Annotations file feedback row 15.1: Add links to various topics
mentioned
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
Annotations file feedback row 15.4: remove duplicated reference and add
clarity for Mysql and Redis sections
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
---------
Co-authored-by: Rachael Shaw <r@rachael.wtf>
I noticed this wasn't documented when i went hunting for what I figured
were defaults baked into `--dev`; thanks @jahzielv for pointing me in
the right direction!
Row 11: Internationalize Render deployment guide. Updated language to
reflect need to be aware of regional settings when outside the United
States.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
Co-authored-by: Eric <eashaw@sailsjs.com>
> Related issue: #9956
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [x] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
Co-authored-by: Gabriel Hernandez <ghernandez345@gmail.com>
Co-authored-by: Roberto Dip <rroperzh@gmail.com>
Co-authored-by: Sarah Gillespie <73313222+gillespi314@users.noreply.github.com>
Co-authored-by: Dante Catalfamo <43040593+dantecatalfamo@users.noreply.github.com>
Co-authored-by: Roberto Dip <dip.jesusr@gmail.com>
This PR closes https://github.com/fleetdm/fleet/issues/21108
@noahtalerman, I double-checked all redirects, and they are working.
Clicking through the URLs in [this
spreadsheet](https://docs.google.com/spreadsheets/d/1djVynIMuJK4pT5ziJW12CluVqcaoxxnCLaBO3VXfAt4/edit?usp=sharing)
is a pretty quick way to go through them all. Note that "Audit logs" and
"Understanding host vitals" redirect to the contributor docs on GitHub,
so they will throw a 404 until this is merged.
Some new guides benefitted from a name change, so they make more sense
as stand-alone guides, and also so that we don't have to mess around
with more redirects later. Those name changes followed [this
convention](https://fleetdm.com/handbook/company/communications#headings-and-titles),
which was recently documented in the handbook.
Have fun!
---------
Co-authored-by: Eric <eashaw@sailsjs.com>
Co-authored-by: Noah Talerman <noahtal@umich.edu>
- Guide update for the "Enforce disk encryption when macOS hosts
automatically enroll" (#16866) and "Rotate FileVault (disk encryption)
key w/o prompt" (#13157) stories.
Additional statistics as described in
https://github.com/fleetdm/fleet/pull/20091 :
`aiFeaturesDisabled`:
Whether server_settings.ai_features_disabled is set to true in the
config.
`maintenanceWindowsEnabled`:
Whether at least one team has
integrations.google_calendar.enable_calendar_events set to true
`maintenanceWindowsConfigured`:
Maintenance windows are considered "configured" if:
configuration has value set for integrations.google_calendar[0].domain
configuration has value set for
integrations.google_calendar[0].api_key_json
`numHostsFleetDesktopEnabled`:
The number of hosts with Fleet desktop installed.
Feedback Row 14: Brief introduction for new users regarding querying
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
---------
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
- Only one of either `labels_include_all` or `labels_exclude_any` can be
included in the request.
- Add missing labels `id` in `GET /configuration_profiles` and `GET
/configuration_profiles/:uuid`
Feedback Row 10: Make it clear that the command should be run to
generate install packages, not to enroll the device, Clarify that
Windows can only generate an MSI package.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
I have updated the list of tutorials and guides in the docs.
Although the brief stated the cut down the list to only the top 10,
@nonpunctual and I whittled the list down to curate the top 20 guides
that we believe are relevant to users who are deploying and setting up
Fleet. We listed them in order of operation as much as possible.
Closes https://github.com/fleetdm/confidential/issues/7343
#20464
Adding gitops support for a top level `software` key to be used to
manage installable software into "no team".
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [X] Added/updated tests
- [X] Manual QA for all new/changed functionality
---------
Co-authored-by: Victor Lyuboslavsky <victor.lyuboslavsky@gmail.com>
- Google Chrome and a gnome extension have to
be installed to use Fleet Desktop + Firefox on Fedora.
- You don't have to set Google Chrome as the default browser.
The list of installed software was missing packages put ['on
hold'](https://askubuntu.com/questions/18654/how-to-prevent-updating-of-a-specific-package)
The reason for this is that the old query looks for the status
install ok installed
but there are other valid status which are also installed, like `hold ok
installed`. The syntax is `<desired> <error> <status>` so we only need
to look at the last or two last parts and ignore the first one.
See https://man7.org/linux/man-pages/man1/dpkg-query.1.html for a list
of status.
# Checklist for submitter
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [X] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
UI portion for #13157
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
#19447
iOS and iPadOS apps can be installed using Apple's VPP (Volume Purchase
Program)
VPP apps are now using a composite primary key (Adam ID and platform)
because we want to keep iOS/iPadOS/macOS separate. It is possible for
one app to be installable on all Apple platforms.
# Checklist for submitter
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [x] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Manual QA for all new/changed functionality
> Related issue: #18867
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- [x] Manual QA for all new/changed functionality
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
- Mark new API endpoints or API endpoints that were changed as part of
Fleet's first app management feature (#14921) as experimental.
- Call out what is experimental exactly (the endpoint or new keys/values) and
point to changes
> Related issue: #19870
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
For #19540
Just added the same "exclude_software" functionality that exists in "get
hosts" to the "get host by identifier" function.
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Manual QA for all new/changed functionality
#6085
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [X] Added/updated tests
- [x] Manual QA for all new/changed functionality
Additional doc changes for
https://github.com/fleetdm/fleet/issues/16961.
+ Add example CLI response that shows the token being printed after
creating an API-only user
+ Add instructions to use the log in API to get the token again
+ Remove separate section about getting API-only user's API token
Follow up from https://github.com/fleetdm/fleet/pull/20109: there were a
few descriptions that just said "body" because of some table rows with
an extra column I missed when merging in recent updates.
Since the "Modify config" parameters are mostly a bunch of different
objects, it's a bit unwieldy to document in one table. Trying out a new
format to see if it feels like the right way to document nested objects
in API parameters.
API changes for the "Get unlock PIN immediately after locking macOS
host" story (https://github.com/fleetdm/fleet/issues/19545)
---------
Co-authored-by: Victor Lyuboslavsky <victor.lyuboslavsky@gmail.com>
for #19176
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
API changes for:
- #10383
---------
Co-authored-by: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
Co-authored-by: George Karr <georgekarrv@users.noreply.github.com>
Docs for the "Webhooks for global activity feed" story (#14722)
- Add item to permissions table
- Clean up and simplify Audit logs top section. It's a reference page
- Link to Audit logs reference from Automations page
For #19936
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Manual QA for all new/changed functionality
Noticed several places where the structure of
`mdm.macos_settings.custom_settings` and
`mdm.windows_settings.custom_settings` didn't match the example response
for "Get configuration" (which I think is the most up-to-date).
(Will follow up and update the parameter descriptions for
`mdm.macos_settings.custom_settings`/`mdm.windows_settings.custom_settings`
to clarify they're objects with `path` and `labels` once
https://github.com/fleetdm/fleet/pull/19424 is merged.)
---------
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
With #17321 we added support for `zsh` interpreter and we want to
document this.
@spokanemac had a hard time understanding that we don't support `.zsh`
extension while dogfooding the feature. I added note to explain that
user must create `.sh` file with `/bin/zsh` interpreter specified.
- Add redirect for error message on Fleet server startup if private key
is missing: #19455
- Move the APNs and ABM environment variables to contributor docs. They
will no longer be used
Feedback from prospect-redwine was that this page required more depth on
policies. We have documentation around policies, this PR is to add
linking and to glue the topics together.
---------
Co-authored-by: Noah Talerman <noahtal@umich.edu>
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Co-authored-by: JD <spokanemac@users.noreply.github.com>
`server_settings.enable_analytics` was only documented in the "Get
configuration" endpoint and nowhere else. Added to "Modify
configuration" params and example response.
# Changes
I'm running orbit based osqueryd on a laptop with [Tuxedo
OS](https://www.tuxedocomputers.com/en/TUXEDO-OS_1.tuxedo#).
This OS identifies its platform via osquery as `tuxedo` and is therefore
not recognized by the Fleet server:
```json
{
"err": "unrecognized platform",
"hostID": 76,
"level": "error",
"platform": "tuxedo",
"ts": "2024-05-15T13:17:34.513509387Z"
}
```
This causes policy and scheduled queries to not being run on my system.
With this PR Im adding `tuxedo` to all occurrences found when searching
for `kali`.
Additionally pre-commit checks were failing for me locally as it could
not find the hook-id `RuboCop`. This could be solved by using `rubocop`
instead.
Afterwards all pre-commit checks succeeded locally.
# Checklist for submitter
- [x] Added/updated tests
Signed-off-by: Andreas Ulm <andreas.ulm@prisma-capacity.eu>
- Add S3 to AWS reference architecture docs
- Add note that GCP support for add/install software (deploy security
agents) and file carves is coming soon
- Add note that Render support for add/install software (deploy security
agents) is coming soon
- Update links to best practice Terraform example
Added a note to warn UI users against using dot notation for column
names in their queries.
Closes https://github.com/fleetdm/confidential/issues/6506
(@dherder, please check my interpretation of the issue.)
---------
Co-authored-by: Dave Herder <27025660+dherder@users.noreply.github.com>
Co-authored-by: Rachael Shaw <r@rachael.wtf>
for https://github.com/fleetdm/fleet/issues/14921
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [x] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [x] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [x] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
#18925 (Should also fix #17660.)
Tests:
- Ubuntu 22.04.2
- Wayland
- Works with chrome ✅
- Doesn't work with Firefox. ❌
- Xorg
- Works with Chrome. ✅
- Works with Firefox. ✅
- Ubuntu 24.04
- Wayland
- Doesn't work with Chrome. ❌
- Doesn't work with Firefox. ❌
- Xorg (when using Xorg it defaults to `DISPLAY=:1`, and with the
changes in this PR it works):
- Works with Chrome. ✅
- Works with Firefox. ✅
---
How to change between Wayland and Xorg:
- Set `WaylandEnable=false` in `/etc/gdm3/custom.conf` and reboot.
---
How to determine what's running:
```sh
$ loginctl
SESSION UID USER SEAT TTY
2 1000 luk seat0 tty2
c2 1000 luk
$ loginctl show-session 2 -p Type
# will output
Type=wayland
or
Type=x11
```
---
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [X] Added/updated tests
- [X] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [X] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [x] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
I fixed a couple of typos, corrected a couple of header tags, and
tightened up a couple of margins.
# Checklist for submitter
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Eric <eashaw@sailsjs.com>
This PR is a follow-up to https://github.com/fleetdm/fleet/issues/16660
to:
- Move all (non-recommended) deployment guides from the docs into
`/articles` under the `guides` category
- AWS ECS
- CentOS
- Cloud.gov
- AWS with Terraform
- Hetzner Cloud
- Render
- Kubernetes
- Set up redirects for migrated articles
- Add article thumbnail and cover images
# Checklist for submitter
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Rachael Shaw <r@rachael.wtf>
Co-authored-by: Eric <eashaw@sailsjs.com>
- Update docs to reflect that, in order to use Autopilot, you must have
one Intune license per host (from #fleetdm/confidential#6283)
- Make "MDM setup" doc page cross platform
- Cut content
https://github.com/fleetdm/fleet/issues/16660
Changes:
- Added a new page (deploy-fleet.md) to the deploying docs
- Moved the content from the following pages to the
deploy/reference-architectures page:
- Systemd
- Proxies
- Public IPs
- Monitoring Fleet
- Introduction
- Reordered the pages in the Deploy docs folder
- Added a redirect: `/docs/deploy/introduction »
/docs/deploy/deploy-fleet`
---------
Co-authored-by: Mike Thomas <78363703+mike-j-thomas@users.noreply.github.com>
> Related issue: #18330
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
## Notes
- ~I added an `includeTitle bool` parameter to
`ds.GetSoftwareInstallerMetadata`. This allows for the title of the
software (from the `software_titles` page) to be fetched in
`svc.DeleteSoftwareInstaller` without an additional call to the DB.~ We
wound up deciding to just fetch the title every time.
---------
Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
Fresh PR to avoid product design PRs messing with the PR open time KPI
(original here: https://github.com/fleetdm/fleet/pull/17369)
---------
Co-authored-by: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
Fresh PR to avoid product design PRs messing with the PR open time KPI
(previously https://github.com/fleetdm/fleet/pull/17711)
---------
Co-authored-by: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
Co-authored-by: George Karr <georgekarrv@users.noreply.github.com>
Fresh PR to avoid product design PRs messing with the PR open time KPI
(previously https://github.com/fleetdm/fleet/pull/17841)
Co-authored-by: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
Fresh PR to avoid product design PRs messing with the PR open time KPI
(previously https://github.com/fleetdm/fleet/pull/17670)
---------
Co-authored-by: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
