empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-07 01:15:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
5,868 Commits 3 Branches 0 Tags 561 MiB
62981480ae
Commit Graph

5868 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Katheryn Satterlee
62981480ae
Add orbit update url (#8047) 
Added information about where orbit gets updates to FAQ.
 2022-10-14 10:20:13 -05:00
Katheryn Satterlee
412375b21e
Update code signing instructions (#7950) 
Added context about update channel to note about orbit's install path.
 2022-10-14 10:19:02 -05:00
Lucas Manuel Rodriguez
03096ee546
Fix race in tests (modifying already started server config) (#8227) 2022-10-14 12:00:16 -03:00
Gabriel Hernandez
06a9e886a1
fix broken search for manage host page (#8213) 2022-10-14 15:56:02 +01:00
RachelElysia
57c40ac056
Fix tooltip width to not be wider than column (#8220) 2022-10-14 09:30:06 -05:00
RachelElysia
7804406aa8
Fix mdm enrollment status api call (#8218) 2022-10-14 09:29:40 -05:00
Frank Sievertsen
e54f066266
Add display_name to more results (#8204) 
* Make HostResponses with one dedicated function only
* more display_name for Hosts
 2022-10-14 11:14:18 -03:00
Frank Sievertsen
c74161e8f0
new timestamp for HostDisplayName migration (#8224) 2022-10-14 15:59:58 +02:00
Noah Talerman
675ff9e483
Update Agent options empty state (#8192) 
- Update "Orbit" to "Fleet's osquery installer"
 2022-10-13 14:30:56 -07:00
Eric
9e343dff86
Handbook: Fix link in customers ritual table (#8196) 2022-10-13 11:20:21 -05:00
Noah Talerman
e5e2fe7965
Add 2 steps to the "Releasing Fleet" process (#8101) 
- Add a "Deploy to dogfood" step
- Add a "Notify the @sandbox-oncall" step
 2022-10-13 10:32:01 -05:00
Reed Haynes
e68e21d3bc
Update deploy to dogfood instructions (#8038) 
- Changed the "Use workflow from" instructions per advice from @zwinnerman-fleetdm 
- Added note that "main" is not a valid image name and the commit hash must be used instead.
 2022-10-13 10:28:49 -05:00
Marcos Oviedo
ec3f49881f
8009 fleet desktop icon duplication (#8017) 
* Adding a new synchronization mechanism between fleet-desktop app and Orbit service. Improved windows service teardown to ensure that fleet-desktop does not get force killed without getting signaled. Improved windows process enumeration to avoid unnecessary delays during windows service start and windows service teardown. Updating windows service to reflect service teardown extra time due to synchronization.
 2022-10-13 10:58:37 -03:00
RachelElysia
5084ea2783
Fleet UI: Select all fix on table checkboxes (#8198) 2022-10-13 09:29:30 -04:00
RachelElysia
564a25883f
Fleet UI: Fix padding between multiple enroll secrets (#8193) 2022-10-13 09:28:59 -04:00
Eric
2baf6bcbcf
update keychain_acls and account_policy_data examples (#8201) 2022-10-12 17:31:26 -05:00
Luke Heath
7e642eee96
Fixes handbook links (#8195) 
The links without https:// do not work.
 2022-10-12 17:25:01 -04:00
Martin Angers
fae8e4ca2c
Translate the AppConfig and Team validation messages to be more user-friendly (#8171) 2022-10-12 17:10:50 -04:00
Juan Fernandez
6939af045d
Fleet desktop should use lightweight endpoint for getting failing policies count (#8159) 
Fleet desktop should use lightweight endpoint for getting failing policies count
 2022-10-12 17:13:43 -03:00
Juan Fernandez
91ea7bf244
Vulnerabilities not detected if NVD CVE feed is unavailable or rate limited (#8191) 
If there is any problem when synching NVD source, proceed with vuln scan
 2022-10-12 15:09:18 -04:00
Noah Talerman
7b44d0a97b
Remove banner from Team details > Agent options (#8170) 
- Remove info banner that links to help with `overrides`
 2022-10-12 15:08:02 -04:00
Lucas Manuel Rodriguez
b016fc8a3a
Orbit: Add retries to launchctl bootstrap to fix issue with MDM push (#8187) 
* Add retries to launchctl bootstrap to fix MDM push

* Increment retries from 5 to 30
 2022-10-12 15:59:01 -03:00
Juan Fernandez
72cfdac634
Only ingest installed deb_packages (#8160) 
Only ingest deb_packages with status = 'install ok installed'
 2022-10-12 14:27:07 -04:00
Mike McNeil
20d617ee67
Fix typo in keychain_items table schema (#8179) 
* Define "certificate authorities" + normalize capitalization

* Fix typo in keychain_items table schema

* Maybe a bad character?

* Fixing problematic comma

Co-authored-by: Guillaume Ross <guillaume@fleetdm.com>
 2022-10-12 12:17:03 -04:00
Guillaume Ross
eadb3b1081
Adding 6 example queries! (#8165) 
* Adding 6 example queries!

* Adding alf_explicit_auths + a note about a current bug with it

* Reverting sailsrc changes
 2022-10-12 11:13:44 -04:00
Lucas Manuel Rodriguez
bec3824ddb
Update mk-ca-bundle.pl tool in repository (#8184) 
* Update mk-ca-bundle.pl in repository

* Update certs.pem with new version of mk-ca-bundle.pl

* Add extra check against curl.se site
 2022-10-12 12:01:18 -03:00
Roberto Dip
4042f8d826
add browser-related security headers to HTML responses (#8180) 
related to #8031, this adds the following headers to HTML responses:

- Strict-Transport-Security: informs browsers that the site should only
  be accessed using HTTPS, and that any future attempts to access it
  using HTTP should automatically be converted to HTTPS.
- X-Frames-Options: disallows embedding the UI in other sites via
  <frame>, <iframe>, <embed> or <object>, which can prevent attacks like
  clickjacking.
- X-Content-Type-Options: prevents browsers from trying to guess the MIME
  type which can cause browsers to transform non-executable content into
  executable content.
- Referrer-Policy: prevents leaking the origin of the referrer in the
  Referer.

additionally, this ensures we set `X-Content-Type-Options` for CSV and
installer responses.
 2022-10-12 10:19:21 -03:00
Martin Angers
d321cfc68e
Add inherited policies to the team's list policies response payload (#8068) 2022-10-12 08:35:36 -04:00
Lucas Manuel Rodriguez
42c47a6fa7
Add missing return to ingestKubequeryInfo (#8178) 
* Add missing return to ingestKubequeryInfo

* No need to log error twice
 2022-10-12 09:00:49 -03:00
Lucas Manuel Rodriguez
8de3e9f258
Fix Orbit bug when setting empty command_line_flags in agent options (#8176) 2022-10-11 20:11:01 -03:00
Mike McNeil
6fa02da54b
Handbook: Add link to key review deck (#8177) 2022-10-11 15:26:05 -06:00
Frank Sievertsen
23199c3d83
Add missing display_name to getHostEndpoint (#8174) 2022-10-11 17:00:32 -04:00
Eric
831155eb9c
Website: update osquery schema pages - add evented table icons to sidenav, update code highlighting (#8168) 
* Add evented table labels, update code syntax highlighting

* update styles, lint fix

* update comment

* Update osquery-table-details.page.js
 2022-10-11 14:40:08 -05:00
Roberto Dip
174f894b53
fix migration order check by only checking additions (#8172) 
this modifies the migration order CI check to only check for added files
by:

1. Escaping the blob we give to git, so bash doesn't perform expansion,
   this lets git handle the blob matching, which for reasons I don't
   fully understand allows to find file renames.
2. Applying `--diff-filter=A`, which makes git only list file additions.
 2022-10-11 16:31:40 -03:00
Roberto Dip
2bb4ec2e6d
add script to check for migration order (#7803) 
Related to #6142, this adds a CI check for the order of migrations.

As I noted in a comment on the workflow file, it's important to keep in mind that some migrations might still go unnoticed even with this check, example:

1. PR1 adds a migration, CI check pass
2. PR2 adds a migration, CI pass, gets merged
3. PR1 can still be merged because the CI checks aren't run again

The check will fail in `main` however, so if we find the current script to be reliable, we could setup a Slack ping or something similar, to make sure somebody takes a look
 2022-10-11 15:36:15 -03:00
Lucas Manuel Rodriguez
28744bf57e
Consistently log migrations (#8154) 
* Consistently log migrations

* Fix name and update goose version
 2022-10-11 15:20:12 -03:00
Juan Fernandez
351d2c93c4
Add new page explaining how osquery children process are terminated (#8134) 
Add new page explaining how osquery children process are terminated
 2022-10-11 14:09:56 -04:00
Tomas Touceda
d912376f02
Handle tcp read timeouts (#8163) 
* Handle tcp read timeouts properly

* Add changes file

* Fix bad mini refactor after nailing the test

* Update based on review

* Update comment
 2022-10-11 13:58:52 -03:00
Zay Hanlon
dca77054c5
Onboarding: Add 'zayhanlon' to Humans (#8166) 
As part of onboarding issue, add 'zayhanlon' to Humans within receive-from-github.js
 2022-10-11 11:35:23 -05:00
Zay Hanlon
cadcb5e784
Handbook: Remove rotation schedule from CEO shadow (#8164) 
Removed the rotation schedule from CEO shadow program section, per Mike's request. We'll track this via Google Sheets
 2022-10-11 09:56:54 -06:00
Mo Zhu
a6cf95495c
fix formatting and spelling of handbook quality section (#8078) 2022-10-11 11:47:24 -04:00
RachelElysia
7de1b847ea
Fleet UI: Host's software details links to software, improved responsiveness (#8080) 2022-10-11 09:27:20 -04:00
Charlie Chance
6e91039d09
Update ceo-handbook.md (#8158) 2022-10-10 16:35:40 -06:00
dependabot[bot]
35ae71502f
Bump actions/setup-go from 3.2.1 to 3.3.0 (#7470) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.2.1 to 3.3.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](84cbf80943...268d8c0ca0)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-10-10 18:55:13 -03:00
dependabot[bot]
c307800718
Bump github.com/oschwald/geoip2-golang from 1.6.1 to 1.8.0 (#7767) 
Bumps [github.com/oschwald/geoip2-golang](https://github.com/oschwald/geoip2-golang) from 1.6.1 to 1.8.0.
- [Release notes](https://github.com/oschwald/geoip2-golang/releases)
- [Commits](https://github.com/oschwald/geoip2-golang/compare/v1.6.1...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/oschwald/geoip2-golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-10-10 18:53:19 -03:00
dependabot[bot]
52b298ff69
Bump gopkg.in/guregu/null.v3 from 3.4.0 to 3.5.0 (#7768) 
Bumps [gopkg.in/guregu/null.v3](https://github.com/guregu/null) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/guregu/null/releases)
- [Commits](https://github.com/guregu/null/compare/v3.4.0...v3.5.0)

---
updated-dependencies:
- dependency-name: gopkg.in/guregu/null.v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-10-10 18:52:07 -03:00
dependabot[bot]
ddc47b3096
Bump golang from 1.19.1-bullseye to 1.19.2-bullseye (#8091) 
Bumps golang from 1.19.1-bullseye to 1.19.2-bullseye.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-10-10 18:45:01 -03:00
Roberto Dip
e630fabf89
token rotation for fleet desktop (#7779) 
This implements what's described in detail here https://github.com/fleetdm/fleet/blob/main/proposals/fleet-desktop-token-rotation.md
 2022-10-10 17:15:35 -03:00
gillespi314
ca379e7459
Fix directIngestOSWindows error in query ingestion for non-Windows hosts (#8148) 2022-10-10 13:27:15 -05:00
RachelElysia
858bb75609
Documentation: Seeding data links to creating test hosts (#8131) 2022-10-10 14:08:18 -04:00