# Details
Realized we left the feature flag in for BitLocker, so this PR removes
it. We also discussed during the last demo that "Advanced" should always
be visible, even when the "Turn on disk encryption" is not checked.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
n/a
## Testing
- [ ] Added/updated automated tests
- [ ] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)
- [X] QA'd all new/changed functionality manually
For #27042.
Ready for review, just missing integration tests that I will be writing
today.
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [X] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [X] If database migrations are included, checked table schema to
confirm autoupdate
- For new Fleet configuration settings
- [X] Verified that the setting can be managed via GitOps, or confirmed
that the setting is explicitly being excluded from GitOps. If managing
via Gitops:
- [X] Verified that the setting is exported via `fleetctl
generate-gitops`
- [X] Added the setting to [the GitOps
documentation](https://github.com/fleetdm/fleet/blob/main/docs/Configuration/yaml-files.md#L485)
- [X] Verified that the setting is cleared on the server if it is not
supplied in a YAML file (or that it is documented as being optional)
- [x] Verified that any relevant UI is disabled when GitOps mode is
enabled
- For database migrations:
- [X] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [X] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [X] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Added/updated automated tests
- [X] Manual QA for all new/changed functionality
---------
Co-authored-by: jacobshandling <[email protected]>
Co-authored-by: Jacob Shandling <[email protected]>
For #26366
# Checklist for submitter
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
# Details
This PR fixes an issue where the SQL parser in the UI doesn't recognize
window functions like `OVER()` and marks the SQL as having syntax
errors. The fix here is to update to a more modern parsing library. This
involved updating some AST-parsing code we have for determining which
tables are used in a query, for the purposes of feeding autocomplete and
determining query compatibility.
# Testing
I tested this with the query mentioned in #26366 in Chrome, Firefox and
Safari on MacOS. I also added new unit tests for our SQL helper
functions.
# Notes
During testing I discovered that we were bundling two versions of the
ACE editor into our frontend package. By upgrading one version by a
couple of patches to make the two dependencies equal, we chop out ~300k
from our bundle.
## For #26229 – Part 1
- This PR contains the core abstractions, routes, API updates, and types
for GitOps mode in the UI. Since this work will touch essentially every
part of the Fleet UI, it is ripe for merge conflicts. To mitigate such
conflicts, I'll be merging this work in a number of iterative PRs. ~To
effectively gate any of this work from showing until it is all merged to
`main`, [this commit](feedbb2d4c) hides
the settings section that allows enabling/disabling this setting,
effectively feature flagging the entire thing. In the last of these
iterative PRs, that commit will be reverted to engage the entire
feature. For testing purposes, reviewers can `git revert
feedbb2d4c25ec2e304e1f18d409cee62f6752ed` locally~ The new settings
section for this feature is feature flagged until all PRs are merged -
to show the setting section while testing, run `ALLOW_GITOPS_MODE=true
NODE_ENV=development yarn run webpack --progress --watch` in place of
`make generate-dev`
- Changes file will be added and feature flag removed in the last PR
- [x] Settings page with routing, form, API integration (hidden until
last PR)
- [x] Activities
- [x] Navbar indicator
- Apply GOM conditional UI to:
- [x] Manage enroll secret modal: .5
- Controls >
- [x] Scripts:
- Setup experience >
- [x] Install software > Select software modal
- [x] OS Settings >
- [x] Custom settings
- [x] Disk encryption
- [x] OS Updates
2/18/25, added to this PR:
- [x] Controls > Setup experience > Run script
- [x] Software >
- [x] Manage automations modal
- [x] Add software >
- [x] App Store (VPP)
- [x] Custom package
- [x] Queries
- [x] Manage
- [x] Automations modal
- [x] New
- [x] Edit
- [x] Policies
- [x] Manage
- [x] New
- [x] Edit
- Manage automations
- [x] Calendar events
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Jacob Shandling <[email protected]>
Upgrades webpack and other JS dependencies. This was primarily motivated
by GitHub reporting a vulnerability in Webpack (which shouldn't actually
effect our use of Webpack) and wanting to clean up some tech debt.
Note that equivalent functionality for url-loader and file-loader is now
included in webpack itself.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Manual QA for all new/changed functionality
import-glob-loader has a very old loader-utils dependency that triggers
security alerting. Hoping that replacing this will allow the
loader-utils version to be updated.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Manual QA for all new/changed functionality
* add google analytics to sandbox instances
* Add serverType variable to frontend handler
* update version of html-webpack-plugin
Co-authored-by: Lucas Rodriguez <[email protected]>
- Use NODE_ENV=development for Webpack in CI.
- Add caching for Webpack modules in development.
- Remove time of day from dates in version string (helps with build caching).
- Use Go cache in CI.
This makes about a 20% savings on the total time for the CI run.
* chnage webpack to resolve typescript modules. convert TextCell to TS
* change headercell and statuscell to ts
* ignore casesensitve error, seems a bit buggy
* ignore camelcase error, we already use snakecase many places
* updated LinkCell and modules it depends on to typescript
* fix up some warnings from changes
* fix more types in textcell and hosttableconfig
* use alias imports
* add require button state interfcae
- Add the server_url_prefix flag for configuring this functionality
- Add prefix handling to the server routes
- Refactor JS to use appropriate paths from modules
- Use JS template to get URL prefix into JS environment
- Update webpack config to support prefixing
Thanks to securityonion.net for sponsoring the development of this feature.
Closes#1661
Almost two years ago, we began referring to the project as Fleet, but there are
many occurences of the term "Kolide" throughout the UI and documentation. This
PR attempts to clear up those uses where it is easily achievable.
The term "Kolide" is used throughout the code as well, but modifying this would
be more likely to introduce bugs.
- Replace uses of deprecated Bourbon helpers with raw CSS
- Add autoprefixer into the build chain to prefix the now removed helpers
This process was achieved by running through each of the deprecation warnings and using the following bash function to replace it in all files:
```
function bourbon-deprecate() {
grep -rl "@include $1" ./frontend --exclude-dir=.git | xargs sed -i '' -E "s/@include $1[(](.*)[)]/$1: \1/g"
}
```
For some helpers, this did not result in valid CSS, so manual modifications were made.
Closes#1189#1274
* API call to create queries
* Add queries to redux
* create query when query form is submitted
* Redirect to ShowQueryPage after creating query
* Removes theme dropdown and NewQuery component header
* Extract NewQueryPage component state to redux state
* Pass logic down to NewQuery component as props
* Changes NewQuery component name to QueryComposer
* Render NewQueryPage for /queries/:id route
* Update ReduxConfig for loading a single resource
* QueryPage tests
* Get query when the query page loads
* catch errors when query is invalid
* Renames UpdateQueryForm to QueryForm to re-usability
* Changes InputField to a controlled component
* Always render the Query Form on Query Pages
* QuerySidePanel component
* Adds all osquery table names to ace editor mode
* kolide theme for strings
* Detect OS from browser
* Show utility and specs availability as 'All Platforms'
* Show column description as alt text
* Add SCSS pipeline and fix login style issues
* Fix nav styles and make tests pass
* Fix nav header styles and animations
* Change font-size to 13px on nav
* Fix duplicate specificity of styles
* API client utility
* moves test helpers to the test directory
* Utility to namespace local storage keys
* LoginSuccessfulPage component
* Check icon
* adds auth to redux state
* successful form submission
* Allow tests to load dummy SVG static images & test fixes
* Add sensible React base to the app for frontend
This PR attempts to "reactify" Kolide and provide a sane development environment
that a front-end engineer would probably expect.
This PR accomplishes by doing the following:
1. Reorganizes the app into a `server/` and `client/` folders to keep golang
logic separated from react logic.
2. Adds an "asset pipeline" via webpack which knows how to build a js
and css bundle.
3. Packages up all static assets in a go-bindata file so that the binary
remains portable without external file dependencies.
1. Add a Makefile with several targets that will be common in everyday
development. For example, we have `serve` target which spins up a nodejs
reverse proxy on port 8081 which then watches for changed files, automatically
rebuilds the app, and hot loads the new JS/CSS in.
**Note:** Please use `make` to build the app, not `go build` as there are
now several things that need to be orchestrated beyond the go code to build the app.
* Create build if it doesn't exist, and use `go get`
* Improve README to reflect new dev workflow
* Document css vars and funcs and use alias paths
* makefile and structure modifications
