Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-16 05:28:38 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 141
fleet/tools
History
Lucas Manuel Rodriguez 18f010f228
Update fleetdm/fleetctl, fleetdm/wix and fleetdm/bomutils docker images (#21063) 
#20571

## Summary of changes

We have a few moving parts in fleetctl land (`fleetdm/wix` is used to
build `msi`s and `fleetdm/bomutils` is used to build `pkg`s, and
`fleetdm/fleetctl` can be used to build packages using docker, no need
for fleetctl executable):
```mermaid
graph LR

fleetctl_exec[fleetctl<br>executable];
wix_image[fleetdm/wix<br>docker image];
bomutils_image[fleetdm/bomutils<br>docker image];
fleetctl_image[fleetdm/fleetctl<br>docker image];

fleetctl_exec -- uses --> wix_image;

fleetctl_image -- COPY dependencies<br>FROM --> wix_image;

fleetctl_exec -- uses --> bomutils_image;

fleetctl_image -- COPY dependencies<br>FROM --> bomutils_image;
```
So, we'll need to update the three images: `fleetdm/bomutils`,
`fleetdm/wix` & `fleetdm/fleetctl`.

- `tools/bomutils-docker/Dockerfile`, `tools/wix-docker/Dockerfile` and
`tools/fleetctl-docker/Dockerfile`: Updating the base image to fix the
CRITICAL vulnerabilities.
- Modified existing+unused
`.github/workflows/build-and-check-fleetctl-docker-and-deps.yml` to run
every day to check for CRITICAL vulnerabilities in `fleetdm/wix`,
`fleetdm/bomutils` and `fleetdm/fleetctl`.
- `.github/workflows/goreleaser-fleetctl-docker-deps.yaml`:
`fleetdm/bomutils` and `fleetdm/wix` were pushed manually a few years
ago (most likely by Zach), so I've added a new action to release them
when we have changes to release (like now). It will basically release
`fleetctl/bomutils` and `fleetdm/wix` when pushing a tag of the form
`fleetctl-docker-deps-*` (we'll need to protect such tag prefix).
- Changes in `.github/workflows/test-native-tooling-packaging.yml` to
build `fleetdm/bomutils` and `fleetdm/wix` for `fleetdm/fleetctl` to use
them instead of the ones in docker hub.

--

Build before upgrading `debian:stable-slim`:

https://github.com/fleetdm/fleet/actions/runs/10255391418/job/28372231837
![Screenshot 2024-08-05 at 5 24
25 PM](https://github.com/user-attachments/assets/8a7d3576-3eb6-474f-989a-079873fca4fa)

Build after upgrading `debian:stable-slim`:
https://github.com/fleetdm/fleet/actions/runs/10255550034

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Manual QA for all new/changed functionality
2024-08-20 14:07:59 -03:00
..
api added mention of new vuln endpoint (#17912) 2024-05-29 17:08:05 -06:00
apm-elastic Fix stack trace, duplicates and better coverage of captured errors in APM (#16516) 2024-02-05 11:53:39 -05:00
app
backup_db MySQL 8.0 Migration (#20225) 2024-07-22 16:27:36 -04:00
blackhat-mdm Waive 3 Go code scanning vulnerability alerts. (#18007) 2024-04-03 16:04:01 -05:00
bomutils-docker Update fleetdm/fleetctl, fleetdm/wix and fleetdm/bomutils docker images (#21063) 2024-08-20 14:07:59 -03:00
calendar Fix calendar duplicated events and other issues (#20443) 2024-07-24 13:40:33 +02:00
ci Modifying chart to include dependencies (#14758) 2023-11-07 11:16:33 -06:00
cis Script for comparing two CIS PDF files (#15307) 2023-12-06 09:21:12 -05:00
cloner-check Backend support for iOS/iPadOS OS updates (#20649) 2024-07-24 14:34:23 -03:00
dbutils Host software deleted at remigration (#20996) 2024-08-02 10:47:40 -04:00
desktop Move external dependency fleetdm/kolide-kit to monorepo (#15861) 2024-01-02 18:22:52 -03:00
file-server Switching systray dependency to one without glibc requirements (#14197) 2023-11-02 14:40:21 -05:00
fleet-docker Update/ensure pinned Dockerfile images (#20141) 2024-07-01 19:36:42 -05:00
fleetctl-docker Update fleetdm/fleetctl, fleetdm/wix and fleetdm/bomutils docker images (#21063) 2024-08-20 14:07:59 -03:00
fleetctl-npm Banner update (#20925) 2024-08-01 14:04:18 -05:00
inspect-cert chore: remove refs to deprecated io/ioutil (#14485) 2023-10-27 15:28:54 -03:00
installerstore Enable errcheck linter for golangci-lint (#8899) 2022-12-05 16:50:49 -06:00
jira-integration 🧹 friday cleanup party: substitute deprecated import of go-kit (#19774) 2024-06-17 10:27:31 -03:00
kubequery Move kubequery dependency to monorepo (#16027) 2024-01-11 08:30:26 -03:00
loadtest Update osquery loadtest guide (#14886) 2023-11-02 15:13:42 -03:00
mailpit Fix SMTP e-mail send when SMTP server has credentials (#10758) 2023-03-28 15:23:15 -03:00
mdm Merge branch 'main' into feat-mdm-migration-updates 2024-08-09 14:48:05 -04:00
mysql-replica-testing MySQL 8.0 Migration (#20225) 2024-07-22 16:27:36 -04:00
nvd/nvdvuln vscode false positivies (#19508) 2024-06-13 11:03:53 -04:00
oncall Move and fix oncall.sh script (#18217) 2024-04-11 16:23:00 -03:00
osquery MySQL 8.0 Migration (#20225) 2024-07-22 16:27:36 -04:00
osquery-agent-options Update osquery flags to 5.12.2 (#19338) 2024-06-10 17:02:49 -03:00
osquery-testing 15135 remove atom package (#15410) 2023-12-04 14:26:26 -05:00
percona/test MySQL 8.0 Migration (#20225) 2024-07-22 16:27:36 -04:00
redis-stress
redis-tests
release Update release script to branch off main for minor releases (#20956) 2024-08-01 12:18:59 -07:00
run-scripts Implement script execution on the fleetd agent (disabled by default) (#13569) 2023-08-30 14:02:44 -04:00
saml use the configured EntityID for audience validation on MDM SSO (#16144) 2024-01-22 14:30:45 -03:00
seed_data 14969 vuln software seeding tool (#15116) 2023-11-30 13:01:50 -07:00
sentry-self-hosted Fix stack trace of captured errors in Sentry, capture errors in more code paths (#16966) 2024-02-22 15:10:28 -03:00
sign-fleetctl sign fleetctl for macOS during releases (#16670) 2024-04-19 14:36:30 -03:00
smtp4dev 14729 smtp settings validation for TLS (#15029) 2023-11-21 11:48:21 -07:00
team-builder Add team builder script (#10086) 2023-05-03 09:55:14 -07:00
telemetry
terraform Update go.mod (#20273) 2024-07-09 11:44:35 -07:00
test-certs Add fake certificates for testing TLS issues (#20390) 2024-07-16 13:21:39 -03:00
test-orbit-mtls Fixing SSL certificates to make them valid. (#16359) 2024-01-31 12:00:59 -06:00
test_extensions/hello_world Add support for Linux ARM64 (#19931) 2024-07-17 16:07:59 -04:00
testdata
tuf add Escrow Buddy to TUF.md after the push to stable (#21066) 2024-08-05 18:14:12 -03:00
webhook Additional changes to happy path and cleanup cron job (#17757) 2024-03-26 13:39:37 -05:00
windows-mdm-enroll Implement Windows MDM programmatic unenrollment (notification + orbit trigger) (#12505) 2023-06-28 09:13:37 -04:00
wix-docker Update fleetdm/fleetctl, fleetdm/wix and fleetdm/bomutils docker images (#21063) 2024-08-20 14:07:59 -03:00
zendesk-integration 🧹 friday cleanup party: substitute deprecated import of go-kit (#19774) 2024-06-17 10:27:31 -03:00