Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-24 09:28:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 31
fleet/changes
History
Scott Gress 1cd37ef966
Update NewLabel method to use more efficient update mechanism (#25777) 
For #25555 

# Checklist for submitter

- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [X] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)

This PR updates the `NewLabel` service to use the
`UpdateLabelMembershipByHostIDs` method previously added by
@jacobshandling rather than using `ApplyLabels`. The latter method has
performance issues when adding large numbers of hosts at once to a
manual label (see #25555) because it does an expensive lookup of host
names before transforming those into Fleet host IDs. The new code skips
the middleman and transforms host identifiers directly to Fleet host
IDs, and does so using a batching strategy to ensure the queries don't
get too large.

This PR does update `UpdateLabelMembershipByHostIDs` slightly to return
an updated Label object and host IDs array, as this is the expected
return value for `NewLabel`. I update the method's tests accordingly. I
don't think any new tests for `NewLabel` are needed as it should have
the same functionality and return values.

## Manual Testing

On the main branch, I launched my local MySQL with the thread stack size
set to the minimal allowed, and used the API to try and create a new
label with 5,000 hosts attached, and received a 422 response from the
server. Server logs showed:
```
level=error ts=2025-01-28T15:08:20.465401Z component=http user=scott@fleetdm.com method=POST 
uri=/api/latest/fleet/labels took=16.610292ms err="get hostnames by identifiers: Error 1436 (HY000): Thread stack 
overrun:  111136 bytes used of a 131072 byte stack, and 20000 bytes needed.  Use 'mysqld --thread_stack=#' to specify 
a bigger stack."
```

On this branch, I kept the same MySQL settings and tried my API request
again and it was successful:
<img width="776" alt="image"
src="https://github.com/user-attachments/assets/c4f0f52b-4d09-457b-8096-4dd3a747b1f4"
/>

## QA

The script I used to create a new manual label with lots of hosts is at:
https://gist.github.com/sgress454/84f12064c437da456c456e25c26d9069

To run it, first grab a bearer token from any API request by opening the
network tab, clicking a Fleet API request, and in the headers tab
scrolling down to Authorization:
<img width="892" alt="image"
src="https://github.com/user-attachments/assets/5680f3bf-8db8-469a-9f03-000b86622c04"
/>
(only take the part _after_ "Bearer")

Then download the script from that gist and in its folder run:
```
NODE_TLS_REJECT_UNAUTHORIZED=0 node ./add_hosts_to_label.js <the bearer token> "<a label name>"
```
e.g.
```
NODE_TLS_REJECT_UNAUTHORIZED=0 node ./add_hosts_to_label.js U3HpbdtadmJXGKYSB0U/PbwfOpHbBt7FpkWmGKKYolOO1moLNZA6XxP+QO5LVukvAotZ7d+JbNUEEhYHZtxoqg== "some test label"
```
This will invoke the API on https://localhost:8080 and try to add 5000
hosts a new label "some test label".

If you need to change the # of hosts or the url of the server, there are
additional arguments:
```
NODE_TLS_REJECT_UNAUTHORIZED=0 node ./add_hosts_to_label.js <the bearer token> "<a label name>" <number of hosts> <url>
```
e.g.
```
NODE_TLS_REJECT_UNAUTHORIZED=0 node ./add_hosts_to_label.js U3HpbdtadmJXGKYSB0U/PbwfOpHbBt7FpkWmGKKYolOO1moLNZA6XxP+QO5LVukvAotZ7d+JbNUEEhYHZtxoqg== "some test label" 10000 https://foo.bar
```
2025-01-31 09:19:36 -06:00
..
.keep Issue 1009 calculate diff software (#1305) 2021-07-08 13:57:43 -03:00
16865-increase-statistics-frequency increase stats freq to 1H (#16865) 2025-01-29 15:08:44 -05:00
21827-edit-vpp-teams Fleet UI: Clarify VPP app teams (#25111) 2025-01-03 09:31:25 -05:00
22353-abm-hosts-upcoming-activities Fix upcoming activities for ABM-deleted hosts (#25530) 2025-01-21 15:26:00 -05:00
22364-vuln-cron Optimize vulnerability host counts (#24914) 2025-01-13 15:44:02 -07:00
22464-list-hosts-populate-users-labels Add options to populate users and labels on list hosts endpoint (#25621) 2025-01-22 11:17:26 -05:00
22544-move-linux-lock-wipe Delete duplicate linux lock/wipe scripts (#25611) 2025-01-22 10:46:59 -05:00
22919-semver-util Added util func around semver to allow for custom preprocessing. Upgraded semver lib (#25437) 2025-01-23 10:21:15 -06:00
23096-fma-errors Fleet UI: Update FMA API errors in UI (#25646) 2025-01-27 15:32:12 -05:00
23115-vpp-policy Add VPP policy automation support to backend (#25154) 2025-01-13 15:53:24 -06:00
23116-fma-dl-url Fleet UI: Surface download URL for Fleet-maintained app when adding (#25762) 2025-01-27 16:23:08 -05:00
23241-lock-api-response Include current host status and pending action in lock, unlock, and wipe API calls (#25754) 2025-01-27 12:06:09 -06:00
23302-fma-click-bug Fleet UI: Fix app id link not row id (#25113) 2025-01-03 09:30:59 -05:00
23312-update-policies-empty-state Update policies page empty state (#25726) 2025-01-29 11:12:28 -06:00
23512-clarify-expected-behavior-of-host-counts UI – Clarify expected behavior of policy host counts, dashboard controls software count, and controls os updates versions count (#25150) 2025-01-06 10:55:28 -08:00
23528-install-software-policy-filter Fleet UI: VPP auto install software on failed policies, filter software compatible to policy's target platform, etc (#25202) 2025-01-13 16:45:16 -08:00
23770-fleetctl-linux-arm Build fleetctl linux arm64 binary (#25905) 2025-01-30 15:39:53 -06:00
23811-empty-cell-for-no-uuid UI – Render default empty cell when host has no UUID (#25362) 2025-01-10 16:07:21 -08:00
23823-cloudfront-cdn Cloudfront URL config changes (#25145) 2025-01-06 11:33:24 -06:00
23924-handle-long-team-names UI - Improve handling of long team names by teams dropdown (#25802) 2025-01-28 10:27:02 -08:00
23971-persist-hosts-column-settings-across-sessions UI - use new db user settings to persist user's host table column preferences (#25185) 2025-01-09 10:53:43 -08:00
24035-team-agent-options-ui-resets UI - Maintain user's updates to the team agent options form when they navigate away and back again (#25803) 2025-01-28 15:20:46 -08:00
24038-agent-options-key-error Display correct key path to user for agent options (#25199) 2025-01-10 13:13:28 -05:00
24148-re-install-fma fix: update install script for FMAs to improve re-install process (#25238) 2025-01-09 14:22:21 -05:00
24335-dropdown-styling-bug Fleet UI: Fix software actions dropdown styling bug (#25102) 2025-01-03 09:32:31 -05:00
24366-success-email-message Never include sender address in update email success message (#25178) 2025-01-06 15:16:54 -08:00
24418-bad-links Fleet UI: Update bad links in setup experience (#25110) 2025-01-03 09:29:38 -05:00
24421-fix-my-device-paths UI – Exclude self-service URL path from DUP when not a valid option for the host (#25383) 2025-01-13 14:48:39 -08:00
24486-error-for-invalid-invites UI – Updates to confirm invite flow (#25583) 2025-01-24 10:55:39 -08:00
24602-editable-scripts Edible Scripts Backend (#25739) 2025-01-30 13:01:51 -05:00
24618-make-email-logo-dark-mode-compatible Replace email logo with one that looks good in both light and dark mode (#25192) 2025-01-10 10:42:44 -08:00
24629-ui-os-updates-table Hide updated time when loading OS versions table data (#25200) 2025-01-07 12:29:13 -06:00
24653-live-query-from-edit-affects-performance-stats UI: only setEditingExistingQuery in the edit query form if the query has been modified (#25115) 2025-01-03 10:46:03 -08:00
24660-team-admins-cant-set-sso-mfa UI - Ungate user form SSO field for non-admins, handle subtle UX bug (#25351) 2025-01-14 09:54:02 -08:00
24720-msi-large-interned-strings Handle long interned strings in MSI parsing (#25079) 2025-01-02 10:41:08 -06:00
24732-gzip Compress CSS and JS with gzip before serving to reduce load time/page weight (#25658) 2025-01-21 20:15:08 -06:00
24754-require-pw-for-pw-auth Require a password when changing a user from SSO to password-based authentication (#25843) 2025-01-30 09:32:11 -08:00
24790-admx-policies Fixes issue verifying Windows CSP profiles that contain ADMX policies. (#25528) 2025-01-17 14:56:25 -06:00
24795-host-count Fleet UI: Add timestamps to host count on software detail pages (#25143) 2025-01-07 09:22:41 -05:00
24804-deleted-profiles Fixing issue where deleted profiles were being sent to devices. (#25095) 2025-01-06 13:16:34 -06:00
24816-fix-double-mdm-commands Fix issue when identical MDM commands are sent twice to the same device when replica DB is being used. (#25355) 2025-01-10 16:50:22 -06:00
24873-pkg-name fix: use a new strategy for finding the app name in case the title is wrong (#25297) 2025-01-10 16:42:06 -05:00
24876-dashboard-cards Fleet UI: New Dashboard host count cards (+ their responsiveness to 320px) (#25694) 2025-01-29 15:15:49 -05:00
24948-display-api-errors-in-user-form UI - Coordinate multiple error inputs to successfully display server errors as UserForm field errors (#25476) 2025-01-16 13:23:00 -08:00
24958-gitops-webhooks-disable Use webhooks settings from gitops even when empty (#25347) 2025-01-15 11:31:48 -05:00
24959-ui-my-device-software-filter Hide dropdown filter in software card on "My device" page (#25371) 2025-01-14 10:45:00 -06:00
24962-ui-dashboard-mdm-solutions-table Remove arrow icon from MDM solution table (#25211) 2025-01-08 17:41:26 -06:00
25004-fleetctl-packge-cli-instructions Add instructions for command line installation on pkg gen (#25166) 2025-01-06 13:04:12 -05:00
25009-smtp-page-validation UI - Improve validation of SMTP settings form (#25051) 2025-01-02 10:30:41 -08:00
25015-user-page-responsive Fleet UI: Fix user management page overflow (#25733) 2025-01-24 10:06:49 -05:00
25072-25073-software-name-overflow Fleet UI: Fix overflow of software title in 2 more modals (#25294) 2025-01-09 13:42:58 -05:00
25075-false-positive Ignore CVE-2024-10327 since it's iOS-only (#25083) 2025-01-02 13:07:02 -06:00
25114-include-team-queries-in-host-details-query-modal UI – Include team-level queries in Select query modal, only call for queries when needed (#25286) 2025-01-09 10:08:46 -08:00
25130-iterm-false-neg fix: add translation for iterm2 (#25477) 2025-01-16 20:17:10 -05:00
25144-uninstall-after-mdm-action Fix detection of uninstall scripts when recording script results after a host has had MDM actions taken (#25157) 2025-01-06 07:57:17 -06:00
25160-optimize-software-during-enrollment Optimize software_titles query to use indexes (#25722) 2025-01-23 15:48:21 -03:00
25194-vpp-app-clear fix: do not remove VPP apps from team if not strictly necessary (#25411) 2025-01-14 12:31:04 -05:00
25201-unknown-installer-version Allow software installers with unknown versions through rather than failing the upload (#25426) 2025-01-20 11:49:52 -06:00
25241-smtp-helo-domain Utilize custom SMTP domain if set (#25669) 2025-01-28 11:10:52 -05:00
25244-batch-set-declarations Fixed issue with incorrect batch DDM update activity. (#25372) 2025-01-14 11:24:36 -06:00
25251-url-fleet-app-response Added url property on get fleet maintained app endpoint (#25660) 2025-01-23 10:23:05 -06:00
25257-dropdown-improvements Fleet UI: Updates to dropdown selected states (#25635) 2025-01-22 10:22:59 -05:00
25261-identical-hostnames-label-membership Update label membership by host IDs directly (#25687) 2025-01-23 12:38:57 -08:00
25264-sso-form-validation UI - Update validation pattern on SSO settings form (#25387) 2025-01-13 14:47:02 -08:00
25265-boostrap-package-not-found Downgraded expected/common "BootstrapPackage not found" server error to a debug message. (#25266) 2025-01-08 17:14:10 -06:00
25307-fleetctl-package-link Add link to learn more about installing fleetd (#25610) 2025-01-22 09:19:10 -05:00
25318-update-sso-settings-error-states UI - Update metadata error states on Sso settings form (#25614) 2025-01-22 15:01:52 -08:00
25346-fix-manage-automations-link-on-dash Hide manage automations from maintainers (#25727) 2025-01-24 11:17:14 -06:00
25366-manage-automation-dropdown-styling Fleet UI: Fix Manage automation dropdown styling (#25753) 2025-01-27 09:14:16 -05:00
25427-allow-excluding-fma-from-software-titles Add "ExcludeFleetMaintainedApps" option to software titles query (#25649) 2025-01-30 11:22:12 -06:00
25555-batch-hostnames-on-new-label Update NewLabel method to use more efficient update mechanism (#25777) 2025-01-31 09:19:36 -06:00
25567-renew-vpp fix: correctly get VPP token ID when doing a renewal (#25657) 2025-01-22 09:55:49 -05:00
25581-session-id Allow Windows SessionID=0 (#25582) 2025-01-20 09:12:33 -06:00
25590-node Bump Node version to 20.18.1 (#25591) 2025-01-20 15:50:28 -06:00
25597-false-positives Map product/vendor for homebrew "pass" package, skip "jira" python package as it has no CVEs (#25626) 2025-01-21 15:34:44 -06:00
25609-archive-encryption-keys Disk encryption keys are now archived when created/updated (#25638) 2025-01-22 14:54:40 -06:00
25615-windows-mdm-profiles Fix issue where Windows MDM profiles are not sent to offline hosts (#25619) 2025-01-21 09:59:32 -06:00
25640-fix-idp-source Fix incorrect source in device mapping REST API docs (#25641) 2025-01-24 16:32:03 -06:00
25748-remove-fleetctl-from-fleetdm-fleet-docker-image Remove fleetctl binary from fleetdm/fleet image and remove unused Dockerfile (#25749) 2025-01-28 19:58:20 -03:00
25759-illegal-argument-errors Illegal argument errors will no longer be logged at the ERROR level (#25761) 2025-01-27 14:03:38 -06:00
issue-21691-windows-disk-encryption-dont-resend update message for failed windows disk encryption and dont show resend button (#25630) 2025-01-21 17:07:44 +00:00
issue-23912-ui-for-activities Chore rework UI activities (#25539) 2025-01-20 10:39:46 +00:00
issue-24824-tooltip-verified-verifying improve verified and verifying tooltips in profile status UI (#25886) 2025-01-31 12:24:31 +00:00
issue-24901-fixes-error-cutoff fix for window profiles error message being cut off on OS settings modal (#25922) 2025-01-31 14:40:24 +00:00
issue-24992-padding-fixes-around-lists normalise spacing for lists and help text across various modals (#25663) 2025-01-23 15:47:38 +00:00
issue-25507-upgrade-github-cache-action bump action/cache to version 4.2.0 (#25508) 2025-01-17 15:01:27 +00:00
issue-25735-fix-500-vulnerable-host-software fix 500 page when filtering by vulnerabilities on host software (#25816) 2025-01-29 12:09:28 +00:00
osquery-constant-prerelease Include pre-releases when building osquery version list constant (#25089) 2025-01-02 11:38:15 -06:00