Fixes#32504
Homebrew has removed the ability to install via a local .rb file. For
context see the PR here: https://github.com/Homebrew/brew/pull/20414 .
Also the long list of PRs and commits referencing can give you some idea
of how others are solving this
We have a few different options we can take.
We can use the usual homebrew method of doing an install
wine-stable@[version] but this does not support us installing a version
referenced by a commit SHA, rather we just get to choose a specific
semver.
We can set EVs normally intended for use only by homebrew developers.
The actual Homebrew developers have strongly cautioned against this as
it has more side effects than simply allowing local package installs.
Finally, we can take the method suggested by the Homebrew developers,
which I have done here, of creating a local tap containing our specified
Wine version's cask file and installing from it. This works well in
local testing and I think has the fewest downsides while maintaining the
reference to a specific immutable version.
# Checklist for submitter
## Testing
- [x] QA'd all new/changed functionality manually
Fixed CI run here:
https://github.com/fleetdm/fleet/actions/runs/17407514780/job/49415787748
- Added a new `Keynote installed` label so that the Keynote theme
installer will only show up for devices with Keynote installed
- Added a new `refetch_host.sh` to use to trigger an immediate refetch
For #27042.
Ready for review, just missing integration tests that I will be writing
today.
- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [X] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.
- [X] If database migrations are included, checked table schema to
confirm autoupdate
- For new Fleet configuration settings
- [X] Verified that the setting can be managed via GitOps, or confirmed
that the setting is explicitly being excluded from GitOps. If managing
via Gitops:
- [X] Verified that the setting is exported via `fleetctl
generate-gitops`
- [X] Added the setting to [the GitOps
documentation](https://github.com/fleetdm/fleet/blob/main/docs/Configuration/yaml-files.md#L485)
- [X] Verified that the setting is cleared on the server if it is not
supplied in a YAML file (or that it is documented as being optional)
- [x] Verified that any relevant UI is disabled when GitOps mode is
enabled
- For database migrations:
- [X] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [X] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [X] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
- [x] Added/updated automated tests
- [X] Manual QA for all new/changed functionality
---------
Co-authored-by: jacobshandling <61553566+jacobshandling@users.noreply.github.com>
Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
- Updated version of santa
- Added policy and script to check for existence of santa osquery
extension and install if not found
- Changed to configuration profile based rules
- Split rules into their own configuration profiles to manage easier via
GitOps
- Move duplicate scripts out of `scripts/mdm/` and into
`it-and-security/` so we have one version that we can continue to
iterate and improve.
- Remove no longer used scripts out of `scripts/mdm/`
---------
Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com>
