Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-23 08:58:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 111
18551 commits 3336 branches 577 tags 2.4 GiB
Commit graph

320 commits

Author SHA1 Message Date
Allen Houchins
9d30086dfe
Updated profile names for better readability in Fleet UI (#29796) 
- Updated profile names so they appear as human readable in Fleet UI
instead of by filename.
 2025-06-06 11:27:33 -05:00
Allen Houchins
d0861a33dd
Update Password settings.xml (#29779) 
- Changing 1 to 0
 2025-06-05 16:04:16 -05:00
Rachael Shaw
dbda2ce516
Label: Fix typo (#29723) 
Fix a small typo in a label description
 2025-06-05 11:29:53 -05:00
Allen Houchins
ceee0b7831
Renaming MacOS DDM and Windows policies so they appear cleaner in Fleet UI (#29697) 
- Updated Windows policies with human readable names so they appear cleaner in Fleet UI, rather than by their file names. Ex: `Disable OneDrive` vs `disable-onedrive`
 2025-06-04 09:50:11 -05:00
Allen Houchins
88149a7bc3
Fix Windows configuration profile (#29658) 
- Updated issue with password.xml where it had duplicate CmdIDs being used
 2025-05-30 21:37:29 -05:00
Allen Houchins
be0234bfcc
Self-service overhaul (#29598) 
- Added FMAs via GitOps
- Added new label for scoping apps to ARM-based (Apple Silicon) Macs
 2025-05-30 08:51:00 -05:00
Allen Houchins
d3392873d8
Updating Windows configuration profiles (#29590) 
- Updating Windows configuration profiles to prevent race condition
 2025-05-29 13:31:44 -05:00
Allen Houchins
780fc99114
Self-service overhaul (#29566) 
- added categories to existing software titles

---------

Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
 2025-05-29 11:14:17 -05:00
Allen Houchins
9e865e6ead
Update password.xml (#29565) 
- Changed setting from disabled (0) to enabled (1)
 2025-05-29 10:29:49 -05:00
Allen Houchins
e019501002
Update password.xml (#29542) 
- Changed <Add> verb to <Replace> verb for troubleshooting.
 2025-05-28 21:29:12 -05:00
Allen Houchins
b6076c9016
Update 1Password macOS version number to 8.10.78 (#29493) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-05-27 17:07:52 -05:00
Allen Houchins
f29dde3a66
Updated support contact URL (#29298) 
- Updated the support contact URL to point to #help-dogfood instead of
the customer support portal.

Co-authored-by: Sam Pfluger <108141731+Sampfluger88@users.noreply.github.com>
 2025-05-22 08:57:26 -05:00
Allen Houchins
130b99e377
Updated software and operating system version strings (#29273) 
- Updated software and operating system version strings throughout
policies and software yml files
 2025-05-19 15:50:48 -05:00
Noah Talerman
b012a0be67
Uninstall fleetd scripts: "fleetd" (#29196) 
Fleet's agent is called "fleetd":
https://fleetdm.com/docs/get-started/anatomy#fleetd
 2025-05-15 18:48:14 -04:00
Allen Houchins
476a369924
Updated target platforms on labels (#29167) 
- Added `platform` targets for labels so labels weren't being applied to
out of scope devices unintentionally
 2025-05-15 14:09:35 -05:00
Allen Houchins
98151f3e38
Update 1Password macOS version number to 8.10.76 (#29096) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-05-13 13:20:32 -05:00
Allen Houchins
e1a187d5b5
Update macOS version number to 15.5 (#29069) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-05-12 19:30:00 -05:00
Allen Houchins
abe4bce12a
Update santa-test-devices.yml (#28804) 
- Added another test device for `santa`
 2025-05-05 11:27:27 -05:00
Allen Houchins
de38811103
Update password.xml (#28802) 
- Updated Windows password configuration profile to resolve an error
 2025-05-05 11:16:12 -05:00
Allen Houchins
d900478947
Update 1Password macOS version number to 8.10.75 (#28716) 2025-04-30 20:26:40 -04:00
Allen Houchins
4ff440d91f
Update 1Password macOS version number to 8.10.74 (#28649) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-04-29 13:57:19 -05:00
Allen Houchins
c28d162827
Update personal-mobile-devices.yml (#28633) 
- Removed incompatible DDM profile for unsupervised devices
 2025-04-29 10:08:34 -05:00
Allen Houchins
2ebfd82025
Update santa-test-devices.yml (#28519) 
- Added more devices for santa testing
 2025-04-24 09:55:43 -05:00
Lucas Manuel Rodriguez
0ebcf788ad
Update SSO settings for dogfood (#28435) 
- `issuer_uri` and `enable_jit_role_sync` are deprecated (see
https://github.com/fleetdm/fleet/issues/10688)
- Setting `enable_sso_idp_login` to allow testing logins initiated from
Google.
 2025-04-22 10:40:34 -05:00
Allen Houchins
86c1a12471
Updated minimum OS versions (#28439) 
- Updated minimum OS versions for macOS, iOS, and iPadOS.
- Removed extra line break
 2025-04-22 09:17:54 -05:00
Allen Houchins
3562daa28a
Testing cleanup of No team (#28418) 
- added `custom_settings` and cleaned up invalid key (`queries`)
 2025-04-21 14:36:21 -05:00
Allen Houchins
9c2ce31c07
Update no-team.yml (#28416) 
Testing clean up
 2025-04-21 14:17:49 -05:00
Allen Houchins
416733be5b
Update team files to clean up No Team (#28258) 2025-04-21 14:12:32 -05:00
Allen Houchins
71117b332b
Removed query no longer needed (#28410) 2025-04-21 14:33:45 -04:00
Allen Houchins
8e148d8025
Santa reconfigured for sync server (#28407) 2025-04-21 14:33:32 -04:00
Allen Houchins
2c511a92be
Update macOS version number to 15.4.1 (#28318) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-04-16 19:41:49 -05:00
Allen Houchins
555959178d
Update 1Password macOS version number to 8.10.72 (#28257) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-04-15 13:15:56 -05:00
Allen Houchins
2d4a733883
Updated webhook settings (#28252) 
Related to this: https://github.com/fleetdm/fleet/issues/27629
 2025-04-15 13:05:30 -05:00
Allen Houchins
2378ac1f7e
Re-added label scoping to configuration profiles (#28106) 2025-04-10 14:45:24 -05:00
Allen Houchins
04395d5882
Update santa-test-devices.yml (#28105) 
Adding host to label.
 2025-04-10 14:37:54 -05:00
Allen Houchins
258862f448
Re-add santa label (#28094) 2025-04-10 13:31:17 -05:00
Allen Houchins
b47ef0898c
Delete santa-test-devices.yml (#28085) 2025-04-10 10:47:32 -05:00
Allen Houchins
6351b92960
Re-adding labels for scoping (#28084) 2025-04-10 10:36:04 -05:00
Allen Houchins
3369b15b12
Adding labels via GitOps (#28083) 
Adding labels via GitOps
 2025-04-10 10:26:01 -05:00
Allen Houchins
9de88274b0
Add query to collect app hashes (#28081) 
Added query to collect app hashes.
 2025-04-10 09:34:47 -05:00
Allen Houchins
ac021a3211
Updated team names (#28078) 2025-04-10 09:21:03 -05:00
Allen Houchins
f16b01383b
Re-added app store apps (#28010) 
Re-added app store apps to mobile devices
 2025-04-08 18:37:19 -05:00
Allen Houchins
d3e23451ec
Removed VPP references (#28011) 2025-04-08 18:20:05 -05:00
Allen Houchins
76f609556b
Removed app_store_apps due to VPP race condition (#28009) 2025-04-08 17:53:04 -05:00
Allen Houchins
00480f8fb0
Renaming teams to support Android devices (#27991) 
Related to fleetdm/confidential#9192
 2025-04-08 17:45:14 -05:00
Rachael Shaw
e1cd206c26
Update passcode-settings.json (#27938) 
Add back complex character requirement
 2025-04-07 11:22:10 -05:00
Noah Talerman
1a560a0653
Help Rachael get back in to her Mac (#27934) 
Hopefully declaration profiles are delivered when a Mac is locked
 2025-04-07 12:00:37 -04:00
Allen Houchins
e9442dd4a8
Updates for exe installers in gitops (#27924) 
Added newly required install and uninstall scripts for `exe` installers.
 2025-04-06 21:24:08 -05:00
Allen Houchins
b0a6bd41eb
Updated script and policy to match naming convention (#27858) 
- updated the script and policy names to reflect naming convention and
look better in Fleet Desktop
- removed script from Servers (canary); since Fleet Desktop is not
enabled on Servers, it leads to awkward conversations when demo'ing with
customers.
 2025-04-05 22:11:01 -05:00
Allen Houchins
41e5ba4776
Update mozilla-firefox.yml (#27857) 2025-04-03 14:55:55 -05:00
Allen Houchins
90e500ff1b
Update minimum os versions for macOS, iOS, and iPadOS (#27777) 
macOS: 15.4
  Deadline: April 26, 2025

iOS: 18.4
  Deadline: April 26, 2025

iPadOS: 18.4
  Deadline: April 26, 2025
 2025-04-02 09:59:31 -05:00
Lucas Manuel Rodriguez
5ddeb317dd
Added dconf_read table and documentation to enable fleet desktop on Fedora and Debian (#27684) 
For #20675 and #25977.

- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [X] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [X] Make sure fleetd is compatible with the latest released version of
Fleet (see [Must
rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/fleetd-development-and-release-strategy.md)).
- [X] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [X] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [x] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
 2025-04-01 18:54:22 -03:00
Allen Houchins
3255caba40
Update 1Password macOS version number to 8.10.70 (#27740) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-04-01 15:47:47 -05:00
Allen Houchins
a375069a6c
Update macOS version number to 15.4 (#27721) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-03-31 20:04:30 -05:00
Allen Houchins
6e32e31896
Update default.yml (#27626) 
Updated failing policy webhook to trigger on specific policies.
 2025-03-28 09:45:28 -05:00
Noah Talerman
e93750edab
Cleanup scripts (#27307) 
- Move duplicate scripts out of `scripts/mdm/` and into
`it-and-security/` so we have one version that we can continue to
iterate and improve.
- Remove no longer used scripts out of `scripts/mdm/`

---------

Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com>
 2025-03-27 16:43:53 -05:00
Allen Houchins
f0ba5e81b4
Update enrollment-profile-up-to-date.yml (#27265) 
Clearer end user instructions.
 2025-03-25 10:16:29 -05:00
Allen Houchins
431b38f1c4
Update 1Password macOS version number to 8.10.68 (#27398) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-03-21 10:57:45 -05:00
Allen Houchins
c15d535598
Update 1Password macOS version number to 8.10.70 (#27306) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-03-19 14:05:49 -05:00
Allen Houchins
30012688d1
Added policy automation and new Windows installer (#27244) 
- Added script and workflow to keep 1Password policy up to date
- Changed to using .msi instead of .exe for Windows installer
 2025-03-19 13:54:25 -05:00
Noah Talerman
919f42a3ea
Uninstall fleetd remotely (#27024) 2025-03-19 13:35:39 -05:00
Allen Houchins
79679efd01
Updated Google Chrome for Windows software entries (#27133) 
- Added Google Chrome for Windows (ARM)
- Added logic to show Google Chrome to correct processor architecture
(x86 vs ARM)
 2025-03-14 09:36:12 -04:00
Allen Houchins
5120606db3
1Password updates (#27058) 
- added new software entry for 1Password (macOS & Windows)
- added policy to automatically install 1Password (SOC 2 requirement)
- added 1Password to macOS Setup experience
 2025-03-12 09:54:14 -05:00
Allen Houchins
16638c3754
Update macOS version number to 15.3.2 (#27056) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-03-11 19:30:55 -05:00
Noah Talerman
ce915c460d
Use disk encryption key to login to a Windows computer (#26951) 
Hint: you don't need the disk encryption key
 2025-03-10 13:32:10 -04:00
Allen Houchins
2975d51032
Assigning new disk encryption check policies to teams (#26952) 
Assigning policies created
[here](72230056d1)
to the Workstations teams.
 2025-03-07 10:24:55 -06:00
Allen Houchins
72230056d1
Added disk encryption check policies (#26949) 
Now that we are getting the new APNs certificate and enrollment profile
distributed, devices need to reboot to have FileVault enabled and their
keys escrowed the Fleet. These policies should hopefully encourage
everyone affected to restart their device.

---------

Co-authored-by: Brock Walters <153771548+nonpunctual@users.noreply.github.com>
 2025-03-07 09:49:23 -06:00
Allen Houchins
40d670e12f
Added query to detect APNs certificates (#26876) 
Create a query and assigned it to all teams to identify which macOS
devices are no longer communicating with Fleet via MDM.
 2025-03-05 14:36:00 -05:00
Allen Houchins
bd283aae5e
Update enrollment-profile-up-to-date.yml (#26834) 2025-03-04 15:13:08 -06:00
Allen Houchins
9ee2d5e695
Updating APNs certificate and related policy automations (#26696) 
Created a new policy with the calendaring automation for when I update
the APNs certificate being used.

---------

Co-authored-by: Brock Walters <153771548+nonpunctual@users.noreply.github.com>
 2025-03-04 13:42:42 -06:00
Marko Lisica
727f9aaf4c
Update Windows setup guide to include how to turn off MDM (#26562) 
Changes:
- Windows MDM setup guide update: include instructions how to turn off
MDM
- Redirect: new link `learn-more-about/windows-mdm` that will be used in
the error message.
 2025-02-25 18:35:41 -05:00
Allen Houchins
5a37455a7b
Update workstations-canary.yml (#26595) 
Added santa-block-script.sh to the Workstations (canary) team
 2025-02-25 16:00:18 -05:00
Allen Houchins
4c244657dd
Adding santa for testing (#26586) 
Adding santa for testing:
https://github.com/fleetdm/fleet/issues/24910
 2025-02-25 14:11:03 -05:00
Allen Houchins
90b4e2eabf
Update mac-enrollment-profile-up-to-date.yml (#26563) 
Updated for clearer messaging. Also removed steps in dogfood since they
may or may not work as expected.
 2025-02-25 00:48:46 -06:00
Allen Houchins
713068f4c1
Update mac-enrollment-profile-up-to-date.yml (#26530) 
Updated resolution language to be more accurate and user friendly.
 2025-02-24 10:14:51 -06:00
Allen Houchins
0a94f81431
Switched from metadata_url to metadata for end user authentication (#26042) 
Switched from metadata_url to metadata for end user authentication.

---------

Co-authored-by: Noah Talerman <47070608+noahtalerman@users.noreply.github.com>
 2025-02-20 10:02:24 -06:00
Noah Talerman
fa5e2187ac
Enable disk encryption for "Compliance exclusions" (#26476) 
- @noahtalerman: I'm using a test Windows computer to write a guide
about disk encryption keys (more info
[here](https://github.com/fleetdm/confidential/issues/9031)). This
Windows computer isn't used for work so we want to add it to our
"Compliance exclusions" team so it doesn't show up in Vanta compliance
reports.
 2025-02-19 15:29:23 -06:00
Allen Houchins
b02966b529
Software updates (#26452) 
Updated software titles and fixed `self_service` issue.
 2025-02-19 10:35:47 -06:00
Allen Houchins
58745eb86b
Update macOS version number to 15.3.1 (#26360) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-02-14 13:01:17 -08:00
Allen Houchins
1ec82f1544
Added troubleshooting logic (#26357) 
Added troubleshooting logic to the
dogfood-policy-updater-latest-macos.sh script
 2025-02-14 14:39:58 -06:00
Allen Houchins
4e967dbaa4
Update macOS version number to 15.3.1 (#26355) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-02-14 14:17:56 -06:00
Allen Houchins
2afff8242e
Update dogfood-policy-updater-latest-macos.sh (#26351) 
Updated script to automatically add reviewers to the pull request that
is created.
 2025-02-14 14:10:34 -06:00
Allen Houchins
ebdb4b860d
Update macOS version number to 15.3.1 (#26249) 
Co-authored-by: allenhouchins <allen@fleetdm.com>
 2025-02-10 19:47:28 -06:00
Allen Houchins
4abe464039
Update mozilla-firefox.yml (#26195) 
Updated Firefox version
 2025-02-07 20:03:16 -06:00
Allen Houchins
411bc4f8e6
Update workstations-canary.yml (#26194) 
Removed duplicate query
 2025-02-07 19:37:41 -06:00
Allen Houchins
47301ecb0a
Update so latest Zoom is always installed for macOS and Windows (#26161) 
Updated yml files for macOS and Windows so they always pull the latest
versions.
Updated the version downloaded for Linux hosts.
 2025-02-06 18:16:42 -06:00
Ian Littman
6c512ec857
Re-add VPP apps and VPP-team associations to Dogfood (#26122) 2025-02-05 17:46:06 -06:00
Allen Houchins
1ce3be1b8e
Multiple updates to resolve VPP issues (#26117) 2025-02-05 17:32:59 -06:00
Allen Houchins
b2beaa731d
Update default.yml (#26115) 2025-02-05 17:21:48 -06:00
Allen Houchins
44eda681d4
Updated macOS/iOS/iPadOS update deadlines (#26048) 
Updated macOS/iOS/iPadOS update deadlines to 2025-02-23 for their
respective latest versions
Formatting updates on a policy
 2025-02-04 15:51:46 -06:00
Allen Houchins
a6f8ee710e
Update mac-enrollment-profile-up-to-date.yml (#26024) 
Fixed formatting issues with how this was displaying to end users.
 2025-02-04 11:10:04 -06:00
Allen Houchins
3b9b21c5d8
New enrollment profile policy, removed disable notification mobileconfig (#26018) 
Created a new policy to help with fleetdm/confidential#9525
Deleted a configuration profile that disable Software Update
notifications 😠
 2025-02-04 08:37:05 -08:00
Allen Houchins
a677632cfe
Update antivirus-signatures-up-to-date.yml (#25990) 
Update to fix policy logic.
 2025-02-03 14:20:18 -06:00
Allen Houchins
0a9bd62bfe
Multiple policy updates (#25927) 
Added two new policies that check for available software updates. 
Renamed an existing policy to reflect accuracy. 
Resorted list of policies to group them by platform.
 2025-01-31 11:02:16 -06:00
Allen Houchins
212979d9fc
Multiple updates to queries (#25891) 
Co-authored-by: Harrison Ravazzolo <38767391+harrisonravazzolo@users.noreply.github.com>
 2025-01-30 13:00:43 -06:00
Allen Houchins
e55c664b13
Update collect-operating-system-information.yml (#25879) 
Removed unsupported `platform: Chrome`
 2025-01-29 15:44:09 -08:00
Allen Houchins
87f58e9e46
Update update-slack.yml (#25868) 
Updated version string info
 2025-01-29 12:00:51 -08:00
Allen Houchins
9740ff7d23
Query and policy fixes (#25864) 
Added query to all teams to collect operating system information for
dashboarding.
Copied Slack update policy to from Workstations (canary) to Workstations
team.
 2025-01-29 13:04:46 -06:00
Allen Houchins
f85dc597c1
Cleaning up policies (#25850) 
In support of this issue: fleetdm/confidential#8791
 2025-01-29 12:46:41 -06:00
Harrison Ravazzolo
4233937543
Add CSP to disable guest account, add to canary team (#25862) 
Confirmed on my vm that this profile deploys successfully and that the
key in gpedit is updated to Disabled.

<img width="516" alt="csp-1"
src="https://github.com/user-attachments/assets/20c407f1-e696-4cc9-90c9-2ce3d896e751"
/>
<img width="353" alt="csp-2"
src="https://github.com/user-attachments/assets/53218049-595b-4b16-97d0-ac434d883c47"
/>

---------

Co-authored-by: Allen Houchins <allenhouchins@mac.com>
 2025-01-29 11:27:42 -06:00
Allen Houchins
52d5632e37
Updates for webhooks (#25806) 
To support these dogfooding changes: fleetdm/confidential#9198
 2025-01-28 20:58:12 -06:00
Allen Houchins
740331f04a
Update latest-macos.yml (#25814) 2025-01-28 08:24:02 -08:00
Allen Houchins
e90574b808
Enable activities webhook via GitOps (#25690) 
Dogfooding this feature: fleetdm/confidential#9337
 2025-01-22 15:00:07 -06:00
Allen Houchins
af5d102e9d
Updated policies and software installs (#25677) 
- Fixed patch logic and updated version strings in Firefox and Slack
policies: fleetdm/confidential#9389
- Implemented custom target scoping for Linux software:
fleetdm/confidential#9348
- Updated and consolidated macOS latest operating system check policy
- Copied policies from "💻🐣 Workstations (canary)" to "💻 Workstations"
team
 2025-01-22 12:49:38 -06:00
Allen Houchins
11ac949c7e
Fix lock-screen-message.mobileconfig (#25443) 
Quick fix now that we have an iPhone fully enrolled in Dogfood.
 2025-01-15 17:27:14 -06:00
Noah Talerman
d5626acc6c
Dogfood hiding secrets added via YAML (#25384) 2025-01-15 13:40:39 -06:00
Allen Houchins
947055ff2b
Added Google Chrome back to Windows (#25413) 
Re-adding Google Chrome now that this bug has been fixed:
https://github.com/fleetdm/fleet/issues/24917
 2025-01-14 21:10:12 -06:00
Allen Houchins
64cd45753a
Add 1Password update profile to "💻 Workstations" team (#25291) 
fleetdm/confidential#9041

Promoting change from "💻🐣 Workstations (canary)" to "💻 Workstations"
 2025-01-09 17:02:44 -06:00
Luke Heath
b1446b1ad8
Change deadline to next Tuesday (#25129) 2025-01-03 12:34:49 -06:00
Allen Houchins
7dc840c51e
Cleanup no-team.yml, implement host expiry on servers, add Windows CSPs (#24916) 
fleetdm/confidential#9181
fleetdm/confidential#8864
fleetdm/confidential#9027
 2024-12-24 20:55:07 -06:00
Allen Houchins
db9258c9d0
Fix VPP error in new team and webhook errors (#24968) 
Fix for this:
https://github.com/fleetdm/fleet/issues/24471#issuecomment-2557675654
Fix for this:
https://fleetdm.slack.com/archives/C071NNMSP2R/p1734726391490999
 2024-12-20 15:54:29 -06:00
Allen Houchins
c50a096527
Add new "📱🔐 Personally-owned iPhones" team (#24952) 2024-12-20 14:24:59 -06:00
Janis Watts
b5d17fca4d
Implement 1Password automatic updates via config profile using "Inclu… (#24887) 
Implement 1Password automatic updates via config profile using "Include
any" labels

https://github.com/fleetdm/confidential/issues/9041

---------

Co-authored-by: Allen Houchins <allenhouchins@mac.com>
Co-authored-by: Allen Houchins <32207388+allenhouchins@users.noreply.github.com>
 2024-12-19 17:41:58 -06:00
Noah Talerman
e8a9c6654c
Update default.yml (#24921) 
- The new config is flat. We just updated the docs here:
https://github.com/fleetdm/fleet/pull/24891
 2024-12-19 17:19:33 -06:00
Allen Houchins
9b6b21f3b7
Added settings for Windows MDM migration (#24865) 2024-12-19 10:31:31 -06:00
Allen Houchins
d79e26d488
Added multi-platform software to Workstations (canary) team (#24864) 2024-12-19 10:30:17 -06:00
Allen Houchins
7babadf4ba
Added DDM profile for iOS and iPadOS and copied macOS DDM profile to Workstations team (#24825) 2024-12-17 14:19:08 -06:00
Allen Houchins
aba585ce6e
Updated minimum OS version for iOS and iPadOS (#24822) 2024-12-17 14:18:32 -06:00
Noah Talerman
256bb67f95
Dogfood: enforce macOS 15.2 (#24753) 2024-12-13 14:57:07 -06:00
Allen Houchins
03d00cd995
Removing iOS and iPadOS apps from the 💻🐣 Workstations (canary) team (#24713) 2024-12-13 14:54:49 -06:00
Allen Houchins
f1ddf8acd1
Added Software Update Settings DDM for Workstations (canary) and made Zoom for Ubuntu available in Self-service (#24661) 2024-12-11 13:51:20 -06:00
Allen Houchins
f2762cf507
added Zoom for debian Linux (#24650) 2024-12-11 10:22:17 -06:00
Luke Heath
d47bd8f626
Reorganize our it-and-security directory (#24278) 2024-12-09 13:42:47 -06:00
Luke Heath
459faf45d7
Bump OS update deadline to not be Monday after holiday (#24225) 2024-11-27 13:42:04 -06:00
Luke Heath
25fe7c0453
Install updated Firefox on policy failure (#24182) 2024-11-26 17:49:10 -06:00
Luke Heath
d15fda2693
Bump Firefox version (#24181) 2024-11-26 14:22:52 -06:00
Allen Houchins
c0c2474763
Updated Zoom download URL (#24151) 
Updated Zoom download URL to address this issue:
fleetdm/confidential#8977

More info here:
https://fleetdm.slack.com/archives/C019WG4GH0A/p1732570447472539
 2024-11-26 10:35:38 -06:00
Luke Heath
e8021462f5
Create mac-mozilla-firefox.yml (#24140) 2024-11-25 14:52:33 -06:00
Allen Houchins
f47c44f685
Enable macOS Setup Experience for Workstations team (#24125) 
In support of: https://github.com/fleetdm/confidential/issues/8790

I made the following changes to support the macOS Setup Experience in
`dogfood` for the Workstations team
- moved Software titles to their own dedicated folder and `yml` files so
they could be called via path
- edited the `macos_setup` configuration in the Workstations team yml
file.
- edited the `macos_setup_assistant` json file to skip certain items
during initial setup
- completed a `dry-run` successfully before submitting this pull request

# Expected behavior
When an ADE Mac boots for the first time, macOS Setup Experience will
automatically install Google Chrome, Zoom, Slack, and 1Password.

- Google Chrome will be downloaded via URL
- Zoom will be downloaded via URL
- Slack will be downloaded via VPP
- 1Password will be downloaded via VPP

No scripts have been included at this time and will be tracked in a
separate issue.
 2024-11-25 12:27:56 -06:00
Noah Talerman
6e0327220b
Enforce macOS 15.1.1 (#24075) 
Deadline is Monday after 🦃 Thanksgiving (US holiday)
 2024-11-22 13:00:40 -05:00
Brock Walters
fa24f130b2
Update workstations-canary.yml (#23617) 
Add - path: macos-execute-disable-fleet-desktop.sh to Workstations
(canary) script library

Co-authored-by: Victor Lyuboslavsky <victor.lyuboslavsky@gmail.com>
 2024-11-07 15:43:08 -05:00
Luke Heath
77085666f9
Update ABM yaml to set defaults teams using new format (#23600) 2024-11-07 14:38:35 -06:00
Brock Walters
4be695931b
Add macos-execute-disable-fleet-desktop to Workstations (canary) script library (#23616) 
Customers that have deployed the Fleet agent with the Fleet Desktop
application enabled sometimes want a method to arbitrarily disable Fleet
Desktop without deploying a new Fleet agent package installer.

This workflow writes a script & a Launch Daemon on a macOS Host which is
executed as a background process (because it must stop & restart the
Fleet agent) in order to disable the Fleet Desktop application by
modifying the Fleet agent configuration.
 2024-11-07 13:04:45 -05:00
Lucas Manuel Rodriguez
fe9ccd23c6
dogfood: Non-canary workstations and servers to stick to stable channels (#23123) 
With this change:
- Canary teams explicitly use `edge` channels.
- Non canary teams explicitly use `stable` channels.
 2024-10-23 17:31:37 -03:00
Lucas Manuel Rodriguez
3e29f16f53
dogfood: Restore VPP token association to teams (#23114) 
To fix
https://github.com/fleetdm/fleet/actions/runs/11468989615/job/31915263035#step:7:174

```
Error: applying app store apps for team: "🔳🏢 Company-owned iPads": POST /api/latest/fleet/software/app_store_apps/batch received status 422 Unprocessable Entity: could not retrieve vpp token: No available VPP Token
```

https://github.com/fleetdm/fleet/pull/22326 fixed so that GitOps removes
associations if they are not set (GitOps mode of operation where stuff
that's not set is removed), thus we now need to define it.
 2024-10-23 11:15:56 -03:00
Noah Talerman
467c5c4c44
DDM passcode cleanup (#22574) 
- Remove configuration profile (.mobileconfig) now that Fleet is using
the DDM profile
- Remove duplicate DDM profile: passcode-settings-ddm.json
 2024-10-02 17:07:46 -04:00
Rachael Shaw
00d31e8450
Update linux-device-health.policies.yml (#22516) 
See https://github.com/fleetdm/fleet/pull/22498
 2024-10-01 15:39:00 -05:00
Brock Walters
cfd4159487
Update macos-passcode-settings.json (#22533) 
Cuz JD is dum.
 2024-10-01 05:50:30 -07:00
Brock Walters
3f249fd11b
Nonpunctual passcode ddm (#22531) 
# Checklist for submitter

Adds passcode DDM declaration to workstations.
 2024-10-01 05:25:59 -07:00
Lucas Manuel Rodriguez
8428f193fa
Move settings to no-team.yml (#22343) 
Moving settings for hosts in "No team" from `default.yml` to
`teams/no-team.yml`.
 2024-09-24 14:25:51 -03:00
Dave Herder
1fdd127f6c
Add macOS policies for patching in workstations-canary.yml (#22323) 2024-09-23 14:17:39 -07:00
Noah Talerman
eeb0579763
Dogfood: remove "Explore data (fleetdm.com)" team (#22246) 2024-09-20 12:16:41 -05:00
Sharon Katz
b11edd9398
Add CIS policy for tests (#22112) 2024-09-17 17:49:23 -04:00
Luke Heath
e0abd89371
Update macOS latest version policy (#22025) 2024-09-11 16:26:33 -05:00
Luke Heath
2e9b0c8460
Add VPP apps to teams with Apple devices (#21996) 2024-09-11 15:34:45 -05:00
Luke Heath
ca4d45f400
Remove devices from demo policy (#21932) 2024-09-10 10:04:37 -05:00
Roberto Dip
078c0ac3b7
document and use MDM SSO settings via gitops (#21869) 
for #21313
 2024-09-09 17:03:20 -03:00
JD
2db4417bff
GitOps remove SWU config profile from teams (#21860) 2024-09-06 12:03:59 -05:00
Shea Craig
239c69b747
Fix type error (#21667) 2024-09-05 11:18:15 -05:00
Roberto Dip
ade1d06fd6
add windows configuration profiles to workstations canary (#21336) 
Adding a few Windows configuration profiles so we can dogfood them. Most
of the profiles are adaptations from the macOS profiles.

I'm not an expert, adding them to the canary team for now to avoid
breaking anyone's machine.
 2024-08-15 14:02:05 -03:00