Closes: https://github.com/fleetdm/fleet/issues/35983
Changes:
- Updated the Fleet website's `builtStaticContent.appLibrary`
configuration to include Fleet-maintained apps for Windows
- Added platform filters and Windows apps to the /software-catalog page
- Updated the URLs for Fleet maintained app detail pages to include the
app's platform, and added redirects for all changed URLs.
Closes: https://github.com/fleetdm/fleet/issues/36356
Changes:
- updated the website's `create-compliance-partner-tenant` microsoft
proxy endpoint to return a `connectionAlreadyExists` response when a
uniqueness error is returned by the database adapter.
Closes: https://github.com/fleetdm/fleet/issues/32373
Changes:
- Added Markdown versions of the Fleet's subscription terms and privacy
policy Google docs to a new folder (`legal/`) inside the
`handbook/company/` folder. (Note: These pages are not accessible from
the handbook.)
- Added pages that display the two Markdown files rendered as HTML
(`/legal/terms` and `/legal/privacy`)
Related to: https://github.com/fleetdm/confidential/issues/13219
Changes:
- Updated the `deliver-talk-to-us-form-submission` action to only use
the email domain for contact creation and enrichment, and to include the
provided organization name in contact descriptions.
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#36138
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
## Testing
- [x] Added/updated automated tests
- [x] QA'd all new/changed functionality manually
---------
Co-authored-by: Jordan Montgomery <elijah.jordan.montgomery@gmail.com>
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#34389
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
## Testing
- [x] Added/updated automated tests
- [x] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)
- [x] QA'd all new/changed functionality manually
## Database migrations
- [x] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [x] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
Closes: https://github.com/fleetdm/confidential/issues/13046
Changes:
- Updated the logged warning in deliver-contact-form-message to include
the full error thrown by the `build()` helper.
- Added intercepts to the helpers called inside of the `build()` helper
in deliver-contact-form-message, and updated it to throw an error if the
updateOrCreateContactAndAccount helper does not return an account ID.
Related to: https://github.com/fleetdm/confidential/issues/13036
Changes:
- updated the receive-redirect-from-microsoft Microsoft proxy endpoint
to redirect users to their Fleet instance if the
`getAccessTokenAndApiUrls` helper returns an error.
Closes: https://github.com/fleetdm/fleet/issues/34358
Changes:
- Updated Android enterprise proxy endpoints to log an additional
warning to alert us if we exceed the Android management API rate limit.
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves #
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
## Testing
- [ ] Added/updated automated tests
- [ ] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)
- [ ] QA'd all new/changed functionality manually
For unreleased bug fixes in a release candidate, one of:
- [ ] Confirmed that the fix is not expected to adversely impact load
test results
- [ ] Alerted the release DRI if additional load testing is needed
## Database migrations
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
## New Fleet configuration settings
- [ ] Setting(s) is/are explicitly excluded from GitOps
If you didn't check the box above, follow this checklist for
GitOps-enabled settings:
- [ ] Verified that the setting is exported via `fleetctl
generate-gitops`
- [ ] Verified the setting is documented in a separate PR to [the GitOps
documentation](https://github.com/fleetdm/fleet/blob/main/docs/Configuration/yaml-files.md#L485)
- [ ] Verified that the setting is cleared on the server if it is not
supplied in a YAML file (or that it is documented as being optional)
- [ ] Verified that any relevant UI is disabled when GitOps mode is
enabled
## fleetd/orbit/Fleet Desktop
- [ ] Verified compatibility with the latest released version of Fleet
(see [Must
rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/workflows/fleetd-development-and-release-strategy.md))
- [ ] If the change applies to only one platform, confirmed that
`runtime.GOOS` is used as needed to isolate changes
- [ ] Verified that fleetd runs on macOS, Linux and Windows
- [ ] Verified auto-update works from the released version of component
to the new version (see [tools/tuf/test](../tools/tuf/test/README.md))
Closes: https://github.com/fleetdm/fleet/issues/18924
Changes:
- Updated the `intercept()` in create-vanta-authorization-request to
only return an `invalidToken` exit if the user's Fleet instance returns
a `401` response.
This is another attempt at debugging/solving the current android proxy
bug.
This tries to not use the global google options, and instead just passes
the authClient directly to all google calls.
The other PR with wait, did initially succeed for me, but then failed
right after.
Related to: https://github.com/fleetdm/fleet/issues/32358
Changes:
- Updated the `deliver-contact-form-message` action to create a
historical event in our CRM when users submit the "Send a message" form.
Closes: https://github.com/fleetdm/fleet/issues/35222
Changes:
- Updated the `view-fleet-premium-trial-or-redirect` action to redirect
users who have purchased a self-service Fleet Premium license to their
customer dashboard.
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Attempt at debugging #34776
Another attempt to further debug this issue. This attempt tries to
verify that the scopes for the token is correct, and is not overriden by
another call to the scopes.
The reason is that the `www-authenticate` response header is saying
`error="insufficient_scope"`
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Attempt at solving #34776
This was verified by extracting the create topic, and getIamPolicy, and
without the flow.build it worked fine, but when added it started
failing.
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#34776
Adds delay to subsequent retries on creation of Android enterprise
---------
Co-authored-by: Eric <eashaw@sailsjs.com>
Related to: https://github.com/fleetdm/fleet/issues/34776
Changes:
- Updated the create-android-enterprise endpoint to retry the
getIamPolicy and setIamPolicy methods when creating a new android
enterprise.
This PR adds a small log warn statement to the fleetdm proxy for a 400
error on creating enterprise that is not an invalid token.
See this slack thread about the issue, and missing error log to further
debug the issue, unless running it locally, and then it is sometimes not
reproducable.
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves #
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [ ] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [ ] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
## Testing
- [ ] Added/updated automated tests
- [ ] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)
- [ ] QA'd all new/changed functionality manually
For unreleased bug fixes in a release candidate, one of:
- [ ] Confirmed that the fix is not expected to adversely impact load
test results
- [ ] Alerted the release DRI if additional load testing is needed
## Database migrations
- [ ] Checked schema for all modified table for columns that will
auto-update timestamps during migration.
- [ ] Confirmed that updating the timestamps is acceptable, and will not
cause unwanted side effects.
- [ ] Ensured the correct collation is explicitly set for character
columns (`COLLATE utf8mb4_unicode_ci`).
## New Fleet configuration settings
- [ ] Setting(s) is/are explicitly excluded from GitOps
If you didn't check the box above, follow this checklist for
GitOps-enabled settings:
- [ ] Verified that the setting is exported via `fleetctl
generate-gitops`
- [ ] Verified the setting is documented in a separate PR to [the GitOps
documentation](https://github.com/fleetdm/fleet/blob/main/docs/Configuration/yaml-files.md#L485)
- [ ] Verified that the setting is cleared on the server if it is not
supplied in a YAML file (or that it is documented as being optional)
- [ ] Verified that any relevant UI is disabled when GitOps mode is
enabled
## fleetd/orbit/Fleet Desktop
- [ ] Verified compatibility with the latest released version of Fleet
(see [Must
rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/workflows/fleetd-development-and-release-strategy.md))
- [ ] If the change applies to only one platform, confirmed that
`runtime.GOOS` is used as needed to isolate changes
- [ ] Verified that fleetd runs on macOS, Linux and Windows
- [ ] Verified auto-update works from the released version of component
to the new version (see [tools/tuf/test](../tools/tuf/test/README.md))
Haven't fully QA'd as I am not sure how to repro locally(when I test the
pubsub arrives before we ever run the reconciler) however this should
cause 4xx to be returned from the website instead of 5xx for android
unenrolled. We use the exact same code on a different endpoint
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#34988 partially. This just helps reduce
alerts to help-p1 and implements the interface that the server is
expecting
Changes:
- Updated who gets assigned a Render trial instance in the website's
signup action
- Updated how RenderProofOfValue records are sorted when they are
assigned to a user
Related to: https://github.com/fleetdm/fleet/issues/33798
Changes:
- Updated the redirects for logged-in users for the /login and /register
pages to take users to the /try page.
- Updated the primary button color in the query generator and the
landing page generator stylesheet template
Changes:
- Updated the "Try it now" button on the website's header navigation, it
will now open a signup/login modal on every page (excluding the
dedicated /register and /login pages)
- Updated the website to assign Fleet Premium instances hosted on Render
to eligible users. All other users will be given a 30-day Fleet Premium
trial license key to use with their deployment method of choice.
- Added a script that creates and manages a pool of Render instances.
- Added a new database model: `RenderProofOfValue`
- Added four new email templates
- Updated primary button colors to match the core product.
- Removed the organization requirement for new users signing up.
- Added a new component: `<signup-modal>`
- Added a new attribute to the User model: `fleetPremiumTrialType`
Introduces a new event type for GitHub contributions to the
fleetdm/fleet repository across webhook controller and Salesforce helper
modules. This enables tracking and handling of user contributions in
addition to existing GitHub events.
<!-- Add the related story/sub-task/bug number, like Resolves#123, or
remove if NA -->
**Related issue:** Resolves#34299
Unreleased bug in Android Config profiles 4.75.0 feature. No changes
file as such. I'm not entirely sure how to cause this as I was unable to
repro it locally, there may be a timing issue or something, so I haven't
fully QA'd manually. QA was limited to verifying basic reconciler
functionality
Also updated Website endpoint to not throw a 5XX since we expect this to
occasionally happen
# Checklist for submitter
If some of the following don't apply, delete the relevant line.
- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] If paths of existing endpoints are modified without backwards
compatibility, checked the frontend/CLI for any necessary changes
## Testing
- [x] Added/updated automated tests
- [x] Where appropriate, [automated tests simulate multiple hosts and
test for host
isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing)
(updates to one hosts's records do not affect another)
- [ ] QA'd all new/changed functionality manually
For unreleased bug fixes in a release candidate, one of:
- [x] Confirmed that the fix is not expected to adversely impact load
test results
Added 'GitHub - Stared fleetdm/fleet' and 'GitHub - Forked
fleetdm/fleet' to the activity type arrays in webhook and Salesforce
helper modules to track new forms of user engagement.
