mirror of
https://github.com/fleetdm/fleet
synced 2026-05-20 23:48:52 +00:00
134c74a94b
For #32859. We can ignore the "Dependency review" failure in [CVE-2023-32698](https://github.com/advisories/GHSA-w7jw-q4fg-qc4c) because we already have the rules to ignore it (we are not vulnerable). I'm not updating nfpm to latest because it would require further changes on all deb/rpm generation (source code breaking changes on the golang interfaces). --- <img width="448" height="151" alt="screenshot-2025-09-11_08-38-20" src="https://github.com/user-attachments/assets/4c00b960-568a-48d9-8098-308c8ab8916f" /> <img width="391" height="73" alt="screenshot-2025-09-11_08-37-40" src="https://github.com/user-attachments/assets/dec6ea22-31f8-4930-b067-0b04b4ec2b5f" /> <img width="759" height="428" alt="Image" src="https://github.com/user-attachments/assets/0a76d070-4709-4a35-8e6e-caf869473d28" /> <img width="1178" height="634" alt="Image" src="https://github.com/user-attachments/assets/98e6fa2a-ba07-4a55-81aa-ad747f1c57b9" /> <img width="1388" height="830" alt="Image" src="https://github.com/user-attachments/assets/19d36bad-d01d-4130-b271-38bea2534833" /> <img width="933" height="930" alt="Image" src="https://github.com/user-attachments/assets/1d6a369b-65d7-46a4-98a6-e6f0b29be2c8" /> <img width="2241" height="693" alt="Image" src="https://github.com/user-attachments/assets/d8f98e97-f027-4c1c-ae5d-c4fa3b592a20" /> - [X] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. ## Testing - [x] Added/updated automated tests - [X] QA'd all new/changed functionality manually
65 lines
2.1 KiB
Bash
Executable file
65 lines
2.1 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
set -ex
|
|
|
|
export FLEET_ROOT_PASSPHRASE=p4ssphr4s3
|
|
export FLEET_TARGETS_PASSPHRASE=p4ssphr4s3
|
|
export FLEET_SNAPSHOT_PASSPHRASE=p4ssphr4s3
|
|
export FLEET_TIMESTAMP_PASSPHRASE=p4ssphr4s3
|
|
export NUDGE=1
|
|
|
|
if [ -z "$TUF_PATH" ]; then
|
|
TUF_PATH=test_tuf
|
|
fi
|
|
export TUF_PATH
|
|
|
|
if [ -z "$TUF_PORT" ]; then
|
|
TUF_PORT=8081
|
|
fi
|
|
export TUF_PORT
|
|
|
|
if { [ -n "$GENERATE_PKG" ] || [ -n "$GENERATE_DEB" ] || [ -n "$GENERATE_RPM" ] || [ -n "$GENERATE_MSI" ] ; } && [ -z "$ENROLL_SECRET" ]; then
|
|
echo "Error: To generate packages you must set ENROLL_SECRET variable."
|
|
exit 1
|
|
fi
|
|
|
|
if [ -n "$KEY_EXPIRATION_DURATION" ]; then
|
|
export EXTRA_FLEETCTL_LDFLAGS="$EXTRA_FLEETCTL_LDFLAGS -X github.com/fleetdm/fleet/v4/ee/fleetctl.keyExpirationDuration=$KEY_EXPIRATION_DURATION"
|
|
fi
|
|
if [ -n "$SNAPSHOT_EXPIRATION_DURATION" ]; then
|
|
export EXTRA_FLEETCTL_LDFLAGS="$EXTRA_FLEETCTL_LDFLAGS -X github.com/fleetdm/fleet/v4/ee/fleetctl.snapshotExpirationDuration=$SNAPSHOT_EXPIRATION_DURATION"
|
|
fi
|
|
if [ -n "$TARGETS_EXPIRATION_DURATION" ]; then
|
|
export EXTRA_FLEETCTL_LDFLAGS="$EXTRA_FLEETCTL_LDFLAGS -X github.com/fleetdm/fleet/v4/ee/fleetctl.targetsExpirationDuration=$TARGETS_EXPIRATION_DURATION"
|
|
fi
|
|
if [ -n "$TIMESTAMP_EXPIRATION_DURATION" ]; then
|
|
export EXTRA_FLEETCTL_LDFLAGS="$EXTRA_FLEETCTL_LDFLAGS -X github.com/fleetdm/fleet/v4/ee/fleetctl.timestampExpirationDuration=$TIMESTAMP_EXPIRATION_DURATION"
|
|
fi
|
|
|
|
make fleetctl
|
|
./tools/tuf/test/create_repository.sh
|
|
|
|
ROOT_KEYS=$(./build/fleetctl updates roots --path "$TUF_PATH")
|
|
export ROOT_KEYS
|
|
|
|
echo "#########"
|
|
echo "To generate packages set the following options in 'fleetctl package':"
|
|
echo "--update-roots='$ROOT_KEYS' --update-url=http://localhost:8081"
|
|
echo "You can also pass the above flags to 'fleetctl preview'."
|
|
echo "#########"
|
|
|
|
if [ -z "$SKIP_SERVER" ]; then
|
|
./tools/tuf/test/run_server.sh
|
|
fi
|
|
|
|
if [ -n "$GENERATE_PKG" ] ||
|
|
[ -n "$GENERATE_DEB" ] ||
|
|
[ -n "$GENERATE_RPM" ] ||
|
|
[ -n "$GENERATE_MSI" ] ||
|
|
[ -n "$GENERATE_DEB_ARM64" ] ||
|
|
[ -n "$GENERATE_RPM_ARM64" ] ||
|
|
[ -n "$GENERATE_PKG_TAR_ZST" ] ||
|
|
[ -n "$GENERATE_PKG_TAR_ZST_ARM64" ] ||
|
|
[ -n "$GENERATE_MSI_ARM64" ]; then
|
|
bash ./tools/tuf/test/gen_pkgs.sh
|
|
fi
|