mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 13:37:30 +00:00
Prepare v4.42.0 (#15812)
This commit is contained in:
Luke Heath
GitHub
parent
fa9f1838f2
commit
f5af49f766
67 changed files with 71 additions and 85 deletions
59
CHANGELOG.md
59
CHANGELOG.md
|
|
@ -1,3 +1,62 @@
|
|||
## Fleet 4.42.0 (Dec 21, 2023)
|
||||
|
||||
### Changes
|
||||
|
||||
* **Endpoint operations**:
|
||||
- Added `fleet/device/{token}/ping` endpoint for agent token checks.
|
||||
- Added `GET /hosts/{id}/health` endpoint for host health data.
|
||||
- Added `--host-identifier` option to fleetd for enrolling with a random identifier.
|
||||
- Added capability to look up hosts based on IdP email.
|
||||
- Updated manage hosts UI to filter hosts by `software_version_id` and `software_title_id`.
|
||||
- Added ability to filter hosts by `software_version_id` and `software_title_id` in various endpoints.
|
||||
- **NOTE:**: Database migrations may take up to five minutes to complete based on number of software items.
|
||||
- Live queries now collect and display updated stats.
|
||||
- Live query stats are cleared when query SQL is modified.
|
||||
- Added UI features to incorporate new live query stats.
|
||||
- Improved host query reports and host detail query tab UI.
|
||||
- Added firehose delivery addon update for improved data handling.
|
||||
|
||||
* **Vulnerability management**:
|
||||
- Added `GET software/versions` and `GET software/versions/{id}` endpoints for software version management.
|
||||
- Deprecated `GET software` and `GET software/{id}` endpoints.
|
||||
- Added new software pages in Fleet UI, including software titles and versions.
|
||||
- Resolved scan error during OVAL vulnerability processing.
|
||||
|
||||
* **Device management (MDM)**:
|
||||
- Removed the `FLEET_DEV_MDM_ENABLED` feature flag for Windows MDM.
|
||||
- Enabled `fleetctl` to configure Windows MDM profiles for teams and "no team".
|
||||
- Added database tables to support the Windows profiles feature.
|
||||
- Added support to configure Windows OS updates requirements.
|
||||
- Introduced new MDM profile endpoints: `POST /mdm/profiles`, `DELETE /mdm/profiles/{id}`, `GET /mdm/profiles/{id}`, `GET /mdm/profiles`, `GET /mdm/profiles/summary`.
|
||||
- Added validation to disallow custom MDM profiles with certain names.
|
||||
- Added deployment of Windows OS updates settings to targeted hosts.
|
||||
- Changed the Apple profiles ID to a prefixed UUID format.
|
||||
- Enabled targeting hosts by serial number in `fleetctl run-script` and `fleetctl mdm run-command`.
|
||||
- Added UI for uploading, deleting, downloading, and viewing Windows custom MDM profiles.
|
||||
|
||||
### Bug fixes and improvements
|
||||
|
||||
- Updated Go version to 1.21.5.
|
||||
- Query reports now only show results for hosts with user permissions.
|
||||
- Global observers can now see all queries regardless of the observerCanRun value.
|
||||
- Added whitespace rendering in policy descriptions and resolutions.
|
||||
- Added truncation to dropdown options in query tables documentation.
|
||||
- `POST /api/v1/fleet/scripts/run/sync` timeout now returns error code 408 instead of 504.
|
||||
- Fixed possible deadlocks in `software` data ingestion and `host_batteries` upsert.
|
||||
- Fixed button text wrapping in UI for Settings > Integrations > MDM.
|
||||
- Fixed a bug where opening a modal on the Users page reset the table to the first page.
|
||||
- Fixed a bug preventing label selection while the label search field was active.
|
||||
- Fixed issues with UI loading indicators and placeholder texts.
|
||||
- Fixed a fleetctl issue where running a query by name created a new query instead of using the existing one.
|
||||
- Fixed `installed_from_dep` in `mdm_enrolled` activity for DEP device re-enrollment.
|
||||
- Fixed a bug in line breaks affecting UI functionality.
|
||||
- Fixed Syncml cmd data support for raw data.
|
||||
- Added "copied!" message to the copy button on inputs.
|
||||
- Fixed an edge case where caching could lead to lost organization settings in multiple instance scenarios.
|
||||
- Fixed `GET /hosts/{id}/health` endpoint reporting.
|
||||
- Fixed validation bugs allowing `overrides.platform` field to be set to `null`.
|
||||
- Fixed an issue with policy counts showing 0 post-upgrade.
|
||||
|
||||
## Fleet 4.41.1 (Dec 7, 2023)
|
||||
|
||||
### Bug fix
|
||||
|
|
|
|||
|
|
@ -1 +0,0 @@
|
|||
* Fix `installed_from_dep` in `mdm_enrolled` activity when a DEP device unenrolls and re-enrolls.
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
- Adds a `populate_software` flag to the `GET /hosts` endpoint, which will include software for each
|
||||
host returned from that endpoint.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Added capability to look up hosts based on IdP email.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Fixed a bug where the placeholder text for policy and query descriptions was cut off.
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
- Implement host query reports: view query results on a per host basis
|
||||
- Host Detail Query tab now displays all running queries and queries with result data
|
||||
- Fleet now includes Kung Fu Fighting because it's fast as lightning
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Render whitespace in policy descriptions and resolutions
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Fixed button text wrapping in UI for Settings > Integrations > MDM.
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
- Enabled targeting hosts by serial number in the `fleetctl run-script` and `fleetctl mdm run-command commands`.
|
||||
- Expanded `GET /hosts/identifier` endpoint to include host serial number as a potential identifier.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Fixes a validation bug that allowed the agent options `overrides.platform` field to be set to `null`.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Fix possible deadlocks when upserting to `host_batteries` (found during load test).
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Fix possible deadlocks when deleting `software` during data ingestion (found during load test).
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
- Fixes a bug where opening a modal on the Users page would cause the table to reset to the first
|
||||
page of users.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Add `--host-identifier` option to fleetd to allow enrolling with a random identifier instead of the default behavior that uses the hardware UUID. This allows supporting running fleetd on VMs that have the same UUID and/or serial number.
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
- Adds a `GET /hosts/{id}/health` endpoint which reports back some key data about host health such
|
||||
as vulnerable software and failing policies.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Fix a bug where line breaks intended for clean UI broke functionality
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Fixed loading indicator not appearing on host details' scripts tab.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Fixes bug where Global Observers were not able to list all queries through the API.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Added validation to disallow custom MDM profiles that contain certain names reserved by Fleet.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- query reports now only show results for hosts the user has permission to
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Updated manage hosts UI to filter hosts by `software_version_id` and `software_title_id`.
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
- Added `GET software/versions` endpoint to list and filter software versions.
|
||||
- Added `GET software/versions/{id}` endpoint to get a specific software version.
|
||||
- Deprecated `GET software` endpoint.
|
||||
- Deprecated `GET software/{id}` endpoint.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- resolved scan error during oval vulnerability processing
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Improved the query used to get MDM details for Windows hosts to account for multiple registry entries.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- POST /api/v1/fleet/scripts/run/sync timeout (longer than 60 seconds) will now return error code: 408 instead of 504
|
||||
|
|
@ -1 +0,0 @@
|
|||
Changed query performance statistics to uint64 to match osquery reports.
|
||||
|
|
@ -1 +0,0 @@
|
|||
Added fleet/device/{token}/ping endpoint to be used by agents to check their token.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- team and global observers can now see all respective queries regardless of the observerCanRun value
|
||||
|
|
@ -1 +0,0 @@
|
|||
Fixed fleetctl issue where it was creating a new query when running a query by name, as opposed to using the existing saved query.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- Fixed a bug preventing the user from selecting a label while the label search field was selected.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- fixes issue where policy counts showed 0 for up to an hour after fleet upgrade v4.41
|
||||
|
|
@ -1 +0,0 @@
|
|||
Live query stats are cleared when query SQL is modified.
|
||||
|
|
@ -1 +0,0 @@
|
|||
For /software endpoint, added extension_id and browser fields. These fields are populated for Chromium/Firefox browser extensions.
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
Live Queries now collect stats. Stats are collected for saved queries present in the Queries tab.
|
||||
- After running a live query, user will see updated stats in Queries tab.
|
||||
- Query stats on Host Details page will no longer be cleared after host/agent reboots.
|
||||
- Query stats are now deleted when query is deleted.
|
||||
- Activity is now added after the query runs, and includes performance stats for saved queries.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Add UI features to incorporate new live query stats
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Updated Go to v1.21.5
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
- Introduced `POST /mdm/profiles` for uploading Windows or macOS custom profiles.
|
||||
- New endpoints for managing MDM profiles: `DELETE /mdm/profiles/{id}`, `GET /mdm/profiles/{id}`, `GET /mdm/profiles` (paginated list), `GET /mdm/profiles/summary`.
|
||||
- Updated `GET /api/v1/hosts/:id` to include Windows MDM profiles.
|
||||
- Fleetctl now supports configuration of Windows MDM profiles.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- add ability to change and view windows os updates in Fleet UI
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Added support to configure Windows OS updates requirements for hosts enrolled in Fleet MDM.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Added deployment of Windows OS updates settings to the targeted hosts so that they take effect.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- add window os updates activites to Fleet UI.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- add "copied!" message to copy button on inputs
|
||||
|
|
@ -1 +0,0 @@
|
|||
- add UI to upload, delete, download, and view windows custom MDM profiles.
|
||||
|
|
@ -1 +0,0 @@
|
|||
- add truncation to the dropdown options on the query tables documentation
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Fixed an edge-case where the caching of data could lead to some organization settings changes being lost when running with multiple Fleet instances.
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
* Removed the `FLEET_DEV_MDM_ENABLED` feature flag that allowed enabling Windows MDM. The feature flag is not used anymore, and Windows MDM can be enabled without it.
|
||||
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Improved safety and efficiency of implementation of cacheable data.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Syncml cmd data now supports raw data
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
- add new software pages to fleet UI. Includes software titles, software versions, software title
|
||||
details and software version details.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Changed the Apple profiles ID to be a prefixed UUID as is the case for Windows profiles. The Apple profiles are now a UUID prefixed with "a" and the Windows ones are prefixed with "w".
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Added ability to filter hosts by `software_version_id` and `software_title_id` for the "list hosts", "count hosts" and "get hosts report in CSV" endpoints.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Updated `fleetctl get software` to list software titles, and add optional `--versions` flag to list software versions.
|
||||
|
|
@ -1 +0,0 @@
|
|||
* Update firehose delivery addon to use latest module version, this includes breaking changes to previous configurations as the default prefixes have been changed to natively support time-partitioned Athena table creation
|
||||
|
|
@ -1 +0,0 @@
|
|||
* **NOTE**: database migrations for this release may take a few minutes to complete depending mostly on how many entries exist in the `software` table.
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
- Global observers and global observers+ are now shown all global queries on the Queries page, now
|
||||
including those that are not marked "Observers can run"
|
||||
|
|
@ -8,7 +8,7 @@ version: v6.0.1
|
|||
home: https://github.com/fleetdm/fleet
|
||||
sources:
|
||||
- https://github.com/fleetdm/fleet.git
|
||||
appVersion: v4.41.1
|
||||
appVersion: v4.42.0
|
||||
dependencies:
|
||||
- name: mysql
|
||||
condition: mysql.enabled
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
# All settings related to how Fleet is deployed in Kubernetes
|
||||
hostName: fleet.localhost
|
||||
replicas: 3 # The number of Fleet instances to deploy
|
||||
imageTag: v4.41.1 # Version of Fleet to deploy
|
||||
imageTag: v4.42.0 # Version of Fleet to deploy
|
||||
podAnnotations: {} # Additional annotations to add to the Fleet pod
|
||||
serviceAccountAnnotations: {} # Additional annotations to add to the Fleet service account
|
||||
resources:
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ variable "database_name" {
|
|||
|
||||
variable "fleet_image" {
|
||||
description = "the name of the container image to run"
|
||||
default = "fleetdm/fleet:v4.41.1"
|
||||
default = "fleetdm/fleet:v4.42.0"
|
||||
}
|
||||
|
||||
variable "software_inventory" {
|
||||
|
|
|
|||
|
|
@ -68,5 +68,5 @@ variable "redis_mem" {
|
|||
}
|
||||
|
||||
variable "image" {
|
||||
default = "fleet:v4.41.1"
|
||||
default = "fleet:v4.42.0"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -206,7 +206,7 @@ resource "random_uuid" "jitprovisioner" {
|
|||
|
||||
# Use the local to make the trigger work.
|
||||
locals {
|
||||
fleet_tag = "v4.41.1"
|
||||
fleet_tag = "v4.42.0"
|
||||
}
|
||||
|
||||
resource "null_resource" "standard-query-library" {
|
||||
|
|
|
|||
|
|
@ -165,7 +165,7 @@ resource "helm_release" "main" {
|
|||
|
||||
set {
|
||||
name = "imageTag"
|
||||
value = "v4.41.1"
|
||||
value = "v4.42.0"
|
||||
}
|
||||
|
||||
set {
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ variable "fleet_config" {
|
|||
type = object({
|
||||
mem = optional(number, 4096)
|
||||
cpu = optional(number, 512)
|
||||
image = optional(string, "fleetdm/fleet:v4.41.1")
|
||||
image = optional(string, "fleetdm/fleet:v4.42.0")
|
||||
family = optional(string, "fleet")
|
||||
sidecars = optional(list(any), [])
|
||||
depends_on = optional(list(any), [])
|
||||
|
|
|
|||
|
|
@ -74,7 +74,7 @@ variable "fleet_config" {
|
|||
type = object({
|
||||
mem = optional(number, 4096)
|
||||
cpu = optional(number, 512)
|
||||
image = optional(string, "fleetdm/fleet:v4.41.1")
|
||||
image = optional(string, "fleetdm/fleet:v4.42.0")
|
||||
family = optional(string, "fleet")
|
||||
sidecars = optional(list(any), [])
|
||||
depends_on = optional(list(any), [])
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ provider "aws" {
|
|||
}
|
||||
|
||||
locals {
|
||||
fleet_image = "fleetdm/fleet:v4.41.1"
|
||||
fleet_image = "fleetdm/fleet:v4.42.0"
|
||||
domain_name = "example.com"
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -165,7 +165,7 @@ variable "fleet_config" {
|
|||
type = object({
|
||||
mem = optional(number, 4096)
|
||||
cpu = optional(number, 512)
|
||||
image = optional(string, "fleetdm/fleet:v4.41.1")
|
||||
image = optional(string, "fleetdm/fleet:v4.42.0")
|
||||
family = optional(string, "fleet")
|
||||
sidecars = optional(list(any), [])
|
||||
depends_on = optional(list(any), [])
|
||||
|
|
|
|||
|
|
@ -215,7 +215,7 @@ variable "fleet_config" {
|
|||
type = object({
|
||||
mem = optional(number, 4096)
|
||||
cpu = optional(number, 512)
|
||||
image = optional(string, "fleetdm/fleet:v4.41.1")
|
||||
image = optional(string, "fleetdm/fleet:v4.42.0")
|
||||
family = optional(string, "fleet")
|
||||
sidecars = optional(list(any), [])
|
||||
depends_on = optional(list(any), [])
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "fleetctl",
|
||||
"version": "v4.41.1",
|
||||
"version": "v4.42.0",
|
||||
"description": "Installer for the fleetctl CLI tool",
|
||||
"bin": {
|
||||
"fleetctl": "./run.js"
|
||||
|
|
|
|||
Loading…
Reference in a new issue