mirror of
https://github.com/fleetdm/fleet
synced 2026-05-21 16:08:47 +00:00
bd51e858ac
#24900 This PR includes and depends on PR #25012, which should be reviewed/merged before this one. Windows profiles are not included in this PR due to issue #25030 This PR adds the following functionality: Apple config/DDM profile is resent to the device when the profile contains secret variables, and the values of those variables have changed. For example. - Upload secret variables - Upload profile - Device gets profile - Upload the same profile - Nothing happens - Upload a different secret variable value - Upload the same profile - Device gets updated profile # Checklist for submitter - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Added/updated tests - [x] If database migrations are included, checked table schema to confirm autoupdate - For database migrations: - [x] Checked schema for all modified table for columns that will auto-update timestamps during migration. - [x] Manual QA for all new/changed functionality
5 lines
416 B
Text
5 lines
416 B
Text
Added ability to use secrets ($FLEET_SECRET_YOURNAME) in scripts and profiles.
|
|
- Added `/fleet/spec/secret_variables` API endpoint.
|
|
- fleetctl gitops identifies secrets in scripts and profiles and saves them on the Fleet server.
|
|
- secret values are populated when scripts and profiles are sent to devices.
|
|
- When fleetctl gitops updates profiles, if the secret value has changed, the profile is updated on the host.
|