mirror of
https://github.com/empayre/fleet.git
synced 2024-11-06 08:55:24 +00:00
Prepare v4.33.0 (#12302)
This commit is contained in:
Luke Heath
GitHub
parent
ab9e823ac9
commit
55387eb189
102
CHANGELOG.md
102
CHANGELOG.md
@ -1,3 +1,105 @@
|
||||
## Fleet 4.33.0 (Jun 12, 2023)
|
||||
|
||||
* Upgraded Go version to 1.19.10.
|
||||
|
||||
* Added support for ChromeOS devices.
|
||||
|
||||
* Added instructions to inform users how to add ChromeOS hosts.
|
||||
|
||||
* Added ChromeOS details to the dashboard, manage hosts, and host details pages.
|
||||
|
||||
* Added ability for users to create policies that target ChromeOS.
|
||||
|
||||
* Added built-in label for ChromeOS.
|
||||
|
||||
* Added query to fill in `device_mapping` from ChromeOS hosts.
|
||||
|
||||
* Improved the performance of live query results rendering to address usability issues when querying tens of thousands of hosts.
|
||||
|
||||
* Reduced size of live query websocket message by removing unused host data.
|
||||
|
||||
* Added the `POST /fleet/mdm/apple/profiles/preassign` endpoint to store profiles to be assigned to a host for subsequent matching with an existing (or new) team.
|
||||
|
||||
* Added the `POST /fleet/mdm/apple/profiles/match` endpoint to match pre-assigned profiles to an existing team or create one if needed, and assign the host to that team.
|
||||
|
||||
* Updated `GET /mdm/apple/profiles` endpoint to return empty array instead of null if no profiles are found.
|
||||
|
||||
* Improved ingestion of MDM devices from ABM:
|
||||
- If a device's operation_type is `modified`, but the device doesn't exist in Fleet yet, a DEP profile will be assigned to the device and a new record will be created in Fleet.
|
||||
- If a device's operation_type is `deleted`, the device won't be prompted to migrate to Fleet if the feature has been configured.
|
||||
|
||||
* Added "Verified" profile status for profiles verified with osquery.
|
||||
|
||||
* Added "Action required" status for disk encryption profile in UI for host details and device user pages.
|
||||
|
||||
* Added UI for the end user authentication page for MDM macos setup.
|
||||
|
||||
* Added new host detail query to verify MDM profiles and updated API to include verified status.
|
||||
|
||||
* Added documentation in the guide for `fleetctl get mdm-commands`.
|
||||
|
||||
* Moved post-DEP (automatic) MDM enrollment to a worker job for increased resiliency with retries.
|
||||
|
||||
* Added better UI error for manual enroll MDM modal.
|
||||
|
||||
* Updated `GET /api/_version_/fleet/config` to now omits fields `smtp_settings` and `sso_settings` if not set.
|
||||
|
||||
* Added a response payload to the `POST /api/latest/fleet/spec/teams` contributor API endpoint so that it returns an object with a `team_ids_by_name` key which maps team names with their corresponding id.
|
||||
|
||||
* Ensure we send post-enrollment commands to MDM devices that are re-enrolling after being wiped.
|
||||
|
||||
* Added error message to UI when Redis disconnects during a live query session.
|
||||
|
||||
* Optimized query used for listing activities on the dashboard.
|
||||
|
||||
* Added ability for users to delete multiple pages of hosts.
|
||||
|
||||
* Added ability to deselect label filter on host table.
|
||||
|
||||
* Added support for value `null` on `FLEET_JIT_USER_ROLE_GLOBAL` and `FLEET_JIT_USER_ROLE_TEAM_*` SAML attributes. Fleet will accept and ignore such `null` attributes.
|
||||
|
||||
* Deprecate `enable_jit_role_sync` setting and only change role for existing users if role attributes are set in the `SAMLResponse`.
|
||||
|
||||
* Improved styling in sandbox mode.
|
||||
|
||||
* Patched a potential security issue.
|
||||
|
||||
* Improved icon clarity.
|
||||
|
||||
* Fixed issues with the MDM migration flow.
|
||||
|
||||
* Fixed a bug with applying team specs via `fleetctl apply` and updating a team via the `PATCH /api/latest/fleet/mdm/teams/{id}` endpoint so that the MDM updates settings (`minimum_version` and `deadline`) are not cleared if not provided in the payload.
|
||||
|
||||
* Fixed table formatting for the output of `fleetctl get mdm-command-results`.
|
||||
|
||||
* Fixed the `/api/latest/fleet/mdm/apple_bm` endpoint so that it returns 400 instead of 500 when it fails to authenticate with Apple's Business Manager API, as this indicates a Fleet configuration issue with the Apple BM certificate or token.
|
||||
|
||||
* Fixed a bug that would show MDM URLs for the same server as different servers if they contain query parameters.
|
||||
|
||||
* Fixed an issue preventing a user with the `gitops` role from applying some MDM settings via `fleetctl apply` (the `macos_setup_assistant` and `bootstrap_package` settings).
|
||||
|
||||
* Fixed `GET /api/v1/fleet/spec/labels/{name}` endpoint so that it now includes the label id.
|
||||
|
||||
* Fixed Observer/Observer+ role being able to see team secrets.
|
||||
|
||||
* Fixed UI bug where `inherited_page=0` was incorrectly added to some URLs.
|
||||
|
||||
* Fixed misaligned icons in UI.
|
||||
|
||||
* Fixed tab misalignment caused by new font.
|
||||
|
||||
* Fixed dashed line styling on multiline activities.
|
||||
|
||||
* Fixed a bug in the users table where users that are observer+ for all of more than one team were listed as "Various roles".
|
||||
|
||||
* Fixed 500 error being returned if SSO session is not found.
|
||||
|
||||
* Fixed issue with `chrome_extensions` virtual table not returning a path value on `fleetd-chrome`, which was breaking software ingestion.
|
||||
|
||||
* Fixed bug with page navigation inside 'My Device' page.
|
||||
|
||||
* Fixed a styling bug in the add hosts modal in sandbox mode.
|
||||
|
||||
## Fleet 4.32.0 (May 24, 2023)
|
||||
|
||||
* Added support to add a EULA as part of the AEP/DEP unboxing flow.
|
||||
|
||||
@ -1 +0,0 @@
|
||||
Optimized query used for listing activities on the Dashboard.
|
||||
@ -1,3 +0,0 @@
|
||||
* Improved ingestion of MDM devices from ABM:
|
||||
- If a device's operation_type is `modified`, but the device doesn't exist in Fleet yet, a DEP profile will be assigned to the device and a new record will be created in Fleet.
|
||||
- If a device's operation_type is `deleted`, the device won't be prompted to migrate to Fleet if the feature has been configured.
|
||||
@ -1 +0,0 @@
|
||||
* Deprecate `enable_jit_role_sync` setting and only change role for existing users if role attributes are set in the `SAMLResponse`.
|
||||
@ -1 +0,0 @@
|
||||
* Support value `null` on `FLEET_JIT_USER_ROLE_GLOBAL` and `FLEET_JIT_USER_ROLE_TEAM_*` SAML attributes. Fleet will accept and ignore such `null` attributes.
|
||||
@ -1 +0,0 @@
|
||||
* Add error message to UI when Redis disconnects during a live query session.
|
||||
@ -1 +0,0 @@
|
||||
* Reduce size of live query websocket message by removing unused host data.
|
||||
@ -1 +0,0 @@
|
||||
* Ensure we send post-enrollment commands to MDM devices that are re-enrolling after being wiped.
|
||||
@ -1 +0,0 @@
|
||||
* `GET /api/_version_/fleet/config` to omit fields `smtp_settings` and `sso_settings` if not set.
|
||||
@ -1 +0,0 @@
|
||||
- Fixed bug with page navigation inside 'My Device' page.
|
||||
@ -1,2 +0,0 @@
|
||||
- Fix a bug in the users table where users that are observer+ for all of more than one team were
|
||||
listed as "Various roles"
|
||||
@ -1 +0,0 @@
|
||||
- Add ChromeOS features to the Dashboard page
|
||||
@ -1,3 +0,0 @@
|
||||
- Added built-in label for ChromeOS.
|
||||
- Fixed issue with `chrome_extensions` virtual table not returning a path value on `fleetd-chrome`,
|
||||
which was breaking software ingestion.
|
||||
@ -1 +0,0 @@
|
||||
- Added features for ChromeOS support to the ManageHosts page
|
||||
@ -1,3 +0,0 @@
|
||||
- Changed `os_version` column reported from ChromeOS hosts from `Chrome OS` to `ChromeOS`
|
||||
- Changed ChromeOS host's computer name prefix from `ChromeOS` to `Chromebook`
|
||||
- Added query to fill in `device_mapping` from ChromeOS hosts.
|
||||
@ -1 +0,0 @@
|
||||
- Added UI features relating to Chromebooks to the Host Details page
|
||||
@ -1 +0,0 @@
|
||||
Allow users to create policies that target ChromeOS
|
||||
@ -1,2 +0,0 @@
|
||||
- Improved the performance of live query results rendering to address usability issues when querying
|
||||
tens of thousands of hosts.
|
||||
@ -1 +0,0 @@
|
||||
Users can delete multiple pages of hosts
|
||||
@ -1 +0,0 @@
|
||||
- Fix a styling bug in the add hosts modal in sandbox mode
|
||||
@ -1 +0,0 @@
|
||||
- Improvements to styling in Sandbox mode
|
||||
@ -1 +0,0 @@
|
||||
* Fixed a bug that would show MDM URLs for the same server as different servers if they contain query parameters.
|
||||
@ -1 +0,0 @@
|
||||
* return a 4xx error if a SSO session is not found
|
||||
@ -1 +0,0 @@
|
||||
* Upgrade Go version to 1.19.10
|
||||
@ -1 +0,0 @@
|
||||
- Ability to deselect label filter on host table
|
||||
@ -1 +0,0 @@
|
||||
- Cleaner icons
|
||||
@ -1 +0,0 @@
|
||||
- Users with Observer/Observer+ role should not be able to see team secrets.
|
||||
@ -1 +0,0 @@
|
||||
- GET /api/v1/fleet/spec/labels/{name} endpoint should include the label id
|
||||
@ -1 +0,0 @@
|
||||
- Fixed UI bug where `inherited_page=0` was incorrectly added to some URLs
|
||||
@ -1 +0,0 @@
|
||||
- add UI for the end user authentication page for mdm macos setup
|
||||
@ -1 +0,0 @@
|
||||
* Added documentation in the guide for `fleetctl get mdm-commands`.
|
||||
@ -1 +0,0 @@
|
||||
- add "verified" profile status to fleet UI
|
||||
@ -1 +0,0 @@
|
||||
- Added new host detail query to verify MDM profiles and updated API to include verified status.
|
||||
@ -1 +0,0 @@
|
||||
- Updated `GET /mdm/apple/profiles` endpoint to return empty array instead of null if no profiles are found.
|
||||
@ -1 +0,0 @@
|
||||
- add better UI error for manual enroll mdm modal
|
||||
@ -1 +0,0 @@
|
||||
* Updated the `/api/latest/fleet/mdm/apple_bm` to return 400 instead of 500 when it fails to authenticate with Apple's Business Manager API, as this indicates a Fleet configuration issue with the Apple BM certificate or token.
|
||||
@ -1,2 +0,0 @@
|
||||
* Fixed an issue preventing a user with the `gitops` role to apply some MDM settings via `fleetctl apply` (the `macos_setup_assistant` and `bootstrap_package` settings)
|
||||
* Added a response payload to the `POST /api/latest/fleet/spec/teams` contributor API endpoint, it now returns an object with a `team_ids_by_name` key which maps team names with their corresponding id.
|
||||
@ -1 +0,0 @@
|
||||
- Added "Action required" status for disk encryption profile in UI for host details and device user pages
|
||||
@ -1 +0,0 @@
|
||||
* Moved post-DEP (automatic) MDM enrollment to a worker job for increased resiliency with retries.
|
||||
@ -1 +0,0 @@
|
||||
- fix misaligned icons in UI
|
||||
@ -1 +0,0 @@
|
||||
- Clean up dashed line styling on multiline activities
|
||||
@ -1 +0,0 @@
|
||||
- Inform users how to add ChromeOS hosts
|
||||
@ -1 +0,0 @@
|
||||
- Fix jump tabs caused by new font
|
||||
@ -1,2 +0,0 @@
|
||||
* Added the `POST /fleet/mdm/apple/profiles/preassign` endpoint to store profiles to be assigned to a host, for subsequent matching with an existing (or new) team.
|
||||
* Added the `POST /fleet/mdm/apple/profiles/match` endpoint to match pre-assigned profiles to an existing team or create one if needed, and assign the host to that team.
|
||||
@ -1 +0,0 @@
|
||||
* Fixed a bug with applying team specs via `fleetctl apply` and updating a team via the `PATCH /api/latest/fleet/mdm/teams/{id}` endpoint so that the MDM updates settings (`minimum_version` and `deadline`) are not cleared if not provided in the payload.
|
||||
@ -1 +0,0 @@
|
||||
* Fixed the table formatting for the output of `fleetctl get mdm-command-results`.
|
||||
@ -1,3 +0,0 @@
|
||||
* Fixed issues with the MDM migration flow that caused:
|
||||
- Prompt not showing up if the device belongs to a team.
|
||||
- Prompt showing up if the device is DEP capable, but manually enrolled into Fleet.
|
||||
@ -1 +0,0 @@
|
||||
* Patched a potential security issue
|
||||
@ -8,4 +8,4 @@ version: v5.0.1
|
||||
home: https://github.com/fleetdm/fleet
|
||||
sources:
|
||||
- https://github.com/fleetdm/fleet.git
|
||||
appVersion: v4.32.0
|
||||
appVersion: v4.33.0
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
# All settings related to how Fleet is deployed in Kubernetes
|
||||
hostName: fleet.localhost
|
||||
replicas: 3 # The number of Fleet instances to deploy
|
||||
imageTag: v4.32.0 # Version of Fleet to deploy
|
||||
imageTag: v4.33.0 # Version of Fleet to deploy
|
||||
podAnnotations: {} # Additional annotations to add to the Fleet pod
|
||||
serviceAccountAnnotations: {} # Additional annotations to add to the Fleet service account
|
||||
resources:
|
||||
|
||||
@ -56,7 +56,7 @@ variable "database_name" {
|
||||
|
||||
variable "fleet_image" {
|
||||
description = "the name of the container image to run"
|
||||
default = "fleetdm/fleet:v4.32.0"
|
||||
default = "fleetdm/fleet:v4.33.0"
|
||||
}
|
||||
|
||||
variable "software_inventory" {
|
||||
|
||||
@ -68,5 +68,5 @@ variable "redis_mem" {
|
||||
}
|
||||
|
||||
variable "image" {
|
||||
default = "fleet:v4.32.0"
|
||||
default = "fleet:v4.33.0"
|
||||
}
|
||||
|
||||
@ -206,7 +206,7 @@ resource "random_uuid" "jitprovisioner" {
|
||||
|
||||
# Use the local to make the trigger work.
|
||||
locals {
|
||||
fleet_tag = "v4.32.0"
|
||||
fleet_tag = "v4.33.0"
|
||||
}
|
||||
|
||||
resource "null_resource" "standard-query-library" {
|
||||
|
||||
@ -165,7 +165,7 @@ resource "helm_release" "main" {
|
||||
|
||||
set {
|
||||
name = "imageTag"
|
||||
value = "v4.32.0"
|
||||
value = "v4.33.0"
|
||||
}
|
||||
|
||||
set {
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "fleetctl",
|
||||
"version": "v4.32.0",
|
||||
"version": "v4.33.0",
|
||||
"description": "Installer for the fleetctl CLI tool",
|
||||
"bin": {
|
||||
"fleetctl": "./run.js"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user