Prepare v4.35.0 (#13077)

2026-04-21 13:37:30 +00:00 · 2023-08-01 09:22:01 -07:00 · 2023-08-01 09:22:01 -07:00 · 648b25bf4d
commit 648b25bf4d
parent ad96043e8f
35 changed files with 67 additions and 38 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,3 +1,63 @@
+## Fleet 4.35.0 (Jul 31, 2023)
+
+* Combined the query and schedule features to provide a single interface for creating, scheduling, and tweaking queries at the global and team level.
+
+* Merged all functionality of the schedule page into the queries page.
+
+* Updated the save query modal to include scheduling-related fields.
+
+* Updated queries table schema to allow storing scheduling information and configuration in the queries table.
+
+* Users now able to manage scheduled queries using automations modal.
+
+* The `osquery/config` endpoint now includes scheduled queries for the host's team stored in the `queries` table.
+
+* Query editor now includes frequency and other advanced options.
+
+* Updated macOS MDM setup UI in Fleet UI.
+
+* Changed how team assignment works for the Puppet module, for more details see the [README](https://github.com/fleetdm/fleet/blob/main/ee/tools/puppet/fleetdm/README.md).
+
+* Allow the Puppet module to read different Fleet URL/token combinations for different environments.
+
+* Updated server logging for webhook requests to mask URL query values if the query param name includes "secret", "token", "key", "password".
+
+* Added support for Azure JWT tokens.
+
+* Set `DeferForceAtUserLoginMaxBypassAttempts` to `1` in the default FileVault profile installed by Fleet.
+
+* Added dark and light mode logo uploads and show the appropriate logo to the macOS MDM migration flow.
+
+* Added MSI installer deployement support through MS-MDM.
+
+* Added support for Windows MDM STS Auth Endpoint.
+
+* Added support for installing Fleetd after enrolling through Azure account.
+
+* Added support for MDM TOS endpoint.
+
+* Updated the "Platforms" column to the more explicit "Compatible with".
+
+* Improved delivery of Apple MDM profiles by not re-sending `InstallProfile` commands if a host switches teams but the profile contents are the same.
+
+* Improved error handling and messaging of SSO login during AEP(DEP) enrollments.
+
+* Improved the reporting of the Puppet module to only report as changed profiles that actually changed during a run.
+
+* Updated ingestion of host detail queries for MDM so hosts that report empty results are counted as "Off".
+
+* Upgraded Go version to v1.19.11.
+
+* If a policy was defined with an invalid query, the desktop endpoint now counts that policy as a failed policy.
+
+* Fixed issue where Orbit repeatedly tries to launch Nudge in the event of a launch error.
+
+* Fixed Observer + should be able to run any query by clicking create new query.
+
+* Fixed the styling of the initial setup flow.
+
+* Fixed URL used to check Gravatar network availability.
+
 ## Fleet 4.34.1 (Jul 14, 2023)

 * Fixed Observer+ not being able to run some queries.
--- a/changes/12480-puppet-module-changes
+++ b/changes/12480-puppet-module-changes
@ -1 +0,0 @@
-* Improve the reporting of the puppet module to only report as changed profiles that actually changed during a run.
--- a/changes/12481-profile-redelivery-v2
+++ b/changes/12481-profile-redelivery-v2
@ -1 +0,0 @@
-* Improved delivery of Apple MDM profiles by not re-sending `InstallProfile` commands if a host switches teams but the profile contents are the same.
--- a/changes/12532-puppet-module-team-assignment
+++ b/changes/12532-puppet-module-team-assignment
@ -1 +0,0 @@
-* Changed how team assignment works for the Puppet module, for more details see the [README](https://github.com/fleetdm/fleet/blob/main/ee/tools/puppet/fleetdm/README.md)
--- a/changes/12570-mask-webhook-url-logs
+++ b/changes/12570-mask-webhook-url-logs
@ -1 +0,0 @@
- Updated server logging for webhook requests to mask URL query values if the query param name includes "secret", "token", "key", "password".
--- a/changes/12608-force-fv
+++ b/changes/12608-force-fv
@ -1 +0,0 @@
-* Set `DeferForceAtUserLoginMaxBypassAttempts` to `1` in the default FileVault profile installed by Fleet.
--- a/changes/12636-merge-schedule-into-queries
+++ b/changes/12636-merge-schedule-into-queries
@ -1 +0,0 @@
- Merged all functionality of the Schedule page into the Queries page
--- a/changes/12644-include-scheduled-queries-in-getclientconfig
+++ b/changes/12644-include-scheduled-queries-in-getclientconfig
@ -1,2 +0,0 @@
- The `osquery/config` endpoint should include scheduled queries for the host's team stored in the
-  `queries` table.
--- a/changes/12645-manage-query-automations
+++ b/changes/12645-manage-query-automations
@ -1 +0,0 @@
- Users able to manage schedulable queries (new feature) with automations modal
--- a/changes/12646-new-query-editor
+++ b/changes/12646-new-query-editor
@ -1 +0,0 @@
- Query editor includes frequency and other advanced options
--- a/changes/12646-update-save-query-modal
+++ b/changes/12646-update-save-query-modal
@ -1 +0,0 @@
- Update the save query modal to include scheduling-related fields.
--- a/changes/12692-macos-helpful-message
+++ b/changes/12692-macos-helpful-message
@ -1 +0,0 @@
-* Improve error handling and messaging of SSO login during AEP(DEP) enrollments.
--- a/changes/12872-upgrade-go-version
+++ b/changes/12872-upgrade-go-version
@ -1 +0,0 @@
-* Upgraded Go version to v1.19.11
--- a/changes/12897-puppet-envs
+++ b/changes/12897-puppet-envs
@ -1 +0,0 @@
-* Allow the puppet module to read different Fleet URL/token combinations for different environments
--- a/changes/12935-fix-setup-flow-styling
+++ b/changes/12935-fix-setup-flow-styling
@ -1 +0,0 @@
-* Fixed the styling of the initial setup flow
--- a/changes/12999-platforms-column
+++ b/changes/12999-platforms-column
@ -1 +0,0 @@
-* Update the "Platforms" column to the more explicit "Compatible with"
--- a/changes/7765-combine-schedules-and-queries
+++ b/changes/7765-combine-schedules-and-queries
@ -1 +0,0 @@
- Combine the query and schedule features to provide a single interface for creating, scheduling, and tweaking queries at the global and team level.
--- a/changes/7765-queries-schedules-schema-updates
+++ b/changes/7765-queries-schedules-schema-updates
@ -1 +0,0 @@
- Updated 'queries' table schema to allow storing scheduling information and configuration in the 'queries' table.
--- a/changes/fix-gravatar-url
+++ b/changes/fix-gravatar-url
@ -1 +0,0 @@
-* Fixed URL used to check Gravatar network availability.
--- a/changes/issue-12053-dark-and-light-mode-logo
+++ b/changes/issue-12053-dark-and-light-mode-logo
@ -1 +0,0 @@
- add dark and light mode logo uploads and show the appropriate logo to the macOS mdm migration flow
--- a/changes/issue-12168-update-macos-mdm-setup-uo
+++ b/changes/issue-12168-update-macos-mdm-setup-uo
@ -1 +0,0 @@
- update macos mdm setup UI in fleet UI
--- a/changes/issue-12529-mdm-counts-off
+++ b/changes/issue-12529-mdm-counts-off
@ -1 +0,0 @@
- Updated ingestion of host detail queries for MDM so hosts that report empty results are counted as "Off".
--- a/changes/issue-12600-azure-install-support
+++ b/changes/issue-12600-azure-install-support
@ -1 +0,0 @@
-* Adding support to install Fleetd after enrolling through Azure account
--- a/changes/issue-12600-windows-installer
+++ b/changes/issue-12600-windows-installer
@ -1 +0,0 @@
-* Add MSI installer deployement support through MS-MDM
--- a/changes/issue-12604-azure-tos-endpoint
+++ b/changes/issue-12604-azure-tos-endpoint
@ -1 +0,0 @@
-* Adding support for MDM TOS endpoint 
--- a/changes/issue-12613-azure-jwt-support
+++ b/changes/issue-12613-azure-jwt-support
@ -1 +0,0 @@
-* Adding support for Azure JWT tokens
--- a/changes/issue-12614-adding-support-for-sts-auth-endpoint
+++ b/changes/issue-12614-adding-support-for-sts-auth-endpoint
@ -1 +0,0 @@
-* Adding support for Windows MDM STS Auth Endpoint
--- a/changes/issue-12759-nudge-launch-errors
+++ b/changes/issue-12759-nudge-launch-errors
@ -1,4 +0,0 @@
- Addressed issue where Orbit repeatedly tries to launch Nudge in the event of a launch error, which
-  causes Nudge to steal focus from the user's current application. Instead, Nudge will now be disabled
-  if it encounters a launch error. It will remain disabled until Orbit is restarted or the Nudge app
-  is updated.
--- a/charts/fleet/Chart.yaml
+++ b/charts/fleet/Chart.yaml
@ -8,4 +8,4 @@ version: v5.0.1
 home: https://github.com/fleetdm/fleet
 sources:
  - https://github.com/fleetdm/fleet.git
-appVersion: v4.34.1
+appVersion: v4.35.0
--- a/charts/fleet/values.yaml
+++ b/charts/fleet/values.yaml
@ -2,7 +2,7 @@
 # All settings related to how Fleet is deployed in Kubernetes
 hostName: fleet.localhost
 replicas: 3 # The number of Fleet instances to deploy
-imageTag: v4.34.1 # Version of Fleet to deploy
+imageTag: v4.35.0 # Version of Fleet to deploy
 podAnnotations: {} # Additional annotations to add to the Fleet pod
 serviceAccountAnnotations: {} # Additional annotations to add to the Fleet service account
 resources:
--- a/infrastructure/dogfood/terraform/aws/variables.tf
+++ b/infrastructure/dogfood/terraform/aws/variables.tf
@ -56,7 +56,7 @@ variable "database_name" {

 variable "fleet_image" {
  description = "the name of the container image to run"
-  default     = "fleetdm/fleet:v4.34.1"
+  default     = "fleetdm/fleet:v4.35.0"
 }

 variable "software_inventory" {
--- a/infrastructure/dogfood/terraform/gcp/variables.tf
+++ b/infrastructure/dogfood/terraform/gcp/variables.tf
@ -68,5 +68,5 @@ variable "redis_mem" {
 }

 variable "image" {
-  default = "fleet:v4.34.1"
+  default = "fleet:v4.35.0"
 }
--- a/infrastructure/sandbox/JITProvisioner/jitprovisioner.tf
+++ b/infrastructure/sandbox/JITProvisioner/jitprovisioner.tf
@ -206,7 +206,7 @@ resource "random_uuid" "jitprovisioner" {

 # Use the local to make the trigger work.
 locals {
-  fleet_tag = "v4.34.1"
+  fleet_tag = "v4.35.0"
 }

 resource "null_resource" "standard-query-library" {
--- a/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/main.tf
+++ b/infrastructure/sandbox/PreProvisioner/lambda/deploy_terraform/main.tf
@ -165,7 +165,7 @@ resource "helm_release" "main" {

  set {
    name  = "imageTag"
-    value = "v4.34.1"
+    value = "v4.35.0"
  }

  set {
--- a/tools/fleetctl-npm/package.json
+++ b/tools/fleetctl-npm/package.json
@ -1,6 +1,6 @@
 {
  "name": "fleetctl",
-  "version": "v4.34.1",
+  "version": "v4.35.0",
  "description": "Installer for the fleetctl CLI tool",
  "bin": {
    "fleetctl": "./run.js"
				`@ -1 +0,0 @@`
				`* Improve the reporting of the puppet module to only report as changed profiles that actually changed during a run.`
				`@ -1 +0,0 @@`
				* Improved delivery of Apple MDM profiles by not re-sending `InstallProfile` commands if a host switches teams but the profile contents are the same.
				`@ -1 +0,0 @@`
				`* Changed how team assignment works for the Puppet module, for more details see the [README](https://github.com/fleetdm/fleet/blob/main/ee/tools/puppet/fleetdm/README.md)`
				`@ -1 +0,0 @@`
				`- Updated server logging for webhook requests to mask URL query values if the query param name includes "secret", "token", "key", "password".`
				`@ -1 +0,0 @@`
				* Set `DeferForceAtUserLoginMaxBypassAttempts` to `1` in the default FileVault profile installed by Fleet.
				`@ -1 +0,0 @@`
				`- Merged all functionality of the Schedule page into the Queries page`
				`@ -1 +0,0 @@`
				`- Users able to manage schedulable queries (new feature) with automations modal`
				`@ -1 +0,0 @@`
				`- Query editor includes frequency and other advanced options`
				`@ -1 +0,0 @@`
				`- Update the save query modal to include scheduling-related fields.`
				`@ -1 +0,0 @@`
				`* Improve error handling and messaging of SSO login during AEP(DEP) enrollments.`