Related to: https://github.com/fleetdm/confidential/issues/10737
Changes:
- Added `docs/scripts.yml`, a YAML file that contains a list of scripts
- Added `docs/mdm-commands.yml`, a YAML file that contains Windows and
Apple MDM commands
- Added `/mdm-commands`, a page that contains a list of MDM commands for
Windows and Apple commands
- Added `/scripts`, a page that contains a list of scripts
- Updated the `<docs-nav-and-search>` component to have a link to the
controls library, and reordered the lists.
- Updated the build static content script to add the scripts and mdm
commands from scripts.yml and mdm-commands.yml to the website's
`builtStaticContent` configuration.
- Updated the layout of the os-settings page to match the latest
wireframes
Fixes#30483
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a new webhook endpoint to track GitHub Projects v2 item status
changes and record engineering metrics.
* Integrated with Google BigQuery for storing and analyzing issue status
transition data.
* **Chores**
* Introduced a new POST API route for receiving GitHub Projects v2 item
events.
* Added configuration options for GitHub webhook secrets and Google
Cloud service account keys (commented out for future use).
* Added a new dependency for Google BigQuery integration.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Eric <eashaw@sailsjs.com>
Make @Michael Thomas auto-reviewer for `/articles` instead of CODEOWNER.
Reverts changes made in [this
PR](https://github.com/fleetdm/fleet/pull/31724).
Why? Timezones. We still want Mike T’s eyes on all guides (consistent
language, voice, branch) but don’t want to block releases and guide
updates while Mike is sleeping 😴
More context in
[Slack](https://fleetdm.slack.com/archives/C02A8BRABB5/p1755008490360329).
---------
Co-authored-by: Sam Pfluger <108141731+Sampfluger88@users.noreply.github.com>
<ins>*🌐 IT and Enablement:*</ins>
- Rename "🌐 Digital Experience" to "🌐 IT and Enablement" dept
- Rename "digital-experience.rituals.yml" to
"it-and-enablement.rituals.yml"
<ins>*🧑🚀 People*</ins>
- Create 🧑🚀 People dept
- Create "people.rituals.yml"
<ins>*🔭 CEO*</ins> (<= WHY? To maintain the [structure of the
handbook](https://fleetdm.com/handbook/company/leadership#outline-of-departmental-page-structure).)
- Create 🔭 CEO page and link to leadership
- Create ceo.rituals.yml
<ins>*💸 Finance*</ins>
- Renamed label "#g-finance" to ":help-finance" to match the rest of the
departmental labels.
---------
Co-authored-by: Eric <eashaw@sailsjs.com>
Closes: https://github.com/fleetdm/fleet/issues/31418
Changes:
- Updated the body parser middleware to return a 403 response if a
multi-part request is sent to a URL that could be for a static asset.
Updating FMA process for adding new apps by internal and external
contributors. Goals:
- A fast-track experience for contributors if the app does not have
complications (don't need to wait for issue prioritization)
- As few handoffs as possible
---------
Co-authored-by: Ian Littman <iansltx@gmail.com>
Co-authored-by: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
Closes: https://github.com/fleetdm/confidential/issues/10867
Changes:
- Updated the route for the /app-library page and app details pages to
be at `/software-catalog` and added redirects.
- Updated places where we mentioned the app library to say "software
catalog" instead.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Updated all references and navigation paths from "app library" to
"software catalog" across the website.
* Updated internal links, breadcrumbs, and share URLs to use the new
"/software-catalog" path.
* Added redirects from old "app-library" URLs to the new
"software-catalog" URLs for seamless navigation.
* **Style**
* Updated descriptive text and metadata to reflect the new "software
catalog" terminology throughout the site.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Related to:
- #30093
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a new route for organization logo size information, redirecting
users to the relevant documentation section.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
We were still missing `/learn-more-about/conditional-access`
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a new shortcut URL (/learn-more-about/conditional-access) that
directs users to the Entra Conditional Access Integration guide.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Changes:
- Added `articles` to the list of supported article categories in the
build-static-content script.
- Added a route for articles in the articles category.
- Updated the `view-basic-article` action to support the new `articles`
category.
Closes: https://github.com/fleetdm/confidential/issues/10675
Changes:
- Added a new webhook: `receive-from-zoom`. When this webhook receives
an event indicating that a call recording is done processing, this
webhook will build the transcript and send it and information about the
call to a Zapier webhook, where it will be added to a new Google doc.
Related to: https://github.com/fleetdm/fleet/issues/26521
Changes:
- Added two pages that will be used for the Microsoft compliance proxy
(`/microsoft-compliance-partner/turn-on-mdm` &
`/microsoft-compliance-partner/remediate`)
Related to: https://github.com/fleetdm/fleet/issues/26270
Changes:
- Added a new database model: `AndroidEnterprise`
- Added one new website dependency: `googleapis@148.0.0`
- Added `android-proxy/create-android-signup-url`: an endpoint that
returns a signup url used to grant access to Fleet's Android MDM
integration.
- Added `android-proxy/create-android-enterprise`: An endpoint that
creates an Android enterprise for a Fleet server
- Added `android-proxy/create-android-enrollment-token`: An endpoint
that returns an enrollment token for an Android enterprise
- Added `android-proxy/modify-android-policies`: An endpoint used to
update policies of an Android enterprise
- Added `android-proxy/delete-one-android-enterprise`: an endpoint that
deletes an Android enterprise
---------
Co-authored-by: Victor Lyuboslavsky <victor@fleetdm.com>
Changes:
- Created a new database model: `MicrosoftComplianceTenant`. A model
that stores information about complaince tenants
- Added `/policies/is-cloud-customer`: a policy that blocks requests to
microsoft proxy endpoints if a `MS API KEY` header is missing or does
not match a new config variable
(`sails.custom.config.cloudCustomerCompliancePartnerSharedSecret`)
- Added `microsoft-proxy/create-compliance-partner-tenant`: an action
that creates a database record for a new compliance tenant and generates
an API key that is used to authenticate future requests to microsoft
proxy endpoints for an entra tenant.
- Added `microsoft-proxy/get-compliance-partner-settings`: an action
that returns information about Fleet's complaince partner entra
application and the entra tenant's admin consent status (whether or not
a tenant's entra admin has granted permissions to Fleet's compliance
partner application)
- Added `microsoft-proxy/get-tenants-admin-consent-status`: an action
that updates the admin consent status of a compliance tenant record.
- Added `microsoft-proxy/setup-compliance-partner-tenant`: an action
that provisions a compliance tenant, creates a complaince policy for
macOS devices assigns the created policy to the built-in "All users"
user group on the tenants entra instance.
- Added `microsoft-proxy/update-one-devices-compliance-status`: an
action that receives information about a device on a compliance tenant's
Fleet instance, sends that information to their Entra instance, and
returns the messsage ID returned by the asynchronus Entra API.
- Added `microsoft-proxy/get-one-compliance-status-result`: an action
that returns the result of a compliance status update from the Entra
API.
- Added `sails.helpers.microsoft-proxy.get-access-token-and-api-urls` A
helper that gets an access token for a tenant's entra instance and the
URLs of the API endpoints the microsoft proxy actions use for a tenant.
- Added `scripts/send-entra-heartbeat-requests` A script that will run
daily to keep all microsoft compliance integrations provisioned.
-
---------
Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com>
Related to: #28489
Changes:
- Added the first version of the configuration profile builder to the
Fleet website. (currently supports four Windows and four macOS
password-related options).
