Fix up test osquery tooling (#996)

- Update certificate paths.
- Update documentation to point to the appropriate docs.

docs/4-Contribution/2-Testing.md

@@ -3,6 +3,7 @@
 - [License key](#license-key)
 - [Test suite](#test-suite)
 - [End-to-end tests](#end-to-end-tests)
+- [Test hosts](#test-hosts)
 - [Email](#email)
 - [Database backup/restore](#database-backuprestore)
 - [Teams seed data](#teams-seed-data)
@@ -193,6 +194,10 @@ CYPRESS_FLEET_TIER=basic yarn cypress run
 
 Tests will run automatically and results are reported to the shell.
 
+## Test hosts
+
+The Fleet repo includes tools to start test osquery hosts. Please see the documentation in [/tools/osquery](../../tools/osquery) for more information.
+
 ## Email
 
 #### Manually testing email with MailHog
@@ -244,7 +249,7 @@ Next, set the `FLEET_ENV_PATH` to point to the `env` file. This will let the scr
 export FLEET_ENV_PATH=/Users/victor/fleet_env
 ```
 
-Finally run one of the bash scripts located in the [/tools/api](../../tools/api/README.md) directory. 
+Finally run one of the bash scripts located in the [/tools/api](../../tools/api/README.md) directory.
 
 The `fleet/create_core` script will generate an environment to roughly reflect an installation of Fleet Core. The script creates 3 users with different roles.
 

tools/osquery/README.md

@@ -2,16 +2,15 @@
 
 The files in this directory are intended to assist with Fleet development.
 
-* `docker-compose.yml`: This docker-compose file helps with starting `osqueryd` instances for testing Fleet. More on this [below](#testing-with-containerized-osqueryd).
+- `docker-compose.yml`: This docker-compose file helps with starting `osqueryd` instances for testing Fleet. More on this [below](#testing-with-containerized-osqueryd).
 
-* `example_config.json`: An example config file with insecure default passwords. Useful for testing in a local dev environment, but should /never/ be used in production.
+- `example_config.json`: An example config file with insecure default passwords. Useful for testing in a local dev environment, but should /never/ be used in production.
 
-* `example_osquery.conf`: An example osquery config file that sets up basic configuration for distributed queries.
+- `example_osquery.conf`: An example osquery config file that sets up basic configuration for distributed queries.
 
-* `example_osquery.flags`: An example osquery flagfile setting the config options that must be loaded before the full JSON config.
-
-* `kolide.crt` & `kolide.key`: Self-signed SSL certificate & key useful for testing locally with `osqueryd`. Works with the domain `host.docker.internal` (exposed within docker containers as the host's IP). Should /never/ be used in production.
+- `example_osquery.flags`: An example osquery flagfile setting the config options that must be loaded before the full JSON config.
 
+- `fleet.crt` & `fleet.key`: Self-signed SSL certificate & key useful for testing locally with `osqueryd`. Works with the domain `host.docker.internal` (exposed within docker containers as the host's IP). Should **never** be used in production.
 
 ## Testing with containerized osqueryd
 
@@ -23,8 +22,6 @@ Docker and docker-compose are the only dependencies. The necessary container ima
 
 Set the environment variable `ENROLL_SECRET` to the value of your Fleet enroll secret (available on the manage hosts page, or via `fleetctl get enroll-secret`).
 
-(Optionally) Set `KOLIDE_OSQUERY_VERSION` if you want to run an osquery container besides `latest`.
-
 (Optionally) Set `FLEET_SERVER` if you want to connect to a fleet server
 besides `host.docker.internal:8080`.
 
@@ -57,7 +54,9 @@ If you want to only start one instance of `osqueryd`, use:
 ```
 docker-compose run ubuntu14-osquery
 ```
+
 or
+
 ```
 docker-compose run centos7-osquery
 ```
@@ -87,23 +86,29 @@ We have had no trouble running up to 100 containerized osqueryd instances on a s
 ### Generating a osqueryd core file
 
 The docker containers are configured to allow core files to be generated if osqueryd
-crashes for some reason.  You can attach to the container hosting the errant osqueryd
+crashes for some reason. You can attach to the container hosting the errant osqueryd
 instance, install gdb and use it to read the core file to find out where the crash
 occurred. The other scenario where you might find a core dump useful is if osqueryd
-stops responding.  In this case you can generate a core dump using the following instructions.
+stops responding. In this case you can generate a core dump using the following instructions.
 
 1. Open a shell session on a container
+
 ```
 docker exec -t -i <container id> /bin/bash
 ```
+
 2. Find the process ID of osqueryd
+
 ```
 ps aux
 ```
+
 There will be two osqueryd processes, you'll probably be interested in the child process (the one with the higher pid)
 
 3. Send a signal to the process to core dump
+
 ```
 kill -3 <pid>
 ```
+
 The core file should be in your current working directory on the container.

tools/osquery/docker-compose.yml

@@ -3,7 +3,7 @@ version: '2'
 
 x-default-settings:
   volumes: &default-volumes
-    - ./kolide.crt:/etc/osquery/kolide.crt
+    - ./fleet.crt:/etc/osquery/fleet.crt
     - ./example_osquery.flags:/etc/osquery/osquery.flags
   environment: &default-environment
     ENROLL_SECRET: "${ENROLL_SECRET:?ENROLL_SECRET must be set for server authentication}"

tools/osquery/example_osquery.flags

@@ -4,7 +4,7 @@
 --debug
 --tls_dump=true
 
---tls_server_certs=/etc/osquery/kolide.crt
+--tls_server_certs=/etc/osquery/fleet.crt
 
 --enroll_secret_env=ENROLL_SECRET
 --enroll_tls_endpoint=/api/v1/osquery/enroll