fleet

mirror of https://github.com/fleetdm/fleet synced 2026-05-06 06:48:54 +00:00

History

Victor Lyuboslavsky f79fed9712 Added auth.require_http_message_signature server option. (#30983 ) For #30947 # Checklist for submitter - [x] Input data is properly validated, `SELECT ` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated automated tests <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit New Features * Added support for requiring HTTP message signatures for fleetd requests, configurable via a new setting. * Enhanced middleware to enforce HTTP message signature requirements when enabled. * Tests * Introduced integration tests to verify host identity endpoints enforce HTTP message signature requirements. * Updated test utilities and suite setup to support configurable signature enforcement. * Chores * Refactored configuration and test server options to support the new signature enforcement feature. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2025-07-17 13:23:19 +02:00
..
config.go	Added auth.require_http_message_signature server option. (#30983 )	2025-07-17 13:23:19 +02:00
config_test.go	Migrate from `aws-sdk-go` v1 to v2 (#30308 )	2025-06-30 17:45:39 -03:00

Victor Lyuboslavsky f79fed9712

Added auth.require_http_message_signature server option. (#30983 )

For #30947 

# Checklist for submitter

- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated automated tests


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* Added support for requiring HTTP message signatures for fleetd
requests, configurable via a new setting.
* Enhanced middleware to enforce HTTP message signature requirements
when enabled.

* **Tests**
* Introduced integration tests to verify host identity endpoints enforce
HTTP message signature requirements.
* Updated test utilities and suite setup to support configurable
signature enforcement.

* **Chores**
* Refactored configuration and test server options to support the new
signature enforcement feature.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

2025-07-17 13:23:19 +02:00

config.go Added auth.require_http_message_signature server option. (#30983 ) 2025-07-17 13:23:19 +02:00

config_test.go Migrate from aws-sdk-go v1 to v2 (#30308 ) 2025-06-30 17:45:39 -03:00