- Put "already configured SSO" message at the top b/c this scenario will
apply to most users
- Add missing permissions for IdP for end user auth and end user
migration
- Clean up language in docs
- Add redirects for the UI in case content moves later
---------
Co-authored-by: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
Fleet shipped email 2FA. User story is here (#22078)
- Add best practice to guides:
- Email 2FA for "break-glass" user
- SSO for all other users
- Update pricing page to link to feature request instead of the user
story.
---------
Co-authored-by: Marko Lisica <83164494+marko-lisica@users.noreply.github.com>
Closes: #23759
Changes:
- Added a title meta tag to the "Deploy Fleet" documentation page to
change the name to "Hosting Fleet"
> Note: This only changes the title of the page in the UI on
fleetdm.com, the URL will still be `/docs/deploy/deploy-fleet`
Add TF upgrade instructions
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
- [ ] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
---------
Co-authored-by: Rachael Shaw <r@rachael.wtf>
This is a really bad PR. I am sorry. I previewed it and I know it looks
horrible. Please consider it only little stickerboard of ideas.
I do, however, stand by these ideas (though not my execution of them):
- changing the first sentence to clarify whether or not this is SSO for
the Fleet console GUI/CLI experience, or if we're talking about end user
admin for employees using Fleet Desktop / getting "zero touched"
(signing into their ABM'd or autopiloted devices)
- finding some way to name Okta, and ideally the other examples I
provided, for SEO, to give people examples from a set, to get
recognizable names of the integratiion above the fold, to give people a
dash of personality by including authentik
- consolidating JIT and the other SAML implementation details into a
sentence
- unhoisting it downards (though not in the weird way I did it) -
> References:
> - ["Why read
documentation?"](https://fleetdm.com/handbook/company/why-this-way#why-read-documentation)
---------
Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
Cleaned up instructions.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
- [ ] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
---------
Co-authored-by: Rachael Shaw <r@rachael.wtf>
Annotations file feedback row 15.3: Clarity is needed in order to track
what steps are required to successfully complete a deployment.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
---------
Co-authored-by: Joey Salazar <jgsal@yahoo.com>
Co-authored-by: Rachael Shaw <r@rachael.wtf>
Also mention that we test with 8.4.2 in a few more places.
Note that while I'm editing release articles, this isn't retconning
minimum requirements; we mention in 4.55.0 release notes further down
that we expect 8.0.36.
Annotations file feedback row 15.1: Add links to various topics
mentioned
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
Annotations file feedback row 15.4: remove duplicated reference and add
clarity for Mysql and Redis sections
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
---------
Co-authored-by: Rachael Shaw <r@rachael.wtf>
Row 11: Internationalize Render deployment guide. Updated language to
reflect need to be aware of regional settings when outside the United
States.
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
<!-- Note that API documentation changes are now addressed by the
product design team. -->
Co-authored-by: Eric <eashaw@sailsjs.com>
- Add S3 to AWS reference architecture docs
- Add note that GCP support for add/install software (deploy security
agents) and file carves is coming soon
- Add note that Render support for add/install software (deploy security
agents) is coming soon
- Update links to best practice Terraform example
I fixed a couple of typos, corrected a couple of header tags, and
tightened up a couple of margins.
# Checklist for submitter
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Eric <eashaw@sailsjs.com>
This PR is a follow-up to https://github.com/fleetdm/fleet/issues/16660
to:
- Move all (non-recommended) deployment guides from the docs into
`/articles` under the `guides` category
- AWS ECS
- CentOS
- Cloud.gov
- AWS with Terraform
- Hetzner Cloud
- Render
- Kubernetes
- Set up redirects for migrated articles
- Add article thumbnail and cover images
# Checklist for submitter
- [x] Manual QA for all new/changed functionality
---------
Co-authored-by: Rachael Shaw <r@rachael.wtf>
Co-authored-by: Eric <eashaw@sailsjs.com>
https://github.com/fleetdm/fleet/issues/16660
Changes:
- Added a new page (deploy-fleet.md) to the deploying docs
- Moved the content from the following pages to the
deploy/reference-architectures page:
- Systemd
- Proxies
- Public IPs
- Monitoring Fleet
- Introduction
- Reordered the pages in the Deploy docs folder
- Added a redirect: `/docs/deploy/introduction »
/docs/deploy/deploy-fleet`
---------
Co-authored-by: Mike Thomas <78363703+mike-j-thomas@users.noreply.github.com>
Docs improvements uncovered during
[dogfooding](https://github.com/fleetdm/confidential/issues/2506):
- Update end user auth docs to link to SSO docs. So the user knows what
do to get the necessary info from their IdP (create an Okta/GW app)
- Cut content from SSO docs and move Okta and Google Workspace to top
level headers
- "IDP" => "IdP"
- Use **bold** styling to indicate UI elements in docs (instead of
_italics_)
---------
Co-authored-by: Rachael Shaw <r@rachael.wtf>
Closes: #17582
Changes:
- Updated the `build-static-content` script to not generate HTML pages
for files in subfolders that are prefixed with an underscore
- Renamed the `docs/Deploy/kubernetes` folder »
`docs/Deploy/_kubernetes`
- Documented this new behavior on the communications page of the
handbook.
- Updated commands on the Deploy Fleet on Kubernetes page.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
This PR addresses an issue in the documentation for installing the MySQL
chart using Helm. Previously, the documentation provided a Helm install
command that incorrectly referenced mysqlUser and mysqlDatabase.
However, these keys don't exist in the chart's values.yaml file anymore.
The _"Fleet's best practice `fleet-deployment.yml` file"_ link on the
["Deploy Fleet on Kubernetes" docs
page](https://fleetdm.com/docs/deploy/deploy-fleet-on-kubernetes)
doesn't actually target the YAML file it purports to and, instead, it
just points to the Markdown version of the "Deploy Fleet on Kubernetes"
docs on GitHub.
This PR changes the target URL so that link actually goes to the place
where one would expect it to (the YAML file).
- Remove example YAML file from docs to deduplicate
- Update "Prepare a new version of Fleet" handbook instructions to point
to the best practice YAML
- Add README to point to docs
- Move tools for deploying Fleet on Kubernetes to `Deploy/` folder.
- Add @dherder as CODEOWNER so that Dave gets pinged every time a
contributor wants to make a change to the Kubernetes
---------
Co-authored-by: Dave Herder <27025660+dherder@users.noreply.github.com>
Co-authored-by: Luke Heath <luke@fleetdm.com>
If some of the following don't apply, delete the relevant line.
...
---------
Co-authored-by: Sampfluger88 <108141731+Sampfluger88@users.noreply.github.com>
Co-authored-by: Rachael Shaw <r@rachael.wtf>
Closes: https://github.com/fleetdm/confidential/issues/4015
Changes:
- Changed the url for `/fleetctl-preview` to
`/try-fleet/fleetctl-preview`
- Updated the controller for the `/fleetctl-preview` page to redirect
non-logged-in users to `/try-fleet/login`
- Removed the route for `/try-fleet/sandbox-expired`, and added a
redirect going to `/try-fleet/fleetctl-preview`.
- Updated the controller for `/try-fleet/sandbox` to redirect the users
without a non-expired Sandbox instance to `/try-fleet/fleetctl-preview`.
- Updated `signup.js` to not provision Fleet sandbox instances for
users.
- Updated the `User` model to support a third `signupReason`: "Try
Fleet"
- Updated `/try-fleet/register` to submit "Try Fleet" as a
`signupReason` when users sign up.
- Renamed the files for the `/fleetctl-preview` page (`get-started` »
`fleetctl-preview`)
- Updated/removed Fleet Sandbox related handbook sections.
- Replaced the "Fleet vs Fleet Sandbox" section in the deploying
documentation with a note about `fleetctl preview`.
- Updated links to Fleet Sandbox in articles.
---------
Co-authored-by: Mike Thomas <78363703+mike-j-thomas@users.noreply.github.com>
Fixing typos - replacing capital case with lower case.
Removed all the checklist because it doesn't apply to changes in the
documentation....
...
...
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
Co-authored-by: Sampfluger88 <108141731+Sampfluger88@users.noreply.github.com>
Fixed markdown syntax for links in a couple places where it was
formatted incorrectly (`(…)[…]` instead of `[…](…)`)
(Fixed one earlier and just searched the docs folder for `)[` to find
these; hopefully this PR nabs the rest.)
