# Checklist for submitter
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [x] Manual QA for all new/changed functionality
Sub-task for #17230
# Configuration changes
App configuration:
```yaml
integrations:
google_calendar:
- email: name@service-account.com
private_key: ***
domain: fleetdm.com
```
Team configuration:
```yaml
integrations:
google_calendar:
email: name@service-account.com
enable_calendar_events: true
policies:
- name: My policy
id: 12
webhook_url: https://example.com/policy-remediation
```
Note: Policy is looked up by name when configuration is set. The policy
id is set/updated by the server for internal use.
# Checklist for submitter
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
Fixing unreleased spec bug in team host status webhook feature #17094.
Bug #17498
# Checklist for submitter
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
- Not needed. Part of new feature.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
Enabling setting host status webhook at the team level via REST API and
fleetctl apply/gitops.
#14916
Example payload:
```json
{
"data": {
"days_unseen": 3,
"host_ids": [
10724,
10726,
10738,
10739,
10740,
10741,
10742,
10744,
10745,
10746,
10747,
10748,
10749
],
"team_id": 3,
"total_hosts": 15,
"unseen_hosts": 13
},
"text": "More than 86.67% of your hosts have not checked into Fleet for more than 3 days. You've been sent this message because the Host status webhook is enabled in your Fleet instance."
}
```
# Checklist for submitter
- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
relates to #10494
implement the fleetctl wipe commands
- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
#16906
**IN DRAFT, WAITING ON https://github.com/fleetdm/fleet/pull/16897**
- [X] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [X] Added/updated tests
- [X] Manual QA for all new/changed functionality
---------
Co-authored-by: Victor Lyuboslavsky <victor@fleetdm.com>
Co-authored-by: Victor Lyuboslavsky <victor.lyuboslavsky@gmail.com>
for #15082
- POST /mdm/apple/setup/eula was replaced by POST /mdm/setup/eula
- GET /mdm/apple/setup/eula/metadata was replaced by GET
/mdm/setup/eula/metadata
- DELETE /mdm/apple/setup/eula/:token was replaced by DELETE
/mdm/setup/eula/:token
- POST /mdm/apple/bootstrap was replaced by POST /mdm/bootstrap
- GET /mdm/apple/bootstrap/:team_id/metadata was replaced by GET
/mdm/bootstrap/:team_id/metadata
- DELETE /mdm/apple/bootstrap/:team_id was replaced by DELETE
/mdm/bootstrap/:team_id
- GET /mdm/apple/bootstrap/summary was replaced by GET
/mdm/bootstrap/summary
This is the feature branch for the [queued
scripts](https://github.com/fleetdm/fleet/issues/15529) story.
---------
Co-authored-by: Jahziel Villasana-Espinoza <jahziel@fleetdm.com>
Co-authored-by: Gabriel Hernandez <ghernandez345@gmail.com>
Co-authored-by: Sarah Gillespie <73313222+gillespi314@users.noreply.github.com>
Co-authored-by: Roberto Dip <dip.jesusr@gmail.com>
> Related issue: #16252
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
for #14715
---------
Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
Co-authored-by: Sarah Gillespie <73313222+gillespi314@users.noreply.github.com>
Co-authored-by: Jahziel Villasana-Espinoza <jahziel@fleetdm.com>
for #16139 this fixes a copy/paste error that caused the MDM SSO flow to
validate audiences using the global config EntityID
since we also consider an audience valid if you set EntityID to be:
- the same in both (case for local dev)
- your Fleet URL or the full path to the SSO API endpoint (QA)
we didn't notice this until now.
Teams can configure their own host expiry setting. If global host expiry
is enabled, teams cannot disable host expiry, but they can set a longer
(or shorter) expiry time (in days).
- Added `host_expiry_settings` to team spec, which can be used via
fleetctl apply.
- Added `host_expiry_settings` to PATH /fleet/teams/:id endpoint.
#15609 (parent)
#15966 (subtask)
TODO: Create PR for API docs change: added parameter to `PATCH
/fleet/teams/:id` endpoint
# Checklist for submitter
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
> 📜 Relevant PR: #14500
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
for https://github.com/fleetdm/fleet/issues/15196. The main problem was
that we have two timeouts:
1. The timeout used by the host to kill the script execution
2. The timeout used by the server to wait for the script results
Before the changes in https://github.com/fleetdm/fleet/pull/15779, the
server timeout was longer than the host timeout, but we inadvertently
set both values to 5 minutes, which breaks the logic we have to handle
both kinds of timeouts.
#15196 This is the work of @ghernandez345 except for adding the
`ResponseController` thing in Go to override the server timeout for that
specific sync endpoint so that the calls don't timeout waiting for a
script response (the default HTTP server timeout was 90s for our
server).
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [x] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [x] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
---------
Co-authored-by: Gabriel Hernandez <ghernandez345@gmail.com>
Co-authored-by: Roberto Dip <me@roperzh.com>
Co-authored-by: Roberto Dip <dip.jesusr@gmail.com>
for #14426.
In order to prevent import cycles and be able to use some type
definitions/constants I followed the same pattern we did for macOS by
creating a new package named `syncml`. This makes the changelog look
bigger than it actually is, so I split it into two commits to make it
easier to review:
-
[d7c233d](d7c233d54c)
moves the relevant bits to this new package
-
[7531a07](7531a0742b)
implements profile verification
