empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 17:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
5,303 Commits 3 Branches 0 Tags 561 MiB
05ddeade90
Commit Graph

742 Commits

Author SHA1 Message Date
Roberto Dip
05ddeade90
add back-end implementation for SSO JIT provisioning (#7182) 
Related to #7053, this uses the SSO config added in #7140 to enable JIT provisioning for premium instances.
 2022-08-15 14:42:33 -03:00
Martin Angers
b891e0d7f7
Add mdm solution payload to GET /hosts response when filtering by mdm_id (#7198) 2022-08-15 12:57:25 -04:00
gillespi314
90f57f4849
Enhance API endpoints with host operating systems info (#7154) 2022-08-12 14:23:25 -05:00
Juan Fernandez
8dccc42027
Bug 5983: Performance issues when listing software (#6879) 
Improve performance when listing software by using the software_host_counts aggregate table.
 2022-08-10 17:43:22 -04:00
Martin Angers
c8cdddf0ea
Update /macadmins endpoints to include MDM name and aggregate count (#7137) 2022-08-10 15:15:01 -04:00
Roberto Dip
fc8c15c0d1
add application config setting to enable JIT provisioning (#7140) 
As part of #7053, this adds a config setting to enable JIT provisioning.
 2022-08-10 15:15:35 -03:00
gillespi314
e2194be61c
Add schedule package and refactor cron jobs for cleanups, aggregations, and usage statistics (#6618) 2022-08-10 11:00:56 -05:00
Martin Angers
9755eb2e27
Support async saving of scheduled query statistics (#7012) 2022-08-10 10:01:05 -04:00
gillespi314
3a88afaf98
Add new database tables and queries for host operating systems (#6920) 2022-08-09 13:34:41 -05:00
Lucas Manuel Rodriguez
6dcff28be0
Move specs parsing functionality to a new pkg/spec package (#7050) 2022-08-05 19:07:32 -03:00
Roberto Dip
2b8743e240
send enroll secret in query for installers (#7064) 
This changes how the enroll secret is sent to the server, as they might contain /, which was causing problems with our router.
 2022-08-04 18:39:38 -03:00
Juan Fernandez
966bfbf85e
Feature 6487: Deprecate cpe_id from software_cve table (#6562) 
Part 2/3 of the removal of the cpe_id column from the software_cve table in favor of using the newly added software_id coumn.
 2022-08-04 09:24:44 -04:00
Martin Angers
c1d38598e2
Prevent removing team enroll secrets when applying team specs without new secrets (#6890) 2022-08-02 09:51:03 -04:00
Gabriel Hernandez
f61a17bd9b
add google analytics to sandbox instances (#6941) 
* add google analytics to sandbox instances

* Add serverType variable to frontend handler

* update version of html-webpack-plugin

Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com>
 2022-08-01 11:27:12 +01:00
Roberto Dip
90b723e45a
consolidate sandbox env flags (#6917) 
Related to #6894, this entirely replaces FLEET_DEMO with the server config added in #6597

As part of this, I also implemented a small refactor to the integration test suite to allow setting a custom config when the server is initialized.
 2022-07-27 16:47:39 -03:00
RachelElysia
52673b6ed2
Sentence case error (#6845) 2022-07-25 13:14:05 -04:00
gillespi314
0312454f4c
Modify host battery health returned by GET /hosts/:id (#6782) 2022-07-20 21:16:03 -05:00
Michal Nicpon
d4be5ad2a1
add upgrade tests (#6596) 
* add upgrade tests

* fix lint issues

go.mod

* remove req.cnf

* revert unrelated changes

* make version configurable in test

* fix golangci-lint ruleguard issue

Related to https://github.com/go-critic/go-critic/issues/1152
Need to have github.com/quasilyte/go-ruleguard/dsl

* fix lint issues

* fix

* clean up docker-compose.yml

* fix http request

* add readme

* fix lint issues

* address feedback

* fix

* add platform

* address feedback

* run go fmt
 2022-07-19 15:11:51 -06:00
Lucas Manuel Rodriguez
de1717291d
Set authz checked when rate limiting device endpoints (#6702) 
* Set authz checked when rate limiting device endpoints

* Unexport var and attempt to fix flaky test
 2022-07-18 14:22:49 -03:00
Eng Zer Jun
1ab171faf3
test: use T.Setenv to set env vars in tests (#6714) 
This commit replaces `os.Setenv` with `t.Setenv` in tests. The
environment variable is automatically restored to its original value
when the test and all its subtests complete.

Reference: https://pkg.go.dev/testing#T.Setenv
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 2022-07-18 14:22:28 -03:00
Roberto Dip
69f8f2a73b
add API endpoints to retrieve pre-built installers (#6672) 
Rel: #6365, this adds a new endpoint to check and download pre-built installers.
 2022-07-18 13:44:30 -03:00
Roberto Dip
6faee84f57
allow to configure a default global enroll secret (#6609) 
Related to #6365 this adds a new config to set a global enroll token that will be used by the server.
 2022-07-12 19:12:10 -03:00
Tomas Touceda
7f8099db57
Add sandbox fleet serve config (#6619) 
* Add sandbox fleet serve config

* Update docs

* Maybe fix lint issues

* Add lint dep
 2022-07-12 18:21:15 -03:00
Tomas Touceda
af0cf9b703
Add rate limits for device authed endpoints (#6529) 
* Add rate limits for device authed endpoints

* Fix lint

* Add missing test

* Fix test

* Increase the quota for desktop endpoints

* Add comment about quota
 2022-07-11 10:49:05 -03:00
Roberto Dip
1ed8efacfa
increase the length of host_batteries.health (#6560) 
Rel to #6559, this increases the size of host_batteries.health for cases like "Check Battery" that exceed 10 chars
 2022-07-08 21:06:50 +00:00
Zach Wasserman
03734a37aa
Add server support for Fleet Sandbox demo login (#6387) 
* Add server support for Fleet Sandbox demo login

This adds an endpoint `/api/latest/fleet/demologin` that provides a
redirect for the fleetdm.com portion of Fleet Sandbox to automatically
log in a user. The username and password must be provided as form
values. The endpoint is only enabled if `FLEET_DEMO=1` is set in the
server environment.

This was tested locally with the following HTML served by `python3 -m
http.server`, and the Fleet server running with `FLEET_DEMO=1
./build/fleet serve --dev`:

```
<!DOCTYPE html>
  <body>
    <form
      method="post"
      action="https://localhost:8080/api/latest/fleet/demologin"
      id="demologin"
    >
      <input type="hidden" name="email" value="admin@example.com" />
      <input type="hidden" name="password" value="admin123123#" />
      <input type="submit"/>
    </form>
    <script type="text/javascript">
      document.forms["demologin"].submit();
    </script>
  </body>
</html>

```

For Fleet sandbox purposes, the `action` should be set to the correct
hostname for the sandbox instance, while the `email` and `password`
should be set to the same credentials that were provided when creating
the instance.

* lucas comments

* Add integration tests

* Fix status codes and add comments

Co-authored-by: Martin Angers <martin.n.angers@gmail.com>
 2022-07-01 16:52:55 -03:00
Zach Wasserman
db22f68c88
Separate health checks for MySQL and Redis (#6468) 
This required a bit of refactoring of some mocking due to how the code
generation does not handle having the same function in different types.
 2022-07-01 08:08:03 -03:00
Martin Angers
b9930930f5
Document the device-authenticated endpoints in API for Contributors (#6406) 2022-06-29 08:12:20 -04:00
Martin Angers
539be8ee09
Add battery info in host details response (#6394) 2022-06-28 14:11:49 -04:00
Juan Fernandez
9d01ba33c6
Feature 6096: Scan RHEL/CentOS hosts using OVAL definitions (#6241) 
Extended the OVAL parser/analyzer so that we can scan RHEL based systems.
 2022-06-23 16:44:45 -04:00
gillespi314
15de4f3e65
Update Fleet host detail query so os_version for Ubuntu hosts reflects accurate patch number in point release (#6360) 2022-06-23 15:24:18 -05:00
Lucas Manuel Rodriguez
fc7650c4f8
Fix mock tests set test name (#6345) 
* Set mock test on live query mocked tests

* Use MySQL 5.7 as default in docker-compose.yml
 2022-06-23 11:34:52 -03:00
Roberto Dip
2948e112f6
ensure software_host_counts is cleaned when software is deleted (#6270) 
Related to #5982, this ensures we clean up software_host_counts rows referencing software that is not longer present in the software table.
 2022-06-22 17:35:53 -03:00
Lucas Manuel Rodriguez
9b210fc6bd
Add support for CA root certificate to Fleet Desktop (fleetctl package's --fleet-certificate flag) (#6312) 
* Orbit to pass the value of `--fleet-certificate` to Fleet Desktop

* Add changes for testing
 2022-06-21 16:25:36 -03:00
Roberto Dip
4a867d53dc
use a single context for background jobs and HTTP handlers (#6313) 2022-06-21 15:09:00 -03:00
Martin Angers
7bfe93f5d7
Include an error code as query string in /sso/callback response in case of failure (#6286) 2022-06-21 09:04:50 -04:00
Aaron
75f093e802
Use nanoseconds for campaign IDs (#6216) 
Fixes #4806 by adding resolution to the generated IDs.
 2022-06-14 15:46:09 +00:00
gillespi314
ed4ae18602
Handle transparency url for downgraded license (#6207) 2022-06-13 16:03:51 -05:00
Martin Angers
81f0e0ccfa
Track active hosts count and enforce limit (#6099) 2022-06-13 16:29:32 -04:00
Roberto Dip
19c5e3545b
add a dedicated endpoint that redirects to fleet_desktop.transparency_url (#6204) 
As part of https://github.com/fleetdm/fleet/issues/5947, and in order to have a simplified workflow in Fleet Desktop, we defined https://github.com/fleetdm/fleet/issues/6200 to add a new endpoint that redirects to the transparency url as defined in the config (for premium users only)

```
~/projects/fleet $ curl -v -s https://localhost:8080/api/latest/fleet/device/bf34ab98-23b0-48bc-8e82-8c0143cba11c/transparency
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
< HTTP/2 307
< content-type: application/json; charset=utf-8
< location: https://fleetdm.com/transparency
< content-length: 0
< date: Mon, 13 Jun 2022 18:09:29 GMT
<
* Connection #0 to host localhost left intact
```
 2022-06-13 16:07:08 -03:00
Martin Angers
7f9bb6431e
Update team integrations to reference global integrations (part of failing policies automation support) (#6156) 2022-06-13 10:04:47 -04:00
Lucas Manuel Rodriguez
11af33e9a1
Allow troubleshooting of mocked live query store (#6197) 2022-06-13 10:18:03 -03:00
Lucas Manuel Rodriguez
515454e47f
Fix no such table errors for mdm & munki_info in vanilla osquery macOS hosts (#6170) 
* Add discovery queries for mdm and munki_info

* Add changes file

* Amend discovery table tests
 2022-06-13 08:52:33 -03:00
Lucas Manuel Rodriguez
4cfeaa1580
Do not use golangci action for better reproducibility (use make lint-go) (#6175) 
* Do not use golangci action for better reproducibility

* Add fix to trigger build

* Fix all reported issues

* fix more lint errors

* Add missing import

* Remove unused method

* Remove change not necessary
 2022-06-10 18:52:24 -03:00
gillespi314
44f902218c
Improve live query UX (#5749) 2022-06-10 13:29:45 -05:00
gillespi314
a3ab5646f5
Add new fleet_desktop property to config object (#6151) 2022-06-10 10:39:02 -05:00
Roberto Dip
3bcd4e4ca6
Revert "pin api version in DeviceClient.ListDevicePolicies (#6139)" (#6163) 
This reverts commit 4d184ef583.
 2022-06-09 20:35:40 -03:00
Tomas Touceda
a15101601c
Use the improved users query everywhere (#6126) 
* Use the improved users query everywhere

* Filter out users without a home dir
 2022-06-09 17:18:28 -03:00
Tomas Touceda
fc215610a4
Allow users to customize detail queries for troubleshooting purposes (#6150) 
* Allow users to customize detail queries for troubleshooting purposes

* Address review comments
 2022-06-09 10:33:49 -03:00
Roberto Dip
a6cf9b3d8d
add endpoint in devices API to query for api features (#6152) 
Related to #6063, this adds a new device API to get an object with boolean values that we can use as feature flags to manage backwards compatibility in Fleet Desktop.
 2022-06-09 10:17:55 -03:00