Commit Graph

154 Commits

Author SHA1 Message Date
Zach Wasserman
64b6f748fe
Updates for Fleet 4.13.2 (#5361)
Co-authored-by: Michal Nicpon <michal@fleetdm.com>
2022-04-25 14:54:25 -07:00
Martin Angers
f28dc10a51
Merge jira-integration branch to main (#4949) 2022-04-05 12:56:15 -04:00
Lucas Manuel Rodriguez
57816592ba
Add read replica testing helpers and fix non-sso login bug (#4908)
not set on the INSERT.
- OUT: Only sets the ID on the passed session and returns it. (`CreatedAt`, `AccessedAt`, are not set.)

New version:

```go
func (ds *Datastore) NewSession(ctx context.Context, userID uint, sessionKey string) (*fleet.Session, error) {
	sqlStatement := `
		INSERT INTO sessions (
			user_id,
			` + "`key`" + `
		)
		VALUES(?,?)
	`
	result, err := ds.writer.ExecContext(ctx, sqlStatement, userID, sessionKey)
	if err != nil {
		return nil, ctxerr.Wrap(ctx, err, "inserting session")
	}

	id, _ := result.LastInsertId() // cannot fail with the mysql driver
	return ds.sessionByID(ctx, ds.writer, uint(id))
}
```

- IN: Define arguments that are truly used when creating a session.
- OUT: Load and return the fleet.Session struct with all values set (using the `ds.writer` to support read replicas correctly).

PS: The new `NewSession` version mimics what we already do with other entities, like policies (`Datastore.NewGlobalPolicy`).
2022-04-04 16:52:05 -07:00
Lucas Manuel Rodriguez
c82c580716
Orbit: Add Fleet Desktop support to Windows (#4873)
* Orbit: Add Fleet Desktop support to Windows

* Rename workflow, fix linux build

* Do not compile systray on linux

* nolint on unused

* Fix lint properly

* nolint both checkers

* Fix monitor logic in desktopRunner

* Fix interrupt and execute order
2022-04-01 17:28:51 -03:00
Lucas Manuel Rodriguez
ecdfd627b6
Fleet Desktop MVP (#4530)
* WIP

* WIP2

* Fix orbit and fleetctl tests

* Amend macos-app default

* Add some fixes

* Use fleetctl updates roots command

* Add more fixes to Updater

* Fixes to app publishing and downloading

* Add more changes to support fleetctl cross generation

* Amend comment

* Add pkg generation to ease testing

* Make more fixes

* Add changes entry

* Add legacy targets (until our TUF system exposes the new app)

* Fix fleetctl preview

* Fix bool flag

* Fix orbit logic for disabled-updates and dev-mode

* Fix TestPreview

* Remove constant and fix zip-slip attack (codeql)

* Return unknown error

* Fix updater's checkExec

* Add support for executable signing in init_tuf.sh

* Try only signing orbit

* Fix init_tuf.sh targets, macos-app only for osqueryd

* Specify GOARCH to support M1s

* Add workflow to generate osqueryd.app.tar.gz

* Use 5.2.2 on init_tuf.sh

* Add unit test for tar.gz target

* Use artifacts instead of releases

* Remove copy paste residue

* Fleet Desktop Packaging WIP

* Ignore gosec warning

* Trigger on PR too

* Install Go in workflow

* Pass url parameter to desktop app

* Fix fleetctl package

* Final set of changes for v1 of Fleet Desktop

* Add changes

* PR fixes

* Fix CI build

* add larger menu bar icon

* Add transparency item

* Delete host_device_auth entry on host deletion

* Add SetTargetChannel

* Update white logo and add desktop to update runner

* Add fleet-desktop monitoring to orbit

* Define fleet-desktop app exec name

* Fix update runner creation

* Add API test before enabling the My device menu item

Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2022-03-21 14:53:53 -03:00
Lucas Manuel Rodriguez
f4d3159cc9
Fleetctl to package .app bundles for osquery (and changes for orbit to support them) (#4393)
* WIP

* WIP2

* Fix orbit and fleetctl tests

* Amend macos-app default

* Add some fixes

* Use fleetctl updates roots command

* Add more fixes to Updater

* Fixes to app publishing and downloading

* Add more changes to support fleetctl cross generation

* Amend comment

* Add pkg generation to ease testing

* Make more fixes

* Add changes entry

* Add legacy targets (until our TUF system exposes the new app)

* Fix fleetctl preview

* Fix bool flag

* Fix orbit logic for disabled-updates and dev-mode

* Fix TestPreview

* Remove constant and fix zip-slip attack (codeql)

* Return unknown error

* Fix updater's checkExec

* Add support for executable signing in init_tuf.sh

* Try only signing orbit

* Fix init_tuf.sh targets, macos-app only for osqueryd

* Specify GOARCH to support M1s

* Add workflow to generate osqueryd.app.tar.gz

* Use 5.2.2 on init_tuf.sh

* Add unit test for tar.gz target

* Use artifacts instead of releases

* Remove copy paste residue

* Trigger workflow on PR

* Fixes to ease handling of artifact

* Fix, do not use target name as dir

* Remove workaround
2022-03-15 16:04:12 -03:00
Lucas Manuel Rodriguez
297dd245ec
Run go tests with -race at night (#4090)
* Run go tests with race at night

* Add missing run on step

* Fix boolean logic

* Allow manual run for test-go.yaml

* Add slack notification step

* Try global environment variable for cron schedule

* Fix indentation

* Try number 2

* Try setting cron as usual

* Remove global env

* Only send notification in case of failure when running schedule

* Run with race enable to test

* Add more fixes

* Fix github event variable name

* Set timeouts

* Fix slack notification link

* Re-enable if clause

* Last try on Github Actions

* Re-enable the if clause
2022-02-14 16:38:53 -03:00
Zach Wasserman
ab664e5304
Clean up E2E testing configurations (#3360) 2021-12-24 12:18:00 -08:00
Zach Wasserman
3ff3d35f45
Update Orbit changelog for 0.0.4 release (#3415) 2021-12-19 17:38:10 -08:00
Tomas Touceda
142006cbdd
Issue 2099 enable vulnerability processing new installs (#3104)
* Enable vulnerability processing by default

* Add changes file

* Remove wrong env var

* Fix import

* Fix tests

* Update log line

* Remove unneeded import
2021-12-03 14:44:57 -03:00
Tomas Touceda
a0404b6736
Add software count API (#3105)
* Add software count API

* Fix makefile

* Fine no mock generating at this point

* Actually, one last try

* Use go install instead

* Fix go sum/mod

* Improve documentation

* Try setting node to 14
2021-12-03 10:54:17 -03:00
Lucas Manuel Rodriguez
964f85b174
Amend policy creation and spec (for proprietary query), and add update APIs (#2890)
* Amend policy creation (proprietary query), add update APIs

* Fix Datastore.SavePolicy bug (and add tests)

* Add integration tests for new policy APIs

* Add author email

* Add activities

* Push breaking changes for return policy fields

* WIP

* Add integration test for host policies

* Make more improvements to policy representation

* Improve upgrade code (from PR review comments)

* PR changes

* Revert activities for policies

* Use *uint instead of uint for queryID, use fleet.PolicyPayload

* Filter out other schemas

* New policy flow (#2922)

* created new policy flow -- no API connection

* added api props

* fixed prop name

* lint fixes

* removed unused modal; fixed style

* name, desc icons; created global components

* lint fixes

* ignoring certain files and lines for prettier

* Update frontend/pages/policies/PolicyPage/PolicyPage.tsx

* Make policy names unique across deployment

* Amend upgrade script

* Fix migration for unique names

* Do not deduplicate but instead rename policies

Co-authored-by: Martavis Parker <47053705+martavis@users.noreply.github.com>
2021-11-24 14:16:42 -03:00
Zach Wasserman
e279dc1682
Implement fleetctl updates rotate (#2831)
Add support for updating keys used in the TUF update system.
2021-11-15 10:01:48 -08:00
Zach Wasserman
8dc34be3a3
Updates and fixes for packaging (#2682)
- Fix Windows MSI generation by changing permissions (#2655).
- Refactor temp directory initialization.
- Use root user for Wine in WiX Docker container.
- Support .pkg packaging on Linux without dependencies (besides Docker)
2021-10-27 16:17:41 -07:00
Zach Wasserman
4808e86c40
Add dev DB management rules to Makefile (#2643) 2021-10-22 11:26:54 -07:00
Tomas Touceda
6d2ae02efd
Rename core->free and basic->premium (#1870)
* Rename core->free and basic->premium

* Fix lint js

* Comment out portion of test that seems to timeout

* Rename tier  to premium if basic is still loaded
2021-09-03 13:05:23 -03:00
Zach Wasserman
8a15f6d270
Add codecov to CI (#1824)
This should cause codecov to run on all pull requests and all commits to main.

Currently only doing coverage for Go files.
2021-08-26 09:53:10 -07:00
Zach Wasserman
53e4f1077e
Add make changelog command and update documentation (#1795) 2021-08-25 15:14:24 -07:00
Tomas Touceda
a8642493ad
Add global policies (#1750)
* Add global policies

* Update documentation and add extra parameter to config

* Fix failing tests

* Store historic policy records

* Address review comments

And also remove other inmem references I saw by chance

* Add documentation for get by id request

* Add parameter doc

* Move schema generation to a cmd instead of a test

Otherwise it messes up running all tests sometimes depending on how parallel it does

* Remove brain dump for another task

* Make migration tests a separate beast

* Make schema generation idempotent and move dbutils cmd to tools

* Allow all filters and add counts to Policy

* Add test for Policy
2021-08-24 17:24:52 -03:00
Martin Angers
80fb3cb145
Run golangci-lint with the make lint-go target, adjust workflows (#1778) 2021-08-24 15:36:50 -04:00
Tomas Touceda
c6c63ab12a
Refactor app config (POC, for now) (#1685) 2021-08-20 12:27:41 -03:00
Tomas Touceda
8d1a3409dc
Add netgo tag to prevent crashes on linux when making external requests (#1681)
* Add netgo tag to prevent crashes on linux when making external requests

* Remove unused step
2021-08-16 15:48:45 -03:00
Tomas Touceda
c781058617
Fix build, add missing tests for cpe translations (#1631)
* Fix build, add missing tests for cpe translations

Also dont fail alltogether if there's one issue translating CPEs, log it and continue

* Make it once every hour again

* Use MATCH but escape strings
2021-08-11 14:52:09 -03:00
Benjamin Edwards
29611d8377
modify packs api to filter non-empty pack_type from response (#1558)
* modify packs api to filter non-empty pack_type from response
* change list packs store method to allow filtering for "system-level" packs, by default the api filters these packs from being returned
* add changes file
* don't allow modifications to global or team packs via apply spec
* refactor to use PackListOptions
2021-08-10 09:43:27 -04:00
Tomas Touceda
46b0b7765b
Issue 1435 software to cpe (#1488)
* WIP

* WIP

* Make path optional and fix tests

* Add first generate

* Move to nvd package

* remove replace

* Re-add replace

* It's path, not file name

* Change how db path is set and use etag

* Fix typos

* Make db generation faster

* Remove quotes

* Doesn't like comments

* Samitize etag and save to file

* Refactor some things and improve writing of etagenv

* Compress file and truncate amount of items for faster testing

* Remove quotes

* Try to improve performance

* Ignore truncate error if not exists

* Minor cleanup and make sqlite have cpe prefix

* Simplify code and test sync

* Add VCR for sync test

* Check for nvdRelease nil

* Add test for the actual translation

* Address review comments

* Rename generate command because we'll have a cve one too

* Move to its own dir

* Address review comments
2021-07-29 13:10:34 -03:00
Zach Wasserman
b967eabb3d
Fix frontend rendering error when software vulnerabilities missing (#1251)
This error was not caught in E2E testing because the software inventory
feature flag was turned off. This is now also enabled for E2E tests.

Fixes #1245
2021-06-29 10:03:17 -07:00
Zach Wasserman
5e26af701b Merge branch 'main' into teams 2021-06-25 18:48:20 -07:00
João Paulo Lins
336dc33cf4
Add new option on Makefile to generate Binaries for specific GOOS/GOARCH passed via parameter. Support multi-arch build. (#1199) 2021-06-25 14:56:01 -07:00
RachelElysia
aeb852e168
Remove username from UI (#1168)
* Remove username from UI code
* Remove username from tests
* Remove username from database
* Modify server endpoints for removing username
* Implement backend aspects of removing username
* Update API docs
* Add name to fleetctl
2021-06-24 13:42:29 -07:00
Zach Wasserman
663641d521
Add commands for enrolling hosts in E2E tests (#1089)
- Add `addDockerHost` and `stopDockerHost` commands.
- Example usage in test.
2021-06-15 10:14:57 -07:00
Zach Wasserman
8c97b36764
Set up Cypress testing for Teams/Tiers (#1005)
- Update names/roles of users in `make e2e-setup`.
- Update test SSO user info.
- Add Cypress commands for seeding users/Teams.
- Stub Cypress tests for team/tier matrix.
2021-06-09 11:56:59 -07:00
Zach Wasserman
0356115b03
Remove JWT in Fleet session management (#979)
See #978 for motivations for this change.

Closes #978.
2021-06-06 18:10:58 -07:00
Zach Wasserman
fa01df79d5 Merge branch 'master' into teams 2021-06-05 06:27:38 -07:00
Martavis Parker
cb2682c273
Remove detection for OS during contributor build (#922) (#933)
- No longer detecting for OS make commands
- Using the same internal commands for every OS
- go.sum auto-updated during build
- Document build process on Windows
2021-06-04 08:10:25 -07:00
Zach Wasserman
a40c549d95
Add -trimpath to go build flags for release (#909)
Provides cleaner error paths in release binaries.
2021-06-01 16:03:52 -07:00
Zach Wasserman
417ef2c9b6
Refactor teams service methods (#910)
- Move team-related service methods to `ee/server/service`.
- Instantiate different service on startup based on license key.
- Refactor service errors into separate package.
- Add support for running E2E tests in both Core and Basic tiers.
2021-05-31 17:07:51 -07:00
Zach Wasserman
9876dbe6b6
Implement license loading and validation (#908)
- Load license from ES256 signed JWT key.
- Parse license claims into LicenseInfo struct.
- Update contribution documentation with sample license key.

Closes #816.
2021-05-31 11:35:15 -07:00
Zach Wasserman
a5bd03e5d7 Merge branch 'master' into teams 2021-05-31 10:56:50 -07:00
noahtalerman
4cca4e7e7f
Remove @fleetdm.com emails from fleetdm/fleet repo (#882)
- In tests and documentation, replace `@fleetdm.com` with `@example.com`
- In documentation, replace `hello@fleetdm.com` with `fleetdm.com/contact`
- In documentation, replace `security@fleetdm.com` with `fleetdm.com/contact`
- In Dockerfiles, replace `engineering@fleetdm.com` with `hello@fleetdm.com`. These two files are the only remaining files with a `@fleetdm.com` email.
2021-05-27 17:19:14 -04:00
Zach Wasserman
a17556b2db Merge branch 'master' into teams 2021-04-30 09:40:10 -07:00
Zach Wasserman
1e78c0ffe2
Speed up CI build/test (#657)
- Use NODE_ENV=development for Webpack in CI.
- Add caching for Webpack modules in development.
- Remove time of day from dates in version string (helps with build caching).
- Use Go cache in CI.

This makes about a 20% savings on the total time for the CI run.
2021-04-16 16:14:56 -07:00
Gabriel Hernandez
04712c0426 Merge master into teams 2021-04-14 17:52:15 +01:00
Zach Wasserman
9f71fcf440
Speed up MySQL tests (#585)
Improves MySQL test time (on my 2020 MBP) to ~18s from ~125s.

- Use separate databases for each test to allow parallelization.
- Run migrations only once at beginning of tests and then reload
  generated schema.
- Add `--innodb-file-per-table=OFF` for ~20% additional speedup.
2021-04-03 11:42:27 -07:00
Gabe Hernandez
be77b0de59 add tests for new manage users UI and improve checkbox accessibility (#536)
* e2e test for manage user page, and updating styles for ui components

* make checkbox more accessible and create e2e test around creating user

* add react testing library and use it for radio testing

* clean up comments

* update docs and clean up
2021-03-31 11:58:38 -07:00
Zach Wasserman
2203bd81a2
Add support for IdP-initiated SSO login (#556)
This feature is off by default due to minor potential security concerns
with IdP-initiated SSO (see
https://auth0.com/docs/protocols/saml-protocol/saml-configuration-options/identity-provider-initiated-single-sign-on#risks-of-using-an-identity-provider-initiated-sso-flow).

Closes #478
2021-03-30 12:56:20 -07:00
Zach Wasserman
58d1d025a4
Upgrade go-bindata to maintained github.com/kevinburke/go-bindata (#512)
- This seems to be the maintained, trusted (by Homebrew, etc.) version
  of go-bindata.
- Add tools.go file to pin version with go modules.
- Use go run to run the binary, making easier configuration for new developers.
2021-03-22 11:03:03 -07:00
Zach Wasserman
fbc1636994
Improve E2E testing and test documentation (#448)
- Add Makefile commands for E2E testing.
- Document E2E testing.
- Cleanup other test documentation.
2021-03-11 15:55:58 -08:00
Zach Wasserman
1d23c1452d
Add cleanup before make generate step (#386)
Older files building up in the assets directory was causing binary sizes
to become larger over time. This change should keep binary sizes consistent.
2021-03-04 18:16:20 -08:00
Zach Wasserman
20f21fafe4
Migrate tests to GitHub Actions and add E2E testing (#381)
- Migrate unit tests and linting from CircleCI to GitHub Actions
- Add E2E test in CI run
2021-03-04 17:13:28 -08:00
Zach Wasserman
305a285a35
Remove github.com/golang/dep from Makefile (#336)
This has been long unused in favor of Go modules.
2021-02-18 13:05:08 -08:00