- reevaluate and potentially request review from others when PR is
edit…ed
- plus two optimizations to avoid tricking/testing the github api with
duplicate reviewers and empty reviewers
https://github.com/fleetdm/confidential/issues/3146
To test this works:
- sam should be able to change ceo handbook and be autoapproved
- mike submitting a PR to the ceo handbook should request review from
Sam but auto-approve for mike
- Jarod's use case of creating an article should now work, even if his
PR contains images
.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
Closes: https://github.com/fleetdm/confidential/issues/2964
Changes:
- Updated the `receive-from-customer-fleet-instance` webhook to send a
request to a Workspace One OAuth URL to get the authorization token used
to send requests to a Workspace one instance.
Before this is merged, we will need to:
- [ ] remove the `sails.custom.config.customerWorkspaceOneTenantId` and
`customerWorkspaceOneAuthorizationToken` config variables.
- [ ] Add two new config variables:
`sails.config.custom.customerWorkspaceOneOauthSecret` and
`sails.config.custom.customerWorkspaceOneOauthId`
.
Closes: https://github.com/fleetdm/confidential/issues/2768
Changes:
- Added `/webhooks/receive-from-customer-fleet-instance.js` - A webhook
that receives requests containing information about a host on a
customers Fleet instance and sends a request to unenroll that host from
a Workspace One instance.
Before this is merged, we will need to add four config variables to the
Fleet website:
- [x] `sails.config.custom.customerWorkspaceOneBaseUrl`
- [x] `sails.config.custom.customerWorkspaceOneTenentId`
- [x] `sails.config.custom.customerWorkspaceOneAuthorizationToken`
- [x] `sails.config.custom.customerMigrationWebhookSecret`
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- [ ] Documented any permissions changes
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [ ] Added/updated tests
- [ ] Manual QA for all new/changed functionality
- For Orbit and Fleet Desktop changes:
- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md))
.
Closes: #10848
Changes:
- Updated the `receive-usage-analytics` webhook to send custom metrics
to our Datadog account, where we can create graphs and dashboards to
track Fleet feature adoption, Fleet/osquery/orbit versions in use,
reported host counts, and stored errors.
- Added a new config variable: `sails.config.custom.datadogApiKey`
Changes:
- Updated the request to the OpenAI API in `receive-from-github.js` to
send a request to the `chat/completions/` API and updated the request
body to be compatible with the `/chat/` API.
(https://platform.openai.com/docs/api-reference/chat/create)
Upgrade to GPT-4. Increase max tokens 4x up to 8000 (aka the maximum
character length of issue description that it can pontificate about in
the form of a short haiku)
.
Changes:
- Updated `receive-from-github.js` to only send requests to freeze and
unfreeze the Fleet repo when the PR it is checking is from the
fleetdm/fleet repo.
Changes:
- Updated the `receive-from-github` webhook to tolerate failed requests
to the Merge Freeze API. If a request fails, the webhook logs a warning
and continues as if the main branch is not frozen.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
Changes:
- Updated the conditional statement that determines if we will be
notified in Slack to filter out commit comments and deleted comments
from Fleet team members with uppercase letters in their GitHub
usernames.
Improve https://github.com/fleetdm/fleet/pull/9336 providing default
settings similar to the OpenAI playground, including a higher
temperature and number of maximum tokens. Also fixes prefix trimming.
This improves https://github.com/fleetdm/fleet/pull/9336 by eliminating
junk text and encouraging better replies. Uses an h1 to emphasize the
issue title, so that short issues don't get weird and truncated, and the
bot reply stays focused on the main point of the issue.
https://github.com/fleetdm/fleet/issues/9172
Changes:
- Added
`website/api/controllers/webhooks/recieve-stripe-subscription-events.js`
a webhook for receiving Stripe events.
- If the stripe event received is from a user's subscription
automatically renewing, A new license key is generated, the subscription
record is updated, and a renewal confirmation email is sent.
- If the stripe event received is from a user's subscription's upcoming
renewal, a renewal notification email is sent.
- If any other event type is received from Stripe, the webhook returns a
200 response.
- Added new email templates:
- `email-subscription-renewal-confirmation`
- `email-upcoming-subscription-renewal`
- Updated `website/api/controllers/admin/view-email-template-preview.js`
to have fake data for the added email templates.
- Updated `website/api/controllers/customers/view-dashboard.js` to set
two boolean variables: `subscriptionExpiresSoon` and
`subscriptionHasBeenRecentlyRenewed`
- Updated the customer dashboard to display notifications on the top of
the page if a user's subscription will renew in the next 30 days, or if
the user's subscription has been renewed in the past 30 days.
- `website/views/layouts/layout-email.ejs` - Updated the font, padding,
and text color to match wireframes.
* add #handbook label to handbook PRs
* Update get-is-pr-only-handbook-changes.js
* remove while loop from _.all()
* revert changes to github token name
* Simplifications
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
A timeboxed workaround for an intermittent issue where the mergefreeze API reports that a repo is frozen: false, when the mergefreeze UI says that it is actually truly frozen.
Turns out the issue being debugged in https://github.com/fleetdm/fleet/pull/6906 was in the API itself-- somehow it can get stuck on frozen: false. If that happens, the solution is to freeze/unfreeze everything in the dashboard
* Tool: Bring back mergefreeze API integration
Context: https://github.com/fleetdm/fleet/pull/5628#issuecomment-1196175485
Unfortunately, the API doesn't work.
* Lay out how this would work in the database - but instead, do it ephemerally for now
* Remove model
* Maintain state (the easy way for now)
Related to #5898, this reports an anonymized summary of errors stored in Redis into the analytics payload.
For each error stored, this includes:
- A `count` attribute with the number of occurrences of the error
- A `loc` attribute with the 3 topmost lines in the stack trace. Note that stack traces only contain package name + line number (example: github.com/fleetdm/fleet/server.go:12
This also includes a minor refactor around error types.
* trivial (comments)
* Remove old unfreeze/freeze logic
* trivial (clarify comment)
* Trivial (fix weird character)
* Extrapolate DRI mappings into config.
* Explain why this exists
* Extrapolate logic
* Use extrapolated logic + add 5 second wait time to prevent accidents + clean up
* Use extrapolated logic and fix omission in helper
* Make freezing actually happen and document usage
* In script, don't freeze PRs as long as they're preapproved to be edited by SOMEBODY
* Lint fixes
* Github bot: Temporarily disable label change notifications
Michael Thomas🕐 Today at 01:36
Are these alerts necessary in #g-digital-experience, and if not, how do we turn them off? They're creating a lot of noise in the channel 😵
1 reply
mikermcneil 3 minutes ago
I'm envisioning Digital Experience is responsible for keeping github labels tidy, so having visibility into changes would be useful. If you currently don't have bandwidth to do it, this is an easy thing to let slip, since it isn't the highest priority. (Labels have already gotten a bit messy- to the point I don't use them at all anymore, for example. I don't think they're actually necessary anymore, other than for doing estimations)
I'll PR a change that disables it for now.
* fix extra ampersand
* GitHub webhook: Add support for '*' DRI rule
This allows any fleetie to edit the handbook landing page (e.g. in the event pages need to get moved around)
* invert how DRI rules for website are expressed
* lint fix + add support for array syntax
* Update receive-from-github.js
* Update receive-from-github.js
* Update receive-from-github.js
* Update receive-from-github.js
* Update receive-from-github.js
* Stub out a way of automatically poking a hole in branch protections for DRIs
* cleaned things out in there
* prototype of autoapproval automation
prototype of autoapproval automation for DRIs editing their files
* should never happen
