Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-24 09:28:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 30
fleet/docs/Contributing/Run-Locally-Built-Orbit.md
Lucas Manuel Rodriguez 7dadec3ecf
Add mTLS support to fleetd (#11319) 
#7970

- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)~
- ~[ ] Documented any permissions changes~
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- [X] Added/updated tests
- [x] Manual QA for all new/changed functionality
  - For Orbit and Fleet Desktop changes:
- [x] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [x] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2023-04-27 08:44:39 -03:00

2 KiB
Raw Blame History

Run Locally Built Orbit

(MacOS)

Run fleet server (And the released Orbit).

In order to run a local agent (Orbit + osquery) the first step is to run the fleet server locally. Follow this document which will run it together with the released agent. https://fleetdm.com/docs/contributing/building-fleet

Modify the Orbit code as needed

Build and run locally.

In order to use a local version we need to create a local TUF service that will point the installer to take the local Orbit (Instead of the official one) More details on TUF testing is here: https://github.com/fleetdm/fleet/tree/main/tools/tuf/test

MacOS - Prepare a script file with this content. Call it my_build.sh:

SYSTEMS="macos" \
PKG_FLEET_URL=https://localhost:8080 \
PKG_TUF_URL=http://localhost:8081 \
GENERATE_PKG=1 \
ENROLL_SECRET=<REPLACE WITH REAL SECRET KEY> \
FLEET_DESKTOP=1 \
USE_FLEET_SERVER_CERTIFICATE=1 \
./tools/tuf/test/main.sh

Get a real secret key

Go to your local Fleet desktop: https://localhost:8080/hosts/manage/?order_key=display_name&order_direction=asc Get the secret key by clicking the Manage Enroll Secret

Put the real key here: ENROLL_SECRET=<REPLACE WITH REAL SECRET KEY>

Remove previous local TUF

If you already have a local TUF running, remove it.

rm -rf test_tuf

Run the local build

chmod +x my_build.sh ./my_build.sh

What your build does now

  • Download OSQ from github
  • Build Orbit from local src code
  • Build fleet desktop from local src code
  • Push these three things to the local TUF repository
  • Create a local file server to serve the local TUF repository
  • Run fleetctl package but instead of the official TUF, it fetches the target from the local TUF
  • → the end result is the installer located in /Your-Repo-Folder/fleet/fleet-osquery.pkg

Install it

Double-Click this pkg file and install the local Orbit.

Run osquery directly from the Orbit shell

sudo orbit shell