Related to: https://github.com/fleetdm/confidential/issues/15379
Changes:
- Added two exits to the VPP metadata proxy that are used when the Apple
API returns errors. `appleApiReturnedServerError` Is returned when the
Apple API returns a 500 error, and `appleApiReturnedForbiddenResponse`
is used when the Apple API returns a 403 response.
- Updated the error handler in the VPP metadata proxy to return the body
of the logged error.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved Apple App Store API error handling: forbidden (403) and
server (500) responses are now distinguished and mapped to specific
error outcomes.
* Other API errors now return the API response body (not the internal
error object), and error logging text was clarified for better
diagnostics.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
For https://github.com/fleetdm/fleet/issues/37261
Changes:
- Added a new database model: `FleetInstanceUsingVpp`
- Added `/api/vpp/v1/register`: An API endpoint that validates provided
Fleet license keys, creates a database record for the proxy
registration, and returns a generated secret used to authenticate
requests to the other VPP proxy endpoint
- Added `/api/vpp/v1/metadata/:storeRegion`: An API endpoint that
forwards requests to the
`https://api.ent.apple.com/v1/catalog/${storeRegion}/stoken-authenticated-apps`
Apple API with a token generated using Fleet's Apple developer
credentials.
---------
Co-authored-by: Ian Littman <iansltx@gmail.com>
