fleet

mirror of https://github.com/fleetdm/fleet synced 2026-05-17 22:18:39 +00:00

History

Lucas Manuel Rodriguez 5363ce1382 Add permanent errors to Fleet Desktop for TPM-backed httpsig work (#31220 ) For #30478. Figma: https://www.figma.com/design/qBsJ8Qpz0ZSCASbLBYL59v/-28818-Verify-identity-of-Linux-hosts-when-talking-to-Fleet--ala-Apple-MDM-?node-id=5301-90&t=t9Kuq7QUXOJkhaff-1 When the host doesn't have a TPM 2.0 device: <img width="309" height="220" alt="Screenshot 2025-07-24 at 9 35 38 AM" src="https://github.com/user-attachments/assets/ded83fb6-5de2-482c-9975-c4984e3a54c9" /> When the host was installed with an invalid enroll secret (which means it cannot generate a certificate): <img width="418" height="216" alt="Screenshot from 2025-07-24 10-00-01" src="https://github.com/user-attachments/assets/ba16781e-e56f-44cd-b574-1f293305b1a1" /> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * New Features * Fleet Desktop now displays a permanent error message in the system tray if a critical error is detected, preventing normal app startup and informing the user of the issue. * Bug Fixes * Improved handling of missing or outdated host identity certificates to ensure proper cleanup before generating new keys. * Documentation * Updated environment variable names in documentation and scripts for clarity and accuracy regarding TPM-backed certificate usage. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2025-07-24 19:06:04 -03:00
..
host_identity.go	Add permanent errors to Fleet Desktop for TPM-backed httpsig work (#31220 )	2025-07-24 19:06:04 -03:00

Lucas Manuel Rodriguez 5363ce1382

Add permanent errors to Fleet Desktop for TPM-backed httpsig work (#31220 )

For #30478.

Figma:
https://www.figma.com/design/qBsJ8Qpz0ZSCASbLBYL59v/-28818-Verify-identity-of-Linux-hosts-when-talking-to-Fleet--ala-Apple-MDM-?node-id=5301-90&t=t9Kuq7QUXOJkhaff-1

When the host doesn't have a TPM 2.0 device:
<img width="309" height="220" alt="Screenshot 2025-07-24 at 9 35 38 AM"
src="https://github.com/user-attachments/assets/ded83fb6-5de2-482c-9975-c4984e3a54c9"
/>

When the host was installed with an invalid enroll secret (which means
it cannot generate a certificate):
<img width="418" height="216" alt="Screenshot from 2025-07-24 10-00-01"
src="https://github.com/user-attachments/assets/ba16781e-e56f-44cd-b574-1f293305b1a1"
/>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **New Features**
* Fleet Desktop now displays a permanent error message in the system
tray if a critical error is detected, preventing normal app startup and
informing the user of the issue.

* **Bug Fixes**
* Improved handling of missing or outdated host identity certificates to
ensure proper cleanup before generating new keys.

* **Documentation**
* Updated environment variable names in documentation and scripts for
clarity and accuracy regarding TPM-backed certificate usage.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

2025-07-24 19:06:04 -03:00

host_identity.go

Add permanent errors to Fleet Desktop for TPM-backed httpsig work (#31220 )

2025-07-24 19:06:04 -03:00