* Update go to 1.19.4
* Comment out failing package test
* Comment out ALL the packaging tests for windows for the moment
* Update go to 1.19.4
* Comment out failing package test
* Comment out ALL the packaging tests for windows for the moment
* Update changelog
* Bump versions
* Update changelog to reflect this being a security release
We discussed in the @fleetdm/g-platform weekly meeting that it would be good to have a read replica enabled by default in load testing, as it matches what we would recommend to customers for deployments of the size we use to load test with.
This is just what I did to get it working in the past, but I'm happy to adjust as you consider appropriate.
* Initial work on sandbox data pipeline
* Update python code to have preliminary code
* Added in final code for sandbox-data.
Huge delay because I needed to double check licensing
This improves osquery-perf with support for a more realistic orbit + fleet desktop simulation as described in #8212
This was based on the work done by @sharvilshah in his branch.
* Bump go to 1.19.1
* Bump remaining go-version to the 1.19.1
* Add extra paths for test-go
* Oops, putting the right path in the right place
* gofmt file
* gofmt ALL THE THINGS
* Moar changes
* Actually, go.mod doesn't like minor versions
* Initial cloudwatch stub for loadtesting/apm
* Fix duplicate policy attachment name
* elastichsearch pull keys from ssh secret
* Set aws region for run-ansible
* Alternate way to specify region in run-ansible
* Fix elasticsearch_ansible ssh file modes
* Cloudwatch agent config elasticsearch
* Fix ansible indents
* Set platform to linux/amd64 for loadtesting docker image
* Use /dev/sdb on elasticsearch/apm
* fixup
* elasticsearch volume mounted
* elasticapm increase shards and size
* Increase elasticapm instance size
* Document how to get the IP for APM ec2 instance
* checkin for testing
* Initial work on packaging, still need to configure fleet to use it
* Add the terraform stuff for installers
* Add iam permissions for packaging
* Add environment variables for installers to fleet
* Implement review fixes
* Add an extra state for provisioned, but not ready for customers
* Add secretsmanager stuff for apple
* fixup
* fixup
* Bugfixes
* fixup
* fixup and added some stuff to the readdme
* Add link to openapi.json in readme
Related to #6894, this entirely replaces FLEET_DEMO with the server config added in #6597
As part of this, I also implemented a small refactor to the integration test suite to allow setting a custom config when the server is initialized.
* Add code for the shared infra part of the demo environment
* Checkin
* checkin
* Checkin for pre-provisioner, got terraform working
* Checkin with the pre-deployer working, now blocked by helm chart
* Add interface for helm
* Add some initial code for the JIT Provisioner lambda
Lots of code taken from https://gitlab.com/hmajid2301/articles/-/tree/master/41.%20Create%20a%20webapp%20with%20fizz
* Update helm chart to work with shared infra (#5621)
* Update helm chart to work with shared infra
* Update helm chart README to reflect changes.
* Checkin
* Checkin
* Checkin, Pre-provisioner actually works
* PreProvisioner is now complete
* Make changes to the JIT provisioner based off of actually learning how
to do stuff
* checkin
* Check in, broken currently
* Add all code except provisioning and emailing user
* Checkin
* Checkin, fixed kubernetes
* Checkin
* Forgot a file
* Finish jit provisioner, need to test now
* Checkin, switching to nginx ingress
* Fleets are now actually accessible
* JITProvisioner now returns working fleet instances
* Deprovisioner code done, just need a few bugs fixed
* Fix the deprovisioner so it works now and re-ip
* fixup
* Finished testing the deprovisioner
* Added monitoring and fixed some bugs
* Add stuff for #6548
* fixed per luke's suggestion
* Fix for inactive task definition arns
* move everything to the prod account
* Bump fleet version and fix a couple of bugs
* Fix a couple of bugs
* Lots of security fixes and a few bug fixes
* Rename demo to sandbox to match product's naming
* Revert "Update helm chart to work with shared infra (#5621)"
This reverts commit 610bbd1c00338620f6cc65fe2aff86139551f465.
Co-authored-by: Robert Fairburn <8029478+rfairburn@users.noreply.github.com>
* add tf vars for cloudwatch log retention & rds snapshot backup retention, update github workflow to deploy new dogfood configurations for new tf vars
* typo and tf fmt
Suggesting setting the key so failed builds can be re-applied without errors. If your terraform build fails and you need to destroy and re-apply, without a recovery window of 0, Secret Manager doesn't allow you to delete the secret and that named secret has to wait 7 days to be deleted.
* remove unused iam poilcy attributes and remove github action on pull request, only workflow dispatch will be required
* update github.tf, commenting out all resources, but leaving in place in case someone else wants to use ODIC providers & Github actions
* Reorganized infrastructure, updated for frontend's loadtesting
* Add changes suggested by @chiiph
* Moved files per suggestion by Ben
* Update docs with new links
* Add config for multi account assume role
