Commit graph

40 commits

Author SHA1 Message Date
Victor Lyuboslavsky
aaac4b1dfe
Changes needed before gokit/log to slog transition. (#39527)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #38889

PLEASE READ BELOW before looking at file changes

Before converting individual files/packages to slog, we generally need
to make these 2 changes to make the conversion easier:
- Replace uses of `kitlog.With` since they are not fully compatible with
our kitlog adapter
- Directly use the kitlog adapter logger type instead of the kitlog
interface, which will let us have direct access to the underlying slog
logger: `*logging.Logger`

Note: that I did not replace absolutely all uses of `kitlog.Logger`, but
I did remove all uses of `kitlog.With` except for these due to
complexity:
- server/logging/filesystem.go and the other log writers (webhook,
firehose, kinesis, lambda, pubsub, nats)
- server/datastore/mysql/nanomdm_storage.go (adapter pattern)
- server/vulnerabilities/nvd/* (cascades to CLI tools)
- server/service/osquery_utils/queries.go (callback type signatures
cascade broadly)
- cmd/maintained-apps/ (standalone, so can be transitioned later all at
once)

Most of the changes in this PR follow these patterns:
- `kitlog.Logger` type → `*logging.Logger`
- `kitlog.With(logger, ...)` → `logger.With(...)`
- `kitlog.NewNopLogger() → logging.NewNopLogger()`, including similar
variations such as `logging.NewLogfmtLogger(w)` and
`logging.NewJSONLogger(w)`
- removed many now-unused kitlog imports

Unique changes that the PR review should focus on:
- server/platform/logging/kitlog_adapter.go: Core adapter changes
- server/platform/logging/logging.go: New convenience functions
- server/service/integration_logger_test.go: Test changes for slog

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
  - Was added in previous PR

## Testing

- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Refactor**
* Migrated the codebase to a unified internal structured logging system
for more consistent, reliable logs and observability.
* No user-facing functionality changed; runtime behavior and APIs remain
compatible.
* **Tests**
* Updated tests to use the new logging helpers to ensure consistent test
logging and validation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2026-02-11 10:08:33 -06:00
Sarah Gillespie
33e112bfa5
Capture MDM enroll reference for iOS and IPadOS devices (#39020) 2026-01-30 13:38:01 -06:00
Lucas Manuel Rodriguez
e7759a41c1
Add integration tests for VPP app auto updates (#38337)
Resolves #38111.

I made sure almost all of `handleScheduledUpdates` has coverage:
<img width="1084" height="1078" alt="Screenshot 2026-01-14 at 6 41
14 PM"
src="https://github.com/user-attachments/assets/7899e954-5e89-494d-bc78-2facd09999e0"
/>


0. Checkout this branch.
1. Download
[coverage.txt](https://github.com/user-attachments/files/24625544/coverage.txt)
2. Run `go tool cover -html=coverage.txt`.
2026-01-15 17:03:58 -03:00
Jordan Montgomery
e225ef5791
Improve Microsoft endpoint validation (#38180)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #13698

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes

## Testing

- [x] Added/updated automated tests
- [x] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)

- [x] QA'd all new/changed functionality manually
2026-01-12 15:28:45 -05:00
Magnus Jensen
418de46848
Delete FileVault on Apple MDM turn on (#35625)
<!-- Add the related story/sub-task/bug number, like Resolves #123, or
remove if NA -->
**Related issue:** Resolves #33074

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
2025-11-12 16:59:00 -03:00
Martin Angers
8a9b27b2b9
Bugfix: create past activities when an "activated" VPP app install is cancelled by turning MDM off (#33693) 2025-10-06 09:15:40 -04:00
Magnus Jensen
ca11cbb2dd
Decode dry_run query param for upload bootstrap package request (#32775)
fixes: #32090 

This was not an issue for team's configuring this value, since they do
an !opts.DryRun check, however for no team we do not have that, but I
instead opted for the handler to actually parse the value, since a
custom decoder was implemented, but dry run was forgotten to be parsed.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.

## Testing

- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
2025-09-10 09:35:45 +03:00
Victor Lyuboslavsky
8783bba7e0
Fixing flaky TestTurnOnLifecycleEventsApple (#32450)
Fixes #32448
2025-08-29 11:23:55 -05:00
Jordan Montgomery
fea2b40cd8
BMAA: Add personal enrollment type including aggregate counts (#31091)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [ ] Added/updated automated tests
- [ ] Where appropriate, automated tests simulate multiple hosts and
test for host isolation (updates to one hosts's records do not affect
another.)
- [ ] Manual QA for all new/changed functionality
2025-07-22 17:24:19 -04:00
Jordan Montgomery
1b83b1d2bc
BMAA: SCEP Renewal (#31006)
# Checklist for submitter

If some of the following don't apply, delete the relevant line.


- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- [x] Added/updated automated tests
- [x] Where appropriate, automated tests simulate multiple hosts and
test for host isolation (updates to one hosts's records do not affect
another.)
- [x] Manual QA for all new/changed functionality
2025-07-18 16:45:00 -04:00
Sarah Gillespie
0239933d07
Expand integration tests for iOS refetch (#30341) 2025-06-30 10:22:07 -05:00
Sarah Gillespie
bce10924d0
Disallow lock request for unenrolled macOS hosts (#30313) 2025-06-25 13:31:33 -05:00
Sarah Gillespie
15b60c1f41
Delete iOS host refetch commands on MDM re-enrollment (#30158) 2025-06-23 10:14:00 -05:00
Juan Fernandez
d847ec8ed4
21979: Extended wipe end-point to allow for doWipe Win CMD (#29770)
For #21979

Extended POST /api/v1/fleet/hosts/:id/wipe end-point to allow users to
specify an optional payload for specifying what type of remote wipe to
perform on Win hosts.

---------

Co-authored-by: Rachael Shaw <r@rachael.wtf>
2025-06-11 13:56:07 -04:00
Gabriel Hernandez
6d5e28ab34
change response status code for DELETE /host/:id/mdm to 204 (#29461)
For #29434

change status code from DELETE /hosts/:id/mdm from 200 to 204
2025-05-28 14:20:54 +01:00
Sarah Gillespie
8d17956f7b
Skip bootstrap package and other setup items when renewing Apple MDM enrollment profiles (#27560) 2025-03-28 16:33:22 -05:00
Victor Lyuboslavsky
6b7d232522
Additional CA validation (#27169)
For #26623

- Updated `github.com/groob/plist` to `github.com/micromdm/plist` -- it
was renamed
- Added validation that restricts DigiCert Fleet variables to
`com.apple.security.pkcs12` payloads plus additional restrictions
- Added validation that restricts Custom SCEP Fleet variables to
`com.apple.security.scep` payloads plus additional restrictions
- Enabled multiple CAs (Fleet variables) to be present in an Apple MDM
profile. But each CA can only be used once. For example, we can have
DigiCert CA and Custom SCEP CA in one Apple profile.

# Checklist for submitter
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [x] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Added/updated automated tests
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
2025-03-19 08:27:55 -05:00
Ian Littman
8ee29dc895
Include current host status and pending action in lock, unlock, and wipe API calls (#25754)
For #23241.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Added/updated automated tests
- [x] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality
- [x] Docs re-PR'd
2025-01-27 12:06:09 -06:00
Victor Lyuboslavsky
d15d2e324e
Speculative fix for flaky TestVPPApps. (#25385)
For #25086 
Speculative fix for flaky TestVPPApps (disable worker jobs). Ran 50
tests with randokiller and did not see a fail.
2025-01-13 16:28:48 -06:00
Victor Lyuboslavsky
9d9fc9b5cd
Replace script/profile secrets. (#24841)
#24548

This PR covers Apple legacy commands, Windows commands, and scripts.
Apple DDM commands and Software install/uninstall scripts will be
covered in separate PRs.

# Checklist for submitter
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
2024-12-18 15:27:35 -06:00
Victor Lyuboslavsky
e4df954b0f
Update nanomdm dependency with latest bug fixes and improvements. (#23906)
#23905 

- Update with upstream nanomdm changes up to
825f2979a2
- Removed PostgeSQL folder from our nanomdm
- Added nanomdm MySQL test job to our CI

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
2024-11-20 11:47:11 -06:00
Victor Lyuboslavsky
5eb88d13ce
Fix flaky TestLifecycleSCEPExpiration test. (#23534)
#20936

# Checklist for submitter
- [x] Added/updated tests
2024-11-05 12:06:21 -06:00
Victor Lyuboslavsky
bab0e159a9
Adding telemetry for specific Fleet Desktop errors (#23349)
Adding telemetry for catching issue #19172

# Docs changes

In another PR: https://github.com/fleetdm/fleet/pull/23423/files

# Demo
<div>
<a href="https://www.loom.com/share/233625875eec46508c26ae315cd52d19">
<p>[Demo] Add telemetry for vital fleetd errors - Issue #23413 - Watch
Video</p>
    </a>
<a href="https://www.loom.com/share/233625875eec46508c26ae315cd52d19">
<img style="max-width:300px;"
src="https://cdn.loom.com/sessions/thumbnails/233625875eec46508c26ae315cd52d19-45ca0ec1b7b5e9e7-full-play.gif">
    </a>
  </div>

# Checklist for submitter

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [x] Orbit runs on macOS, Linux and Windows. Check if the orbit
feature/bugfix should only apply to one platform (`runtime.GOOS`).
- [x] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [x] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2024-10-31 14:24:42 -05:00
Victor Lyuboslavsky
567803955e
NDES SCEP proxy backend (#22542)
#21955

<div>
<a href="https://www.loom.com/share/ba40b440502845d2861fd3ec7611bade">
<p>[Demo] Deploy SCEP certificates from Network Device Enrollment
Service (NDES) #21955 - Watch Video</p>
    </a>
<a href="https://www.loom.com/share/ba40b440502845d2861fd3ec7611bade">
<img style="max-width:300px;"
src="https://cdn.loom.com/sessions/thumbnails/ba40b440502845d2861fd3ec7611bade-84f2d88c9f5106c2-full-play.gif">
    </a>
  </div>

Note: A few remaining subtasks will be done in a follow-up PR. See
#22123 for a detailed list.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
2024-10-09 13:47:27 -05:00
Roberto Dip
05818902cd
implement OTA enrollment (#21942)
for #21019

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
2024-09-10 16:52:17 -03:00
Roberto Dip
4eb9cf72ad
MABM: fixes and re-enable integration tests (#21834)
for #21309, this also fixes a few bugs found along the way

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
2024-09-05 14:10:35 -03:00
Jahziel Villasana-Espinoza
a00559e732
feat: enable multiple ABM and VPP tokens (#21693)
> Related issue: #9956 

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [x] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Manual QA for all new/changed functionality

---------

Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
Co-authored-by: Gabriel Hernandez <ghernandez345@gmail.com>
Co-authored-by: Roberto Dip <rroperzh@gmail.com>
Co-authored-by: Sarah Gillespie <73313222+gillespi314@users.noreply.github.com>
Co-authored-by: Dante Catalfamo <43040593+dantecatalfamo@users.noreply.github.com>
Co-authored-by: Roberto Dip <dip.jesusr@gmail.com>
2024-08-29 18:51:46 -04:00
Benjamin Edwards
d1149a0a7d
Fix decoding enrollment profiles (#20984) 2024-08-02 11:34:32 -04:00
Martin Angers
b077d7e669 Merge main, fix conflicts and reorder migrations 2024-07-03 15:51:49 -04:00
Martin Angers
cb780b847a
CP Exclude Labels: apply exclusion logic when reconciling profiles/declarations (#20013) 2024-07-03 10:20:33 -04:00
Roberto Dip
5898a981c3
add a workflow to renew SCEP certificates of migrated devices (#20063)
for #19800

the motivation behind these changes is to support certificate renewals
for hosts that were migrated by inserting enrollment records via a
database migration.

those hosts still have their old enrollment profile installed, so SCEP
renewals need to be handled carefully.


# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [x] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Manual QA for all new/changed functionality
2024-07-03 09:56:32 -03:00
Victor Lyuboslavsky
05547a5130
Added view_pin param. (#19788)
#19545

`/api/latest/fleet/hosts/:id/lock` returns `unlock_pin` for Apple hosts
when query parameter `view_pin=true` is set

The lock host activity now has a `view_pin` parameter. Frontend change
is needed to reflect this in the UI.

# Checklist for submitter

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
2024-06-17 11:30:53 -05:00
Victor Lyuboslavsky
8b84b06a86
/api/latest/fleet/hosts/:id/lock returns unlock_pin for Apple hosts (#19720)
/api/latest/fleet/hosts/:id/lock returns `unlock_pin` for Apple hosts
#19545 
# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
2024-06-14 06:58:17 -05:00
Lucas Manuel Rodriguez
3dbdbc1bcf
Add support for iOS/iPadOS to osquery-perf (#19522)
#18119

- [X] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.

Sample on how to simulate 50 iPads and 50 iPhones:
```sh
go run ./cmd/osquery-perf -host_count 100 -os_templates iphone_14.6.tmpl:50,ipad_13.18.tmpl:50 -mdm_scep_challenge <...>
```
2024-06-10 17:02:35 -03:00
Roberto Dip
1f6534f933
generate/ingest SCEP challenges and improve error messages (#19468)
for #19454
2024-06-03 18:33:52 -03:00
Roberto Dip
178c0d565f Merge remote-tracking branch 'origin/main' into feat-save-certs 2024-05-30 18:34:40 -03:00
Roberto Dip
545e56d288
19016 ingest certs on start (#19360)
For #19016

This changes all the places where we previously assumed that certs were
hardcoded when the Fleet server started to query the database instead.

The plan is to loadtest afterwards, but as a first preemptive measure,
this adds a caching layer on top the mysql datastore.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Added/updated tests
- [x] If database migrations are included, checked table schema to
confirm autoupdate
- For database migrations:
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [x] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Manual QA for all new/changed functionality
2024-05-30 18:18:42 -03:00
Roberto Dip
9ec92a601f
prevent a bug causing SCEP renewals to fail (#19313)
for #19311

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Added/updated tests
- [x] Manual QA for all new/changed functionality
2024-05-28 20:31:53 -03:00
Roberto Dip
7559944ec7
fix device SCEP renewal cron if a host is deleted (#19158)
for #19149
2024-05-20 18:11:17 -03:00
Roberto Dip
05719633a1
add consistent MDM host lifecycle management (#18510)
The mantra for MDM lifecycle events is:

> - Noah: When MDM is turned on, install fleetd, bootstrap package (if
DEP),
> and profiles. Don't clear host vitals (everything you see on the Host
>      details page)
>    - Noah: On re-enrollment, don't clear host vitals.
>    - Noah: On lock and wipe, don't clear host vitals.
>    - Noah: On delete, clear host vitals.

This addresses issues:

- https://github.com/fleetdm/fleet/issues/17243
- https://github.com/fleetdm/fleet/issues/17481
- https://github.com/fleetdm/fleet/issues/17292
- https://github.com/fleetdm/fleet/issues/18030
- https://github.com/fleetdm/fleet/issues/18031
2024-04-29 16:43:15 -03:00