Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 13:37:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91
fleet/tools
History
Lucas Manuel Rodriguez 5363ce1382
Add permanent errors to Fleet Desktop for TPM-backed httpsig work (#31220) 
For #30478.

Figma:
https://www.figma.com/design/qBsJ8Qpz0ZSCASbLBYL59v/-28818-Verify-identity-of-Linux-hosts-when-talking-to-Fleet--ala-Apple-MDM-?node-id=5301-90&t=t9Kuq7QUXOJkhaff-1

When the host doesn't have a TPM 2.0 device:
<img width="309" height="220" alt="Screenshot 2025-07-24 at 9 35 38 AM"
src="https://github.com/user-attachments/assets/ded83fb6-5de2-482c-9975-c4984e3a54c9"
/>

When the host was installed with an invalid enroll secret (which means
it cannot generate a certificate):
<img width="418" height="216" alt="Screenshot from 2025-07-24 10-00-01"
src="https://github.com/user-attachments/assets/ba16781e-e56f-44cd-b574-1f293305b1a1"
/>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* Fleet Desktop now displays a permanent error message in the system
tray if a critical error is detected, preventing normal app startup and
informing the user of the issue.

* **Bug Fixes**
* Improved handling of missing or outdated host identity certificates to
ensure proper cleanup before generating new keys.

* **Documentation**
* Updated environment variable names in documentation and scripts for
clarity and accuracy regarding TPM-backed certificate usage.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-07-24 19:06:04 -03:00
..
android Hook up Android fleetdm.com/proxy (#29645) 2025-06-12 19:42:15 -05:00
api Update small utility (#31026) 2025-07-23 12:07:43 -06:00
apm-elastic Organize contributor docs and establish ADR process and template (#29101) 2025-05-17 15:03:52 -05:00
app Fix SSO paths to always use /v1/ instead of /latest/ (#5246) 2022-04-20 12:46:45 -04:00
app-sso-platform Add app_sso_platform table to orbit and use table in Entra ID query ingestion (#30140) 2025-06-20 17:01:38 -03:00
backup_db Clean up "click here" and "here" link anchors - part 1 (#29731) 2025-06-04 13:54:34 -06:00
bomutils-docker Remove invalid --depth=1 (#23316) 2024-10-29 15:22:39 -05:00
bump-migration Implement a tool to automate bumping a DB migration's timestamp (#30513) 2025-07-02 11:41:54 -04:00
calendar Updating golangci-lint to 1.61.0 (#22973) 2024-10-18 12:38:26 -05:00
ci Updated custom lint rules to include Android datastore. (#26722) 2025-02-28 15:08:39 -06:00
cis Script for comparing two CIS PDF files (#15307) 2023-12-06 09:21:12 -05:00
cloner-check Add config for requiring BitLocker PIN (#31109) 2025-07-23 14:38:49 -05:00
custom-package-parser Improve .pkg metadata extraction for names and bundle IDs, let custom package metadata extraction tool check an entire directory at a time (#29249) 2025-05-19 10:32:36 -05:00
dbutils Auto-generate and check Android schema.sql (#26720) 2025-02-28 16:30:40 -06:00
desktop Move external dependency fleetdm/kolide-kit to monorepo (#15861) 2024-01-02 18:22:52 -03:00
dialog Removed indicator for background LUKS validation (#28218) 2025-04-16 12:25:41 -04:00
fdm FDM updates: fdm serve, snapshot/restore improvements (#27890) 2025-04-07 09:10:15 -05:00
file-server Switching systray dependency to one without glibc requirements (#14197) 2023-11-02 14:40:21 -05:00
fleet-docker Update alpine to patch vulnerability with severity "HIGH" (#26593) 2025-02-25 18:33:24 -03:00
fleetctl-docker Update Rust in fleetctl-docker image (#27907) 2025-04-04 18:09:30 -03:00
fleetctl-npm Adding changes for Fleet v4.71.0 (#30599) (#31198) 2025-07-23 16:04:33 -06:00
fleetd-linux Added fleetd docker images to test/develop linux fleetd features (#25027) 2024-12-27 16:16:39 -03:00
github-releases Iterate status.md for reporting vulnerability updates (#29062) 2025-05-15 21:15:37 -03:00
inspect-cert chore: remove refs to deprecated io/ioutil (#14485) 2023-10-27 15:28:54 -03:00
jira-integration Updating golangci-lint to 1.61.0 (#22973) 2024-10-18 12:38:26 -05:00
kubequery Move kubequery dependency to monorepo (#16027) 2024-01-11 08:30:26 -03:00
loadtest Add script execs and software installs stats to osquery-perf (#26239) 2025-02-11 12:46:53 -05:00
luks add kdialog for kubuntu key escrow (#24405) 2024-12-05 08:44:16 -07:00
mailpit Fix SMTP e-mail send when SMTP server has credentials (#10758) 2023-03-28 15:23:15 -03:00
makefile-support Add help system to Makefile + FDM command (#25028) 2025-02-28 07:42:32 -06:00
mdm Update Go to 1.24.5 (#30770) 2025-07-15 10:59:17 -07:00
msal Microsoft Compliance Partner backend changes (#29540) 2025-06-11 14:22:46 -03:00
mysql-replica-testing MySQL 8.0 Migration (#20225) 2024-07-22 16:27:36 -04:00
nvd/nvdvuln Add gosimple linter (#23250) 2024-10-29 14:17:51 -05:00
oncall Updated oncall.sh to filter our draft PRs. (#28204) 2025-04-15 10:44:26 -05:00
osquery Remove unneeded exposed ports on osquery-in-a-box minio to avoid host-port conflicts (#30416) 2025-06-29 12:40:17 -05:00
osquery-agent-options Fix auto generated documentation CI checks in main (#30065) 2025-06-17 11:26:50 -03:00
osquery-testing 15135 remove atom package (#15410) 2023-12-04 14:26:26 -05:00
percona/test MySQL 8.0 Migration (#20225) 2024-07-22 16:27:36 -04:00
redis-stress Add redis stress (#3363) 2022-01-20 16:18:17 -03:00
redis-tests Bump go to 1.19.1 (#7690) 2022-09-12 20:32:43 -03:00
release Add arm64 support for fleetd extensions and fixes on test scripts (#31084) 2025-07-21 15:47:59 -03:00
run-scripts Implement script execution on the fleetd agent (disabled by default) (#13569) 2023-08-30 14:02:44 -04:00
saml Replace home-made SAML implementation with https://github.com/crewjam/saml (#28486) 2025-07-07 15:13:46 -03:00
seed_data/queries New tool: software package uploader (#30417) 2025-07-01 10:35:56 -06:00
sentry-self-hosted Fix stack trace of captured errors in Sentry, capture errors in more code paths (#16966) 2024-02-22 15:10:28 -03:00
sign-fleetctl Specify binary-identifier when signing fleetctl for macOS (#30374) 2025-07-01 10:38:15 -04:00
smtp4dev 14729 smtp settings validation for TLS (#15029) 2023-11-21 11:48:21 -07:00
snapshot Update Go to 1.24.5 (#30770) 2025-07-15 10:59:17 -07:00
software Support auto-install in package uploader tool (#31117) 2025-07-22 06:36:41 -06:00
team-builder Add team builder script (#10086) 2023-05-03 09:55:14 -07:00
telemetry Scope pending host profile rebuilds (#23772) 2024-11-15 11:55:30 -05:00
terraform Update Go to 1.24.5 (#30770) 2025-07-15 10:59:17 -07:00
test-certs Add fake certificates for testing TLS issues (#20390) 2024-07-16 13:21:39 -03:00
test-orbit-mtls Fixing SSL certificates to make them valid. (#16359) 2024-01-31 12:00:59 -06:00
test_extensions/hello_world Add arm64 support for fleetd extensions and fixes on test scripts (#31084) 2025-07-21 15:47:59 -03:00
testdata Add fixtures for software and vulnerabilities end-to-end tests (#6337) 2022-06-23 10:01:37 -05:00
tuf Add permanent errors to Fleet Desktop for TPM-backed httpsig work (#31220) 2025-07-24 19:06:04 -03:00
vex-parser Iterate status.md for reporting vulnerability updates (#29062) 2025-05-15 21:15:37 -03:00
webhook Additional changes to happy path and cleanup cron job (#17757) 2024-03-26 13:39:37 -05:00
windows-mdm-enroll Implement Windows MDM programmatic unenrollment (notification + orbit trigger) (#12505) 2023-06-28 09:13:37 -04:00
wix-docker Orbit for Windows ARM64 (#27882) 2025-04-11 10:18:28 -04:00
zendesk-integration Updating golangci-lint to 1.61.0 (#22973) 2024-10-18 12:38:26 -05:00