Changes:
- Updated the deploy-vulnerability-dashboard workflow to use the correct
variables for the Heroku steps.
- Added GitHub maintainers to `website/config/custom.js` for the GitHub
workflows related to the vulnerability dashboard.
Closes: https://github.com/fleetdm/confidential/issues/4057
Changes:
- Added the contents of the fleet-vulnerability-dashboard repo to
ee/vulnerability-dashboard
- Added a github workflow to deploy the vulnerability dashboard on
Heroku
- Added a github workflow to test changes to the vulnerability-dashboard
- Updated the website's custom configuration to enable
auto-approvals/review requests to files in the
ee/vulnerability-dashboard folder
> Note: these changes were originally in
https://github.com/fleetdm/fleet/pull/17450, but were moved into a
separate PR to remove the code owner review requirement from that PR
Changes:
- Updated Andre Shields's job title
- Updated Dan Grzelak's quote (Removed an emoji)
- Updated Erik Gomez's job title
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
For https://github.com/fleetdm/fleet/issues/13891
Changes:
- Updated the version of the osquery schema used to generate
osqeury_fleet_schema.json (`5.9.1` » `5.11.0`)
- Removed the table override file for the `atom_packages` table (It was
removed from the osquery schema, our override file was previously hiding
the table)
- Ran the `generate-merged-schema` script to regenerate
osquery_fleet_schema.json
Closes: #14847
Changes:
- Added two new pages:
- `/try-fleet/explore-data`: A page where users can select a host, and
be taken to a page where they can see query results for that host.
- `try-fleet/explore-data/:platformName/:tableName`: A page where users
can see the contents of osquery tables on hosts.
- The view-action for this page will:
- Redirect unauthenticated users to the /try-fleet/login page. (With a
query parameter that will tell the login/register pages to redirect
users back to this page)
- Get information for hosts on a specified team.
- Build a filtered list of osquery tables that are compatible with the
host and have queries that will run on a specified host.
- Get the latest query results for a specified query/osquery table for
the specified host, and reorder the results to match the order of the
columns in the osquery schema.
- Updated build-static-content to add information about osquery tables
for the /explore-data pages to
`sails.config.builtStaticContent.osqueryTables`.
- Added 5 new config variables:
- `sails.config.custom.fleetBaseUrlForQueryReports`: The URL of the
Fleet instance used for the /explore-data pages
- `sails.config.custom.fleetTokenForQueryReports`: An API token for the
Fleet instance used for the /explore-data pages
- `sails.config.custom.teamApidForQueryReports`: the API ID of the team
that the hosts listed on the explore-data page are in.
- `sails.config.custom.queryIdsByTableName`: A dictionary containing
key:value pairs where each key is the name of an osquery table, and the
value is the API ID of the query that gets results for this table in a
Fleet instance. This is stored in the custom configuration to make it
easily editable (If we ever need to add or remove queries
- `sails.config.custom.hostIdsByHostPlatform`: A dictionary containing
key:value pairs where each key is a type of operating system, and the
value is the API ID of a Host.
- Updated the `/try-fleet` redirect to go to `/try-fleet/explore-data`
- Updated the "try it out" button links to go to `/try-fleet`
- Updated /try-fleet/login and /try-fleet/register to send users who are
redirected to the page via the /explore-data page to the page they had
tried to navigate to when they log in/create an account.
I'm creating this as a PR as a draft. It will be ready to merge when we:
- [x] Add hosts to the "Explore data (fleetdm.com) [DO NOT DELETE]" team
- [x] Create queries for every compatible osquery table for the "Explore
data (fleetdm.com) [DO NOT DELETE]" team.
- [ ] Add a `sails.config.custom.queryIdsByTableName` config variable
with the query IDs for the queries created in the previous step
- [ ] Add `sails.config.custom.hostIdsByHostPlatform` config variable
with the real host IDs/platforms
When running a live query recently, I noticed some columns in the
results that we didn't have documented, and realized we weren't using
the latest osquery schema version when regenerating the merged schema.
According to the docs, [we support the latest version of
osquery](https://fleetdm.com/docs/using-fleet/enroll-hosts#supported-osquery-versions),
so figure we ought to update the schema version to the latest.
---------
Co-authored-by: Eric <eashaw@sailsjs.com>
Automation: Try removing trailing slash on `handbook/` in this config to
verify that editing https://github.com/fleetdm/fleet/pull/13196 as me
does put the `#g-ceo` label properly back on this PR.
If that doesn't work, then we need to keep digging into what's wrong.
Everyone can contribute to the handbook, and page DRIs are expected to
keep their pages up to date. To shape and absorb changes, and learn from
how GitLab evolved its handbook as that company grew, CEO will ALSO
review all PRs that change the handbook before they are merged.
(Background: As of mid-2023, there are only ≤3 handbook PRs per weekday
on the busiest of weeks. If this increases dramatically, or when time
allows the company to prioritize writing down the content design,
structure, and vision for the evolution of the handbook, we'll change )
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
- Deduplicate config for DRI vs CODEOWNERS (this eliminates extra
notifications folks were receiving)
- auto-remove #g-ceo and #handbook labels when appropriate
- improve comments
I missed that infrastructure directories were also listed in the
maintainers section, which also auto-approves.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
- reevaluate and potentially request review from others when PR is
edit…ed
- plus two optimizations to avoid tricking/testing the github api with
duplicate reviewers and empty reviewers
https://github.com/fleetdm/confidential/issues/3146
To test this works:
- sam should be able to change ceo handbook and be autoapproved
- mike submitting a PR to the ceo handbook should request review from
Sam but auto-approve for mike
- Jarod's use case of creating an article should now work, even if his
PR contains images
.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
Closes: https://github.com/fleetdm/confidential/issues/2964
Changes:
- Updated the `receive-from-customer-fleet-instance` webhook to send a
request to a Workspace One OAuth URL to get the authorization token used
to send requests to a Workspace one instance.
Before this is merged, we will need to:
- [ ] remove the `sails.custom.config.customerWorkspaceOneTenantId` and
`customerWorkspaceOneAuthorizationToken` config variables.
- [ ] Add two new config variables:
`sails.config.custom.customerWorkspaceOneOauthSecret` and
`sails.config.custom.customerWorkspaceOneOauthId`
.
I want to add myself to Engineering DRIs so I can iterate faster on the
engineering handbook.
---------
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
Changes:
- Added a new Sails generator, `landing-page`, that generates a page
with our current landing page layout with lorum ipsum and placeholder
images. New pages created by this generator will live in the `/imagine/`
subfolder and can be created by running (from the `website/` folder) `.
- Added a handbook entry about using the landing page generator.
- Removed the `experimental/okta-webflow` page.
---------
Co-authored-by: Jarod Reyes <jarodreyes@gmail.com>
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
