# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
- Add redirect for error message on Fleet server startup if private key
is missing: #19455
- Move the APNs and ABM environment variables to contributor docs. They
will no longer be used
Adds `webhook_settings.host_status_webhook` options to team config for
#14916.
Also updated conceptual docs that reference this config (and cut down
some content to make room).
- Remove example YAML file from docs to deduplicate
- Update "Prepare a new version of Fleet" handbook instructions to point
to the best practice YAML
- Add README to point to docs
- Move tools for deploying Fleet on Kubernetes to `Deploy/` folder.
- Add @dherder as CODEOWNER so that Dave gets pinged every time a
contributor wants to make a change to the Kubernetes
---------
Co-authored-by: Dave Herder <27025660+dherder@users.noreply.github.com>
Co-authored-by: Luke Heath <luke@fleetdm.com>
When attempting to follow the kubernetes install directions I
encountered a few issues.
1. The image version was no longer hosted on dockerhub. And new versions
now are tagged with a "v" prefix.
2. The webserver was not able to bind to port 443 on a managed version
of k8s.
3. The dns name(s) for the latest redis helm chart have changed. They
are now `{release}-master` for read-write and `{release}-replica` for
read only nodes.
4. The deployment API is out of date.
This PR fixes those issues.
Docs for the "Windows OS updates" (#11951) user story
- Update "macOS updates" doc page to cross-platform "OS updates" page
- Update pricing page
- Update copy in the UI to clarify behavior of Windows updates
---------
Co-authored-by: Eric <eashaw@sailsjs.com>
Co-authored-by: Rachael Shaw <r@rachael.wtf>
- Pull info about duration-based settings to the top to make it clear.
For this bug: #15926
- Add info about self-managed v. managed-cloud customers
- Cut content
> Relevant issue: #15625
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
> Relevant issue: #14500
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
#14888
@getvictor This is ready for review, but keeping as draft as there are
probably many tests that need amending.
I used the new version of the `./tools/nvd/nvdvuln/nvdvuln.go` to
compare the current vulnerabilities found in our dogfood environment
with the vulnerabilities found by the code in this PR and both results
match:
```
go run -race -tags fts5 ./tools/nvd/nvdvuln/nvdvuln.go --debug --db_dir ./local --software_from_url <dogfood URL> --software_from_api_token <API_TOKEN> --sync 2>&1 | tee out.txt
[...]
CVEs found and expected matched!
```
- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Added/updated tests
- [X] Manual QA for all new/changed functionality
---------
Co-authored-by: Victor Lyuboslavsky <victor@fleetdm.com>
Co-authored-by: Victor Lyuboslavsky <victor.lyuboslavsky@gmail.com>
for #14361 this adds the bits related to saving a slice of strings with
paths to configuration profiles.
---------
Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
Co-authored-by: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
Added a guide for which API endpoints to expose and fixed an associated
broken link. See https://github.com/fleetdm/fleet/issues/15115 for
context.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Manual QA for all new/changed functionality
I've updated the ATC example that uses TCC.db to be cross-compatible
with as many MacOS versions as possible. This is still useful as-is.
I've also added a chunk for folks to copy/paste directly into their team
settings in the UI for those not using GitOps.
Hopefully others find this helpful!
...
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
