This PR includes the Deployment section of the documentation restructure #144.
- Changes include the addition of 3 overarching folders/sections named Deployment, Using fleet, and Contribution guide. Each folder includes new files for the subsections.
- Move the copy from the appropriate files into the new files in the Deployment folder. Removed old files. A detailed outline of the exact old files can be found in the linked issue above.
- Add navigation to the top of each file via links to anchors in the markdown.
The naming convention for each folder and file is up for discussion. I chose to use number prefixes (1, 2, 3) to order the folders and files. This way we have control over the order when viewing on GitHub.
Running applications as root (default Docker user) is not a good security practice. The goal of this PR is to run the Fleet application as a non-root user.
For development you can still access the container as root with the following command: `docker run -it --user=0 <fleetdm container ID> bash`
- Add help text within dropdown in smaller font size underneath "Require password reset" saying "This will revoke all active Fleet API tokens for this user."
- Update API docs to use "API token" parlance instead of "Auth token"
The final PR for the UI Refresh #38.
- Complete UI issues caught during the Dec. 09 QA pass.
- Update button and color styles, including hover and active states, to align with the mockups.
- Update status labels in the hosts list and users list. The status label now includes a colored circle along with a text description.
- Fixes#138.
Fixes#65 by bringing in new regular and bold Source Code Pro monospaced fonts.
- Remove old Source Code Pro font files
- Add new platform icons to <QuerySidePanel />
- Edit styles in <EditPackForm />
This adds the option to set up an S3 bucket as the storage backend for file carving (partially solving #111).
It works by using the multipart upload capabilities of S3 to maintain compatibility with the "upload in blocks" protocol that osquery uses. It does this basically replacing the carve_blocks table while still maintaining the metadata in the original place (it would probably be possible to rely completely on S3 by using object tagging at the cost of listing performance). To make this pluggable, I created a new field in the service struct dedicated to the CarveStore which, if no configuration for S3 is set up will be just a reference to the standard datastore, otherwise it will point to the S3 one (effectively this separation will allow in the future to add more backends).
- Add new PNG files for the new icons in the left side navigation and the right side labels on the Hosts page.
- Rename the old `<Icon />` component to `<KolideIcon />` and create a new `<Icon />` component. The ultimate goal is to get rid of the `<KolideIcon />` and `<PlatformIcon />` components and use the encompassing `<Icon />` component for all icons. The full transition will be made when we have icon assets to replace all the kolide icons and platform icons. Currently, we don't.
- Rename the `icon_name_for_label.js` utility to `icon_name.js` because the utility now includes `iconNameForLabel()` and `iconNameForPlatform()` functions.
- Fixes issue #127.
Mitigate
[CVE-2020-26273](https://github.com/osquery/osquery/security/advisories/GHSA-4g56-2482-x7q8)
by attempting to prevent users from executing or saving queries that use
the SQLite `ATTACH` command.
Users must still update to osquery 4.6.0 to ensure the functionality is
fully disabled in osquery.
@ahmedmusaad added documentation for the following API endpoints:
/api/v1/kolide/users GET
/api/v1/kolide/users POST
/api/v1/kolide/users/admin POST
/api/v1/kolide/users/{id} GET
This addresses an issue some users experienced in which performance
problems were encountered when hosts were "competing" for enrollment
using the same osquery host identifier. The issue is addressed by adding
a cooldown period for host enrollment, preventing the same (as judged by
osquery host identifier) host from enrolling more than once per minute.
When users end up in the problematic scenario, they will see quite a bit
of error logs due to this issue. For now that's probably a good thing as
users need to be aware of the lack of visibility. We can explore rate
limiting the logging if that becomes an issue for someone.
Fixes#102
- Kolide404 and Kolide500 components renamed to Fleet404 and Fleet500
- Styling for Login and Confirm invite pages are consistent with the recent changes to the Setup page.
- Add "*" character to the 404 <Route />'s path property. Now the 404 page renders when there is no exact path match.
The goal of this PR is to implement the new global styling (colors, buttons, and fonts) to the "App settings" and "Osquery options" pages. These pages are only visible to users granted an admin role.
The goal of this PR is to update the style across the query and packs pages so they are consistent with the latest global styles (colors, buttons, and fonts).
The goal of this PR is to change the layout of the manage users to a table (list view).
Move the user actions into the table view.
Move EditUserForm into a Modal
Update styles for InviteUserForm
Edit copy for the configuring SMTP warning.
The goal of this PR is to update the styles of the LabelForm component.
Also include global style changes for form components (FormField, LabelForm, and others).
Fourth attempt to limit the "Deploy Fleet Website" workflow to only the fleetdm/fleet repository.
Add the $ character to the $GITHUB_REPOSITORY env variable.
- The goal of this PR is to update the styles of the "Add new host" modal.
- Move the "Add new host" button from the hosts sidebar to the center column.
- Add max-width to the hosts list container and the hosts header.
* rename dir
* no need to install website or docs from npm
At some point, would also be nice to be able to exclude assets/ as well, and to only install a pre-built version of Fleet's frontend code
* Bring in fleetdm.com website
From https://github.com/fleetdm/fleetdm.com as of https://github.com/fleetdm/fleetdm.com/releases/tag/v0.0.21
* add procfile for heroku
Using https://github.com/timanovsky/subdir-heroku-buildpack
* avoid getting anybody's hopes up
* Create deploy-fleet-website.yml (#82)
* Create deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* update pjs with SPDX-like license expressions. also fix repo URL
and remove package lock
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* remove dummy uri
* Dissect deploy script
* Update deploy-fleet-website.yml
* workaround for eslintrc nesting issue
* lint fixes
* forgot the .js
* add per-commit git config
* Update deploy-fleet-website.yml
* might as well remove that
* cleanup
* connect w/ heroku app and have it actually push
* fix bug I introduced in 578a1a01ffb8404aae869e05005e30a6ba2b2a95
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* the beauty, the glory, of javascript
* GH actions don't like "\n"
* Update deploy-fleet-website.yml
* restore \n chars from 0d45e568f693efba7d7072085bc98d72a482d9ae
hoping I was wrong in 0d45e568f693efba7d7072085bc98d72a482d9ae but see also https://github.community/t/what-is-the-correct-character-escaping-for-workflow-command-values-e-g-echo-xxxx/118465/5
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* Update deploy-fleet-website.yml
* rename script to prevent duplicate building
* Configure the real website
* clean up
* a test of the deploy workflow
* add handbook to npmignore
* I guess you could call this fixing a typo
* point workflow at master branch
* now clearly bogus: this completely unused version string
