<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#44330, Resolves#44331
# Checklist for submitter
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
## Testing
- [x] Added/updated automated tests. (I'd defer integration tests to a
separate PR since this one is pretty large already.)
- [x] QA'd all new/changed functionality manually. I've tested this on
both the setup flow and the organization settings page. I haven't had
the time to test this on other places where we render the logo (macOS
setup experience / MDM migration dialog).
https://github.com/user-attachments/assets/95d4eae5-3da6-40f4-98a1-8575b97d96b3
## New Fleet configuration settings
- [x] Setting(s) is/are explicitly excluded from GitOps.
Will handle GitOps in a separate PR.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Organizations can upload custom logos for light and dark modes.
* Registration and Org Settings support logo file upload, preview,
per-mode replace/delete, and validation (size & image formats).
* Activity feed records logo changes/deletions; site nav displays
uploaded logos per theme.
* File uploader/preview adds a Fleet logo graphic option and improved
logo validation.
* Config/GitOps outputs now include separate dark/light logo fields.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Backend PR: #44511
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#41422
<img width="618" height="244" alt="image"
src="https://github.com/user-attachments/assets/c223e37d-7051-46a6-a2ea-6bd1bdcbb53e"
/>
<img width="777" height="780" alt="image"
src="https://github.com/user-attachments/assets/3b9ef4e9-2181-406b-a22e-e6773eba67af"
/>
<img width="649" height="236" alt="image"
src="https://github.com/user-attachments/assets/3985faf0-a1e4-404a-b190-cb623f52339a"
/>
<img width="1083" height="768" alt="image"
src="https://github.com/user-attachments/assets/2d4df607-4b34-435c-88db-6dc0fa09db2e"
/>
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information. Part of backend PR
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements), JS
inline code is prevented especially for url redirects, and untrusted
data interpolated into shell scripts/commands is validated against shell
metacharacters.
- [x] Timeouts are implemented and retries are limited to avoid infinite
loops
- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
## Testing
- [x] QA'd all new/changed functionality manually
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added "Enrollment profile renewal failed" activity type and label.
* Failure entries now appear in activity feeds and host details with a
dedicated activity item and a details flow.
* Users can open a failure details modal showing a status icon, host
name (with fallback), relative failure time, guidance about certificate
expiration, and a link to Fleet support.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Resolves#36976
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
## Testing
- [X] Added/updated automated tests
- [X] QA'd all new/changed functionality manually
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Label operations (create, edit, delete) now generate activities shown
in the activity feed with label and optional fleet context.
* Host label add/remove operations emit corresponding label edited
activities; duplicate label names are deduplicated.
* Label activity types are selectable/filterable in the activity
dashboard.
* **Tests**
* Added unit, integration, and UI tests covering label activity
emission, rendering, filtering, and GitOps label lifecycle scenarios.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** For #40171
# Details
Adds audit activity when enabling or disabling GitOps exceptions.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
n/a, unreleased
## Testing
- [X] Added/updated automated tests
- [X] QA'd all new/changed functionality manually
<img width="714" height="699" alt="image"
src="https://github.com/user-attachments/assets/161bd084-347b-4cde-893e-9b385f13872c"
/>
For unreleased bug fixes in a release candidate, one of:
- [X] Confirmed that the fix is not expected to adversely impact load
test results
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Activity feed now records when GitOps exceptions (labels, software,
secrets) are enabled or disabled.
* **UI**
* Activity messages show which specific exception was enabled or
disabled.
* **Tests**
* Added unit and integration tests verifying generation and rendering of
enable/disable exception activities, including single and multiple flips
and no-op updates.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: sgress454 <553428+sgress454@users.noreply.github.com>
Co-authored-by: Luke Heath <luke@fleetdm.com>
**Related issue:** Resolves#42290
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements), JS
inline code is prevented especially for url redirects, and untrusted
data interpolated into shell scripts/commands is validated against shell
metacharacters.
- [x] Timeouts are implemented and retries are limited to avoid infinite
loops
## Testing
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Failed Windows MDM wipe attempts now create a tracked "Failed wipe"
activity showing the affected host and display name for visibility; UI
filter and activity feed now surface this type.
* **Bug Fixes**
* Improved detection and reporting of wipe result statuses so real
failures are reliably surfaced.
* Duplicate failure responses are suppressed to avoid repeated alerts.
* **Tests**
* Added tests validating wipe-failure activity creation and related
control flows.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
Fixes#34288.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
## Testing
- [x] Added/updated automated tests
- [ ] QA'd all new/changed functionality manually
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Setup experience cancellations now create explicit cancellation
activities for skipped/failed software and VPP app installs, plus a new
"Canceled setup experience" activity type and a from_setup_experience
flag. Activity text and host activity views now indicate "during setup
experience" when applicable.
* **Tests**
* Added and updated tests for cancellation activity creation, VPP
license-failure handling, and WasFromAutomation/from_setup_experience
behaviors.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#38647
<img width="398" height="230" alt="image"
src="https://github.com/user-attachments/assets/7e68e0d7-54b0-4039-a0be-8b0ad4bb1fbf"
/>
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements), JS
inline code is prevented especially for url redirects, and untrusted
data interpolated into shell scripts/commands is validated against shell
metacharacters.
- [x] Timeouts are implemented and retries are limited to avoid infinite
loops
- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
## Testing
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#42369
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information. **Done in backend task for whole story**
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements), JS
inline code is prevented especially for url redirects, and untrusted
data interpolated into shell scripts/commands is validated against shell
metacharacters.
- [x] Timeouts are implemented and retries are limited to avoid infinite
loops
- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
## Testing
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added "Clear passcode" action for iOS and iPad hosts in the host
actions menu, accessible only to Premium tier users with appropriate
permissions.
* Added confirmation modal for clearing device passcodes.
* Passcode clearing activity now appears in the activity feed with actor
information.
* Action is conditionally disabled during specific device states (Lost
Mode, pending wipe) with contextual tooltips.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#37546
Noah approved design here:
https://fleetdm.slack.com/archives/C09HG9VMRSS/p1774895365069069?thread_ts=1774647818.613419&cid=C09HG9VMRSS
Docs: https://github.com/fleetdm/fleet/pull/42609
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
## Testing
- [x] QA'd all new/changed functionality manually
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Certificate installation activity logging for Android hosts (success &
failure)
* "Installed certificate" activity type displayed in host activity feed
with status
* Host activity card enabled on Android host details page to show
installs
* Detailed install modal with error detail reveal when failures occur
* Upcoming activities tab disabled for Android hosts where unsupported
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#41541, #42293
- [x] Changes file added for user-visible changes in `changes/`
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#39781
- [x] Changes file added for user-visible changes in `changes/`
- [x] Added/updated automated tests
- [ ] QA'd all new/changed functionality manually - TODO with wip
backend work
- [x] Verified that any relevant UI is disabled when GitOps mode is
enabled
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#39723
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`
- [x] Added/updated automated tests
- [ ] QA'd all new/changed functionality manually
- [x] With spoofed data
- [ ] Integrated with backend (wip)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Recovery Lock Passwords: new OS Settings card to enable/disable
enforcement and save changes.
* Host Actions: view a host's Recovery Lock password via a modal from
the host actions menu.
* Activity tracking: new activity entries for viewing, setting,
enabling, and disabling Recovery Lock passwords.
* Navigation: added a dedicated route for Passwords under OS Settings.
* **Documentation**
* Updated guidance for updating local config after an update to ensure
latest values.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
**Related issue:** Resolves#39266
# Checklist for submitter
created UI global activities for adding and removing Microsoft Entra
tenant
- [x] QA'd all new/changed functionality manually
**Related issue:** Resolves#36701
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
## Testing
- [x] Added/updated automated tests
- [x] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)
- [x] QA'd all new/changed functionality manually
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added activity tracking for Android certificate template edits and
deletions via GitOps.
* **Chores**
* Updated certificate template batch operations to track which teams
were affected by changes.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
**Related issue:** Resolves#36867
This updates the UI to show the mdm commands for the past and upcoming
tabs in the activity card on the host details page.
# Checklist for submitter
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [ ] Added/updated automated tests
- [ ] QA'd all new/changed functionality manually
**Related issue:** Resolves#36689
<img width="1840" height="1196" alt="Screenshot 2025-12-15 at 5 08
02 PM"
src="https://github.com/user-attachments/assets/4f491c80-403f-4188-8cab-552e997c6e9c"
/>
<img width="1840" height="1196" alt="Screenshot 2025-12-15 at 5 09
18 PM"
src="https://github.com/user-attachments/assets/b6e4d9ad-40c1-45c3-8b77-e14d17a2bc7e"
/>
<img width="1840" height="1196" alt="Screenshot 2025-12-15 at 5 09
22 PM"
src="https://github.com/user-attachments/assets/661beee2-3ee2-4269-ab0b-ca070c1a40b8"
/>
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **New Features**
* Added comprehensive Android certificate management in OS Settings with
create, list, and delete operations
* Integrated certificate management with premium tier gating and MDM
enablement checks
* Supports team-scoped certificates with pagination controls
* Includes validation for certificate names and certificate authority
selection
* **Refactor**
* Generalized heading component to support multiple entity types beyond
configuration profiles
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#36088
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
## Testing
- [X] Added/updated automated tests
- [X] QA'd all new/changed functionality manually
Saving this value currently results in a 400 response from the server
since it's not a valid key yet. We can keep this in draft until the
backend is merged if we want to e2e test with it.
### Controls -> OS Settings "Target" section
#### All platforms
- [X] Update success banner message to "Successfully updated."
<img width="200" alt="image"
src="https://github.com/user-attachments/assets/bc43ec79-41d1-4dd3-947c-8152051fd209"
/>
#### macOS / iOS / iPadOS
- [X] Update tooltip text for "Minimum version" to `Enrolled hosts are
updated to exactly this version.`
<img width="250" alt="Image"
src="https://github.com/user-attachments/assets/7d870224-395e-4bc9-937e-be599da57a97"
/>
- [X] Make "available from Apple" a link, replacing "Learn more", and
link to https://fleetdm.com/learn-more-about/apple-available-os-updates
<img width="250" height="363" alt="image"
src="https://github.com/user-attachments/assets/8191ec2d-bf0a-4cf6-9b1a-1272c0ff69b0"
/>
> Note - this URL is current a 404
- [X] Remove text referring to platform from "End user experience"
heading, i.e. it should just say "End user experience" for all platforms
where it appears, not e.g. "End user experience on macOS"
#### macOS Only
- [X] Add new "Update new hosts to latest" checkbox
<img width="316" height="406" alt="Image"
src="https://github.com/user-attachments/assets/71aec05a-b809-436d-8bfd-cd3e14b27ea1"
/>
- [X] Reflects the `macos_updates.update_new_hosts` setting for the team
or (for no team) global config (only testable via automated tests right
now)
- [X] Update End user experience text to "When a minimum version is
enforced, end users see a native macOS notification (DDM) once per day."
(see above)
### Global activity feed
- [X] When "Update new hosts to latest" is enabled, activity should say
`[Actor's name] enabled OS updates for all new macOS hosts on the [team
name] team. macOS hosts will upgrade to the lastest version when they
enroll.`
- [X] When "Update new hosts to latest" is disabled, activity should say
`[Actor's name] disabled updates for all new macOS hosts on the [team
name] team.`
(tested via automated tests)
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#34533
This is the first sub-task out of several. Changes file will be added in
a subsequent PR.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
## Testing
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
## New Fleet configuration settings
- [x] Setting(s) is/are explicitly **excluded** from GitOps
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added Okta Conditional Access support (IDP, ACS URL, audience,
certificate) and exposed conditional access in AppConfig/API
* App activity logging for adding/removing Okta conditional access
* **Bug Fixes**
* Fixed typo in conditional access validation messaging
* **Tests**
* Added tests for Okta Conditional Access lifecycle, license gating, and
GitOps export exclusion
* **Documentation**
* Added audit-log entries for Okta conditional access add/delete
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
**Related issue:** Resolves#33417
This adds the UI to support locking and unlocking ios and ipad devices.
This allows the users with the correct permission to lock and unlock
these devices from the host details page host actions dropdown. It also
adds these activities to the upcoming activities feed.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
resolves#31821, resolves#32120
this updates the UI to support unenrolling android and ios and ipad
devices. This includes:
**updating the host details page to include and unenroll action in the
host actions dropdown**
**Updating the unenroll modal to have dynamic content depending on the
device we are unenrolling**
**updating the global activities to have different messages for mdm
enroll and mdm unenroll actions**
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
For #29426
For #30941
We didn't have an activities subtask for Hydrant so some changes related
to them were unfortunately missed and discovered during engineering
test. This addresses that and also fixes one other API issue noticed
where the GET endpoint was not returning the proper timestamps. No
changes file added because the Hydrant story changes file already covers
this feature
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
## Testing
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
## PR 1/2 for #32037
- Implements update for the Linux setup experience from the IT admin's
point of view. Updates for the end-user ("My device" page) to follow
- Works in concert with the new endpoints implemented in
https://github.com/fleetdm/fleet/pull/32493
- Splits Controls > Setup experience > Install software into 3 tabbed
sections, one for each of macOS, Windows (placeholder state for now, to
be implemented in following iteration), and Linux.
- Dynamically calls new GET and PUT endpoints and routes data
accordingly depending on which platform software for install is being
updated for.
- Update the software selection modal to display software package
versions, including the package type (deb, rpm, or tar) for Linux
software packges.
- New activity feed item
- Update relevant tests
_Note that the lower-right-hand image in this GIF is outdated and will
be updated with new content once this entire feature is integrated_
~- [ ] Changes file added for user-visible changes in `changes/`~ will
include in PR 2/2
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
- [x] Verified that any relevant UI is disabled when GitOps mode is
enabled
---------
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
for #31532
# Details
This PR adds templates for displaying the "Scheduled batch script" and
"Canceled batch script" global activity feed items. It also updates the
"Cancel batch script?" modal to show a spinner on the cancel button when
applicable.
# Checklist for submitter
## Testing
- [X] QA'd all new/changed functionality manually
<img width="820" height="210" alt="image"
src="https://github.com/user-attachments/assets/45c8b15c-b100-4356-aa65-24441ecc16a0"
/>
For #27042.
Ready for review, just missing integration tests that I will be writing
today.
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [X] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [X] If database migrations are included, checked table schema to
confirm autoupdate
- For new Fleet configuration settings
- [X] Verified that the setting can be managed via GitOps, or confirmed
that the setting is explicitly being excluded from GitOps. If managing
via Gitops:
- [X] Verified that the setting is exported via `fleetctl
generate-gitops`
- [X] Added the setting to [the GitOps
documentation](https://github.com/fleetdm/fleet/blob/main/docs/Configuration/yaml-files.md#L485)
- [X] Verified that the setting is cleared on the server if it is not
supplied in a YAML file (or that it is documented as being optional)
- [x] Verified that any relevant UI is disabled when GitOps mode is
enabled
- For database migrations:
- [X] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [X] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [X] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Added/updated automated tests
- [X] Manual QA for all new/changed functionality
---------
Co-authored-by: jacobshandling <61553566+jacobshandling@users.noreply.github.com>
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
