mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 13:37:30 +00:00
deec6aa904
<!-- Add the related story/sub-task/bug number, like Resolves #123, or remove if NA --> **Related issue:** Resolves #42008 # Details Step one in https://github.com/fleetdm/fleet/issues/40171. This PR adds a new `exceptions` subsection to the current GitOps config, with boolean keys for software, secrets and labels. For existing instances a migration is included to set labels and secrets to `true`. For new instances, only `secrets` will be `true`. # Checklist for submitter If some of the following don't apply, delete the relevant line. - [ ] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. n/a, will put changelog in when more functionality is implemented. ## Testing - [X] Added/updated automated tests - [X] QA'd all new/changed functionality manually (https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing) (updates to one hosts's records do not affect another) - [X] ran migration and verified that app config had `gitops.exceptions` with `software: false, secrets: true, labels: true` - [X] created a new instance and verified that that app config had `gitops.exceptions` with `software: false, secrets: true, labels: false` - [X] verified that the PATCH /config API works and can update exceptions independently of other config ## Database migrations - [X] Checked schema for all modified table for columns that will auto-update timestamps during migration. n/a - [X] Confirmed that updating the timestamps is acceptable, and will not cause unwanted side effects. n/a - [X] Ensured the correct collation is explicitly set for character columns (`COLLATE utf8mb4_unicode_ci`). n/a ## New Fleet configuration settings - [X] Setting(s) is/are explicitly excluded from GitOps these will not be set in GitOps, since they're _about_ how GitOps works. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit ## Release Notes * **New Features** * GitOps configuration now supports exception settings for granular resource control. Administrators can configure which specific resource types (labels, software, and secrets) are included in or excluded from GitOps mode operations. * **Improvements** * Improved GitOps configuration handling to preserve exception settings during partial updates and system migrations. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|---|---|---|
| .. | ||
| cpe | ||
| cve | ||
| fleet | ||
| fleetctl | ||
| gitops-migrate | ||
| macoffice | ||
| maintained-apps | ||
| msrc | ||
| osquery-perf | ||