dev/null @@ -1 +0,0 @@ -- Added issues count to `GET /labels/{id}/hosts` response diff --git a/changes/issue-4465-tech-debt-anchor-elements b/changes/issue-4465-tech-debt-anchor-elements deleted file mode 100644 index b1c9fc1ddb..0000000000 --- a/changes/issue-4465-tech-debt-anchor-elements +++ /dev/null @@ -1 +0,0 @@ -* Tech Debt: Consistency in code for anchor elements and external links \ No newline at end of file diff --git a/changes/issue-5138-host-page-smaller-screen-width b/changes/issue-5138-host-page-smaller-screen-width deleted file mode 100644 index 17b619fbaf..0000000000 --- a/changes/issue-5138-host-page-smaller-screen-width +++ /dev/null @@ -1,2 +0,0 @@ -* This updates the manage host page for better usability on smaller screen widths. It remover the -labels sidebar and adds them into a table filter select dropdown. diff --git a/changes/issue-5222-document-all-organization-settings b/changes/issue-5222-document-all-organization-settings deleted file mode 100644 index 258e433378..0000000000 --- a/changes/issue-5222-document-all-organization-settings +++ /dev/null @@ -1 +0,0 @@ -* Added detailed documentation of all organization settings, including default values and whether it is a required setting or not. diff --git a/changes/issue-5725-show-sql-of-scheduled-queries b/changes/issue-5725-show-sql-of-scheduled-queries deleted file mode 100644 index a315c374a5..0000000000 --- a/changes/issue-5725-show-sql-of-scheduled-queries +++ /dev/null @@ -1 +0,0 @@ -* UI shows sql of scheduled queries \ No newline at end of file diff --git a/changes/issue-5732-workaround-to-build-msi-on-apple-m1 b/changes/issue-5732-workaround-to-build-msi-on-apple-m1 deleted file mode 100644 index 0d7552df94..0000000000 --- a/changes/issue-5732-workaround-to-build-msi-on-apple-m1 +++ /dev/null @@ -1 +0,0 @@ -* Implemented retries as a workaround for transient failures when building MSI packages on Apple M1. diff --git a/changes/issue-6610-add-team-and-agent-options-activities b/changes/issue-6610-add-team-and-agent-options-activities deleted file mode 100644 index 276799d5c6..0000000000 --- a/changes/issue-6610-add-team-and-agent-options-activities +++ /dev/null @@ -1 +0,0 @@ -* Added activities for when a team spec is applied and when the agent options are edited. diff --git a/changes/issue-6628-macos-vuln b/changes/issue-6628-macos-vuln deleted file mode 100644 index 98feffff93..0000000000 --- a/changes/issue-6628-macos-vuln +++ /dev/null @@ -1,5 +0,0 @@ -* Improved vulnerability detection on MacOS to decrease false positives and added the ability to define custom rules for matching software to CPEs for vulnerability processing. - When upgrading fleet, there are a few config options to consider or else vulnerability processing will stop working. - If the environment variable `FLEET_VULNERABILITIES_DISABLE_DATA_SYNC` is set to `true` or the flag `--vulnerabilities_disable_data_sync` is set, you must manually download the latest CPE database and CPE translations files and copy them to the vulnerabilities databases path that has been configured for fleet.. - If the environment variable `FLEET_VULNERABILITIES_CPE_DATABASE_URL` is set or the flag `--vulnerabilities_cpe_database_url` is set, you must ensure that the CPE database file the url points to has been updated to the latest version. - The latest CPE database and CPE translations files can be downloaded from [NVD Releases](https://github.com/fleetdm/nvd/releases/latest). diff --git a/changes/issue-6666-loading-spinners b/changes/issue-6666-loading-spinners deleted file mode 100644 index c069890716..0000000000 --- a/changes/issue-6666-loading-spinners +++ /dev/null @@ -1 +0,0 @@ -* Adds loading spinners to all buttons that post to the API \ No newline at end of file diff --git a/changes/issue-6918-back-to-packs b/changes/issue-6918-back-to-packs deleted file mode 100644 index 3456a5838b..0000000000 --- a/changes/issue-6918-back-to-packs +++ /dev/null @@ -1 +0,0 @@ -* Add back button to new pack and edit pack page \ No newline at end of file diff --git a/changes/issue-6961-add-munki-issues-and-aggregate-stats b/changes/issue-6961-add-munki-issues-and-aggregate-stats deleted file mode 100644 index a01286c7ce..0000000000 --- a/changes/issue-6961-add-munki-issues-and-aggregate-stats +++ /dev/null @@ -1 +0,0 @@ -* Added the ingestion of Munki issues (error and warning messages provided by the `munki_info` macadmins osquery extension table) and added this information to the response payload of the `GET /api/v1/fleet/hosts/{id}/macadmins` endpoint, and compute aggregated stats by Munki issue, now returned as part of the `GET /api/v1/fleet/macadmins` endpoint. diff --git a/changes/issue-7125-update-agent-options-cta b/changes/issue-7125-update-agent-options-cta deleted file mode 100644 index ed0560f887..0000000000 --- a/changes/issue-7125-update-agent-options-cta +++ /dev/null @@ -1 +0,0 @@ -* Improved agent options in-page documentation \ No newline at end of file diff --git a/changes/issue-7171-modifying-filters-page-0 b/changes/issue-7171-modifying-filters-page-0 deleted file mode 100644 index 941270d30c..0000000000 --- a/changes/issue-7171-modifying-filters-page-0 +++ /dev/null @@ -1 +0,0 @@ -* Modifying filters on the manage host page returns host table to page 0 \ No newline at end of file diff --git a/changes/issue-7196-label-name-description-char-limit b/changes/issue-7196-label-name-description-char-limit deleted file mode 100644 index 473c75d257..0000000000 --- a/changes/issue-7196-label-name-description-char-limit +++ /dev/null @@ -1 +0,0 @@ -* Fleet UI: Show user errors for creating/editing a label with a label name or label description that is too long \ No newline at end of file diff --git a/changes/issue-7245-improve-messaging-when-error-in-setup b/changes/issue-7245-improve-messaging-when-error-in-setup deleted file mode 100644 index 59b8a4c82f..0000000000 --- a/changes/issue-7245-improve-messaging-when-error-in-setup +++ /dev/null @@ -1 +0,0 @@ -* adds better messaging where there is an error in the setup flow diff --git a/changes/issue-7268-add-host-button-bug b/changes/issue-7268-add-host-button-bug deleted file mode 100644 index ee93d4eda7..0000000000 --- a/changes/issue-7268-add-host-button-bug +++ /dev/null @@ -1 +0,0 @@ -- Add host button still shown when search returns 0 hosts, noly hides when 0 hosts and empty state with add host button is shown \ No newline at end of file diff --git a/changes/issue-7305-spiffier-welcome-to-fleet-card b/changes/issue-7305-spiffier-welcome-to-fleet-card deleted file mode 100644 index 5ef487a880..0000000000 --- a/changes/issue-7305-spiffier-welcome-to-fleet-card +++ /dev/null @@ -1 +0,0 @@ -* Clean up CSS for Welcome to Fleet card \ No newline at end of file diff --git a/changes/issue-7312-features-config b/changes/issue-7312-features-config deleted file mode 100644 index 525ffa9ce7..0000000000 --- a/changes/issue-7312-features-config +++ /dev/null @@ -1,2 +0,0 @@ -* Renamed the `host_settings` config to `features`. -* Teams: Added the ability to apply custom `features` settings to each team. diff --git a/changes/issue-7364-fix-label-collapsing-sidebar b/changes/issue-7364-fix-label-collapsing-sidebar deleted file mode 100644 index d8dea24533..0000000000 --- a/changes/issue-7364-fix-label-collapsing-sidebar +++ /dev/null @@ -1 +0,0 @@ -* Bug fix to collapse label sidebar \ No newline at end of file diff --git a/changes/issue-7463-fix-clearing-host-filters b/changes/issue-7463-fix-clearing-host-filters deleted file mode 100644 index d98d472cd1..0000000000 --- a/changes/issue-7463-fix-clearing-host-filters +++ /dev/null @@ -1 +0,0 @@ -* Clearing filter pill on host detail page only clears that single filter \ No newline at end of file diff --git a/changes/issue-7489-remove-hosts-count-aggregate-stats b/changes/issue-7489-remove-hosts-count-aggregate-stats deleted file mode 100644 index edcda71e64..0000000000 --- a/changes/issue-7489-remove-hosts-count-aggregate-stats +++ /dev/null @@ -1 +0,0 @@ -* Removed the `hosts_count` field from the `mobile_device_management_solution` and `munki_issue` top-level objects in the `GET /hosts` API endpoint response, as it was a pre-computed count that is updated at intervals, not a live count, and it could be confusing when it did not match the number of hosts returned. diff --git a/changes/issue-7527-fix-scroll-bug b/changes/issue-7527-fix-scroll-bug deleted file mode 100644 index 23ff38b648..0000000000 --- a/changes/issue-7527-fix-scroll-bug +++ /dev/null @@ -1 +0,0 @@ -* Add padding to accomodate tooltip at bottom of page causing double scroll bar \ No newline at end of file diff --git a/changes/issue-7560-update-hostsenrolledbyos-examples b/changes/issue-7560-update-hostsenrolledbyos-examples deleted file mode 100644 index 8b00307f80..0000000000 --- a/changes/issue-7560-update-hostsenrolledbyos-examples +++ /dev/null @@ -1 +0,0 @@ -* Updated the UI preview and the documentation example for the usage statistics' `hostsEnrolledByOperatingSystem` so that it more closely matches the actual values collected. diff --git a/changes/issue-7582-user-pagination-bug b/changes/issue-7582-user-pagination-bug deleted file mode 100644 index 70696733eb..0000000000 --- a/changes/issue-7582-user-pagination-bug +++ /dev/null @@ -1 +0,0 @@ -* Fleet UI to use Client side pagination which fixes bug hiding users over 20 users \ No newline at end of file diff --git a/changes/issue-7585-fix-flakey-software-count b/changes/issue-7585-fix-flakey-software-count deleted file mode 100644 index 9d00787e8d..0000000000 --- a/changes/issue-7585-fix-flakey-software-count +++ /dev/null @@ -1 +0,0 @@ -* Fix flakey software count \ No newline at end of file diff --git a/changes/issue-7602-software-automations-payload-example b/changes/issue-7602-software-automations-payload-example deleted file mode 100644 index d41d895033..0000000000 --- a/changes/issue-7602-software-automations-payload-example +++ /dev/null @@ -1 +0,0 @@ -* Fleet Free and Fleet Premium UI show different software automation payload example \ No newline at end of file diff --git a/changes/issue-7622-more-than-20-teams-in-ui b/changes/issue-7622-more-than-20-teams-in-ui deleted file mode 100644 index 44f44f445a..0000000000 --- a/changes/issue-7622-more-than-20-teams-in-ui +++ /dev/null @@ -1 +0,0 @@ -* UI supports more than 20 teams \ No newline at end of file diff --git a/charts/fleet/Chart.yaml b/charts/fleet/Chart.yaml index c36a66cdaf..20c411d745 100644 --- a/charts/fleet/Chart.yaml +++ b/charts/fleet/Chart.yaml @@ -4,9 +4,9 @@ name: fleet keywords: - fleet - osquery -version: v4.19.1 +version: v4.20.0 home: https://github.com/fleetdm/fleet sources: - https://github.com/fleetdm/fleet.git -appVersion: v4.19.1 +appVersion: v4.20.0 diff --git a/charts/fleet/values.yaml b/charts/fleet/values.yaml index 6ada297286..68d5bf38bd 100644 --- a/charts/fleet/values.yaml +++ b/charts/fleet/values.yaml @@ -2,7 +2,7 @@ # All settings related to how Fleet is deployed in Kubernetes hostName: fleet.localhost replicas: 3 # The number of Fleet instances to deploy -imageTag: v4.19.1 # Version of Fleet to deploy +imageTag: v4.20.0 # Version of Fleet to deploy createIngress: true # Whether or not to automatically create an Ingress ingressAnnotations: {} # Additional annotation to add to the Ingress podAnnotations: {} # Additional annotations to add to the Fleet pod diff --git a/docs/Deploying/Server-Installation.md b/docs/Deploying/Server-Installation.md index 4c66855d38..a8ccac9b21 100644 --- a/docs/Deploying/Server-Installation.md +++ b/docs/Deploying/Server-Installation.md @@ -264,7 +264,7 @@ spec: spec: containers: - name: fleet - image: fleetdm/fleet:4.19.1 + image: fleetdm/fleet:4.20.0 env: - name: FLEET_MYSQL_ADDRESS valueFrom: diff --git a/infrastructure/dogfood/terraform/aws/variables.tf b/infrastructure/dogfood/terraform/aws/variables.tf index 1ac4b81d06..563f4d7dcb 100644 --- a/infrastructure/dogfood/terraform/aws/variables.tf +++ b/infrastructure/dogfood/terraform/aws/variables.tf @@ -56,7 +56,7 @@ variable "database_name" { variable "fleet_image" { description = "the name of the container image to run" - default = "fleetdm/fleet:v4.19.1" + default = "fleetdm/fleet:v4.20.0" } variable "software_inventory" { diff --git a/infrastructure/dogfood/terraform/gcp/variables.tf b/infrastructure/dogfood/terraform/gcp/variables.tf index aaf32ee1fe..8e8404b73e 100644 --- a/infrastructure/dogfood/terraform/gcp/variables.tf +++ b/infrastructure/dogfood/terraform/gcp/variables.tf @@ -68,5 +68,5 @@ variable "redis_mem" { } variable "image" { - default = "fleet:v4.19.1" + default = "fleet:v4.20.0" } diff --git a/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/main.tf b/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/main.tf index 01a9459863..cd7a990081 100644 --- a/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/main.tf +++ b/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/main.tf @@ -157,7 +157,7 @@ resource "helm_release" "main" { set { name = "imageTag" - value = "v4.19.1" + value = "v4.20.0" } set { diff --git a/tools/fleetctl-npm/package.json b/tools/fleetctl-npm/package.json index 21fc19abdd..be65387846 100644 --- a/tools/fleetctl-npm/package.json +++ b/tools/fleetctl-npm/package.json @@ -1,6 +1,6 @@ { "name": "fleetctl", - "version": "v4.19.1", + "version": "v4.20.0", "description": "Installer for the fleetctl CLI tool", "bin": { "fleetctl": "./run.js"